A fully local password management skill for OpenClaw with AES-256-GCM encryption, password generation, and sensitive info detection.
Security Analysis
high confidenceThe skill's code, instructions, and resource usage are internally consistent with a local password manager; no evidence of network exfiltration or unrelated credential requests, though there are some security/design choices you should review before use.
The name/description (local AES-256-GCM password manager, generation, detection) matches the included code and CLI/hook behavior. No unrelated cloud credentials or foreign binaries are requested. The included detector, crypto, generator, storage, and validator modules all serve the stated purpose.
Runtime instructions and Hook APIs operate on local vault and detection features as documented. The SKILL.md and handler instruct the agent to access the vault, read/write local files, and optionally use the PASSWORD_MANAGER_MASTER_PASSWORD environment variable; these behaviors are implemented in code. Note: the skill persists a vault and a cached key file under the skill package's data/.cache directories (./data/vault.enc and ./.cache/key.enc) — this persistent disk access is expected for a password manager but worth being aware of.
There is no external install/download mechanism and package.json has no dependencies. All code is bundled with the skill (no remote downloads or installers), which minimizes supply-chain risk from the installation mechanism itself.
The skill does not require any environment variables or external credentials. It optionally supports PASSWORD_MANAGER_MASTER_PASSWORD for automation (documented and implemented). That optional env var is reasonable for CI/automation but is a sensitive vector (visible to processes, logs) and the SKILL.md correctly warns about process-list exposure.
The skill stores encrypted vault and cache files inside its package/data and package/.cache locations and writes history files for versioning. It does not request elevated system privileges or modify other skills. Persisting secrets to disk is necessary for a vault, but you should confirm the directory location and OS file permissions; by default it will create and write files under the skill directory.
Guidance
This skill appears to do what it claims (a local encrypted password vault) and contains its implementation in the package rather than pulling remote code. Before installing, consider the following: - Source verification: the skill's source/homepage is unknown. If you will store sensitive secrets, prefer code from a known maintainer or review the full source yourself. - Disk location and permissions: the vault (data/vault.enc), cache (.cache/key.enc), and history files are written under the skill's package directories. Ensure those directories are located on secure storage and have strict filesystem permissions so other users/processes cannot read them. - Environment variable risk: PASSWORD_MANAGER_MASTER_PASSWORD is supported for automation but is a sensitive secret; avoid using it on multi-user systems, CI runners without secret storage, or places where process/environment variables can be leaked. - Cache derivation detail: the cache key derivation uses a fixed salt constant (CACHE_SALT_FIXED). This is a design weakness for the cache encryption (it makes offline guessing of cache-derived data slightly easier than if per-install random salt were used). If you rely on the cache file for long-lived convenience, consider reducing cache lifetime or removing cache entirely. - Audit & Logs: SKILL.md advertises audit logs and operation history. Confirm what is logged and where; ensure logs don't contain plaintext secrets and that log files are protected. - Backups & recovery: confirm your backup strategy (vault.enc is the canonical encrypted vault file). Losing the master password may make recovery impossible. If you are not comfortable reviewing the full source, either decline the skill or run it in an isolated environment (sandbox/VM) and/or adjust config (disable caching, lower cache timeout) before storing high-value secrets.
Latest Release
v1.0.4
Added update and change-password CLI commands, fixed cache reuse logic and parameter parsing
More by @jixsonwang
Published by @jixsonwang on ClawHub
