keychain_generate
Generate secure passwords or passphrases for Bitwarden vaults with customizable character types, length, and complexity options.
Instructions
Generate a password/passphrase (bw generate). Returning the value requires reveal=true.
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| uppercase | No | ||
| lowercase | No | ||
| number | No | ||
| special | No | ||
| passphrase | No | ||
| length | No | ||
| words | No | ||
| minNumber | No | ||
| minSpecial | No | ||
| separator | No | ||
| capitalize | No | ||
| includeNumber | No | ||
| ambiguous | No | ||
| reveal | No |
Implementation Reference
- src/tools/registerTools.ts:167-204 (handler)Registration of the 'generate' tool (often referenced as keychain_generate, but registered as ${prefix}.generate in code).
registerTool( `${deps.toolPrefix}.generate`, { title: 'Generate', description: 'Generate a password/passphrase (bw generate). Returning the value requires reveal=true.', annotations: { readOnlyHint: true }, inputSchema: { uppercase: z.boolean().optional(), lowercase: z.boolean().optional(), number: z.boolean().optional(), special: z.boolean().optional(), passphrase: z.boolean().optional(), length: z.number().int().min(5).max(256).optional(), words: z.number().int().min(3).max(50).optional(), minNumber: z.number().int().min(0).max(50).optional(), minSpecial: z.number().int().min(0).max(50).optional(), separator: z.string().optional(), capitalize: z.boolean().optional(), includeNumber: z.boolean().optional(), ambiguous: z.boolean().optional(), reveal: z.boolean().optional(), }, _meta: toolMeta, }, async (input, extra) => { const sdk = await deps.getSdk(extra.authInfo); const result = await sdk.generate(clampReveal(input)); return { structuredContent: toolResult( 'generated', result.value, result.revealed, ), content: [{ type: 'text', text: 'OK' }], }; }, ); - src/sdk/keychainSdk.ts:430-440 (handler)The implementation of the generate logic, which calls the underlying bw CLI.
async generate( input: GenerateInput & { reveal?: boolean } = {}, ): Promise<{ value: string | null; revealed: boolean }> { if (!input.reveal) return this.valueResult(null, false); const args = buildBwGenerateArgs(input); const { stdout } = await this.bw.withSession(async (session) => this.bw.runForSession(session, args, { timeoutMs: 30_000 }), ); return this.valueResult(stdout.trim(), true); }