Password Auditor

The Password Auditor skill evaluates password strength and checks credentials against the HaveIBeenPwned database using k-anonymity — meaning only the first 5 characters of the password hash are sent to the API, never the password or its full hash. Strength analysis scores each password on length, complexity, use of common patterns, dictionary words, and keyboard walks, returning an entropy estimate and a practical time-to-crack estimate for different attack scenarios. Batch auditing accepts a list of usernames and hashed passwords from a credentials export and generates a report categorized by risk level. The skill provides specific, actionable improvement suggestions for each weak password rather than generic advice. It also checks email addresses against known breach databases to identify accounts that may require password rotation. Organizational policy compliance checks are available — define minimum length, complexity requirements, and disallowed patterns, and the skill flags any passwords that fail compliance. All credential data is processed locally; nothing is logged or retained between sessions.

Installation

clawhub install password-audit

Install: clawhub install password-audit