← Back to Skills Marketplace
573
Downloads
0
Stars
6
Active Installs
2
Versions
Install in OpenClaw
/install password-generator
Description
生成随机安全密码。长度12-16位随机(默认),包含大小写字母、数字、符号。当用户要求生成密码、创建密码、随机密码时使用此技能。
Usage Guidance
This skill generates passwords as advertised, but I recommend caution before installing or using it as-is:
- The script uses Python's random module (not cryptographically secure). Prefer the 'secrets' module (secrets.choice or secrets.token_urlsafe) for generating passwords.
- It prints the password to stdout (may end up in logs) and always appends the password in plaintext to '/root/.openclaw/workspace/memory/passwords.md'. That path is hardcoded and may not exist or may expose secrets to other users/processes. Consider changing to a per-user secure location and setting restrictive file permissions (e.g., 600).
- The SKILL.md refers to 'memory/passwords.md' (relative), but the code writes to an absolute /root path — verify and correct the intended storage location.
- Consider adding an option to not save passwords, to encrypt stored entries, or to integrate with a secure password manager instead of writing plaintext files.
If you still want to use this skill: run it in an isolated environment, inspect and modify the script to use the 'secrets' module, change the save location to a secure per-user path, and restrict file permissions before generating real secrets. If you cannot review or edit the script yourself, avoid installing it because it currently exposes generated passwords in plaintext.
Capability Analysis
Type: OpenClaw Skill
Name: password-generator
Version: 1.1.0
The skill accurately implements its stated purpose: generating a random password and saving it to a markdown file within the agent's designated memory directory (`/root/.openclaw/workspace/memory/passwords.md`). There are no signs of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts in SKILL.md. All file operations are confined to the agent's workspace and are consistent with the skill's functionality.
Capability Assessment
Purpose & Capability
Name and description match the included script: the skill generates random passwords with the stated character classes and length. Minor mismatch: SKILL.md says save to 'memory/passwords.md' (relative), but the script writes to an absolute path '/root/.openclaw/workspace/memory/passwords.md'. That may be incorrect or cause failures on non-root systems.
Instruction Scope
SKILL.md instructs running scripts/generate_password.py and saving to memory/passwords.md. The script does this but also prints the generated password to stdout and unconditionally appends the plaintext password to a file under an absolute root path. Printing to logs and appending plaintext passwords to disk are broader/sensitive actions beyond merely generating a password and create clear privacy/security risks. The script does not offer an opt-out for saving, nor does it choose a per-user safe path.
Install Mechanism
Instruction-only skill with a small Python script and no install spec. Nothing is downloaded or installed by the skill itself.
Credentials
No credentials or environment variables are requested (good), but the script writes secrets to a hardcoded location under /root and prints them to stdout. While no external credentials are requested, the choice to store plaintext passwords in a world-accessible location (and under root) is disproportionate and risky for a simple generator.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. However, it writes persistent data to disk (appending passwords to a file). That persistence is normal for 'save password' behavior but should be considered a sensitive side-effect because the file contains plaintext secrets.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install password-generator - After installation, invoke the skill by name or use
/password-generator - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.0
升级:长度改为12-16位随机
v1.0.0
Initial release: generate random 12-char passwords with uppercase, lowercase, digits, and symbols
Metadata
Frequently Asked Questions
What is Password Generator?
生成随机安全密码。长度12-16位随机(默认),包含大小写字母、数字、符号。当用户要求生成密码、创建密码、随机密码时使用此技能。 It is an AI Agent Skill for Claude Code / OpenClaw, with 573 downloads so far.
How do I install Password Generator?
Run "/install password-generator" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Password Generator free?
Yes, Password Generator is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Password Generator support?
Password Generator is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Password Generator?
It is built and maintained by Yukin1218 (@yukin1218); the current version is v1.1.0.
More Skills