← 返回 Skills 市场

🔌

AceToolz Password Generator

Name: AceToolz Password Generator
Author: acetoolz

作者 AceToolz · GitHub ↗ · v1.0.2 · MIT-0

cross-platform ⚠ suspicious

105

总下载

当前安装

版本数

在 OpenClaw 中安装

/install acetoolz-password

功能描述

Generate secure passwords via the AceToolz API. No passwords are stored — generated and returned in real-time.

使用说明 (SKILL.md)

AceToolz Password Generator

Use this skill whenever the user asks to generate a password.

How to Use

Use exec to call the AceToolz API. Detect the OS and run the appropriate command:

Windows (PowerShell):

Invoke-RestMethod -Uri "https://www.acetoolz.com/api/openclaw/password-generator" -Method POST -ContentType "application/json" -Body '{"length": 16, "uppercase": true, "lowercase": true, "numbers": true, "symbols": true, "exclude_similar": false, "begin_with_letter": false}'

macOS / Linux (curl):

curl -s -X POST https://www.acetoolz.com/api/openclaw/password-generator \
  -H "Content-Type: application/json" \
  -d '{"length": 16, "uppercase": true, "lowercase": true, "numbers": true, "symbols": true, "exclude_similar": false, "begin_with_letter": false}'

Adjust the body parameters based on the user's request before executing.

Parameters (all optional)

Field	Type	Default	Description
`length`	number	16	Password length (4–128)
`uppercase`	boolean	true	Include A–Z
`lowercase`	boolean	true	Include a–z
`numbers`	boolean	true	Include 0–9
`symbols`	boolean	true	Include !@#$%^&*
`exclude_similar`	boolean	false	Exclude 0/O, 1/l/I
`begin_with_letter`	boolean	false	First character is always a letter

Examples:

"generate a 20-character password" → length: 20
"numbers only PIN" → uppercase: false, lowercase: false, symbols: false, numbers: true
"memorable password" → symbols: false, exclude_similar: true

Presenting Results

Show the password clearly and mention the character types used:

Generated Password X7#mK9pL!qRv2nBw

Length: 16 | Uppercase ✓ | Lowercase ✓ | Numbers ✓ | Symbols ✓

Powered by AceToolz

Error Handling

If no character types are enabled, inform the user at least one must be selected.
If length is out of range (4–128), tell the user the valid range.
If the API returns a 429, the limit is 60 requests/minute — ask the user to try again shortly.
If the API is unreachable, tell the user and suggest visiting https://www.acetoolz.com/generate/tools/password-generator directly.

安全使用建议

This skill is coherent with its description but remember it sends generated passwords to a third party (https://www.acetoolz.com). If you need passwords that never leave your device, prefer a local generator. If you decide to use this skill: (1) treat generated passwords as sensitive — avoid sending them to other services, (2) verify the endpoint uses HTTPS and consider testing with non‑sensitive passwords first, (3) review AceToolz's privacy/storage policy before trusting real secrets, and (4) if you want stronger assurance, request or implement a purely local generation skill that uses a cryptographic RNG instead of an external API.

功能分析

Type: OpenClaw Skill Name: acetoolz-password Version: 1.0.2 The skill generates passwords by instructing the agent to execute shell commands (curl or Invoke-RestMethod) against a third-party API (acetoolz.com). This is classified as suspicious because it relies on the agent to safely construct shell commands using user-provided parameters, which presents a risk of shell injection. Additionally, generating sensitive credentials via an external web service instead of locally is a significant privacy and security risk, as the service provider could potentially log the generated passwords.

能力评估

✓ Purpose & Capability

The name/description claim (generate passwords via AceToolz API) matches the runtime instructions: the SKILL.md explicitly sends POST requests to https://www.acetoolz.com/api/openclaw/password-generator. No unrelated binaries, env vars, or install steps are requested.

⚠ Instruction Scope

The instructions tell the agent to call the external AceToolz API and return the generated password to the user. That is within the stated purpose, but it means secret data (the generated password) is transmitted to a remote service. The SKILL.md asserts 'No passwords are stored' but provides no verification or guidance for auditing storage/retention policy on the AceToolz side. The skill also requires outbound network permission (declared) and uses exec/curl/Invoke-RestMethod to perform calls.

✓ Install Mechanism

Instruction-only skill with no install spec and no code files — no new software is written to disk. This is the lowest install risk.

✓ Credentials

The skill requests no environment variables, credentials, or config paths. No broad secrets are requested, which is proportionate to a simple API-calling password generator.

✓ Persistence & Privilege

always:false (default) and no indications the skill writes persistent agent-global configuration or modifies other skills. Autonomous invocation is allowed (platform default) but not an added privilege here.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install acetoolz-password
安装完成后，直接呼叫该 Skill 的名称或使用 /acetoolz-password 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.2

- Switched password generation from web_fetch to exec-based API calls for improved reliability. - Clarified that no passwords are stored; all are generated and returned in real-time. - Removed fallback mechanism and web_fetch instructions; now always uses exec for both Windows and macOS/Linux. - Updated error handling and documentation for API unreachable scenarios.

v1.0.1

- Adds a fallback mechanism: if `web_fetch` fails, the skill now automatically uses an OS-specific `exec` command to generate passwords. - New guidance for Windows (PowerShell) and macOS/Linux (curl) commands when using the fallback method. - Updates error handling: if both methods fail, users are informed and directed to use the AceToolz website directly. - Core usage and response formatting remain unchanged.

v1.0.0

Initial release of acetoolz-password - Generate secure, customizable passwords of any length (4–128 characters). - Supports options for uppercase, lowercase, numbers, symbols, excluding similar characters, and starting with a letter. - Automatically interprets user requests and sets parameters accordingly. - Displays generated password clearly with details on character types used. - Handles input validation and API rate limits with user-friendly messages.

元数据

Slug acetoolz-password

版本 1.0.2

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 3

常见问题