Passwordstore Broker
v1.1.1Enforce safe secret handling by collecting secrets through one-time HTTPS forms, storing them in pass via scripts/vault.sh, and executing tools with environm...
⭐ 0· 691·0 current·0 all-time
byMarius@bieggerm
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description claim collecting secrets and storing in pass; included scripts implement TOTP enrollment, a local HTTPS intake form, pass-backed vault operations, and an env-injection wrapper. Declared binary dependencies (pass, gpg, openssl, python3, qrencode) match the implementation.
Instruction Scope
SKILL.md explicitly restricts behavior to local/LAN intake, TOTP validation, storing/retrieving secrets via scripts/vault.sh, and executing commands via run_with_secret.sh. The runtime instructions do not request unrelated files, external endpoints, or unrelated credentials. They do require the agent to present the generated local/LAN URL to the user (expected for the one-time intake flow).
Install Mechanism
No install spec; this is an instruction-first skill with bundled scripts. Nothing is downloaded from external URLs and no archives are extracted. Risk from install-time network downloads is therefore minimal.
Credentials
The skill requests no environment variables or external credentials. It relies on locally-installed tools (pass/gpg) rather than asking for tokens. The number and type of required tools are proportionate to the stated functionality.
Persistence & Privilege
always is false and the skill does not request elevated or system-wide privileges. It writes only into its own directory under the user's home (e.g., ~/.passwordstore-broker) and uses the user's pass store; it does not modify other skills or global agent configuration.
Assessment
This skill appears coherent and implements a local/LAN one-time intake flow that stores secrets into your pass store and injects them into commands without putting secret values in chat. Before installing, verify you are comfortable with: (1) installing and using pass/gpg on the host; (2) the fact that the skill runs a temporary local HTTPS server (ensure you run it on trusted networks and do not expose the intake URL in public channels); (3) storing the TOTP enrollment secret in ~/.passwordstore-broker/totp.secret and treating that file as sensitive (the project warns not to transmit it); and (4) any commands executed via run_with_secret.sh will run with the secret available to that process (so ensure those commands are trusted). If you need higher assurance, review the full get_password_from_user.py contents (it runs the local HTTPS server, LAN autodetection, and TOTP checks) and test in an isolated environment first.Like a lobster shell, security has layers — review code before you run it.
latestvk975wd88g2njdm97rh0rtcgk5x81ce6t
License
MIT-0
Free to use, modify, and redistribute. No attribution required.