Adding some warning comments to duckduckpassword.

Basically, these should never ship as-is, because:

  * It makes more sense to implement as a plugin.
  * As a module, it's pretty incompatible with Metasploit CE.
  * It violates DDG's terms of service, and will get you blacklisted by DDG

But, it uses some neat techniques that maybe some other, more sane and
stable modules, could make use of.

unstable-modules/duckduck_password.rb

@@ -5,6 +5,10 @@
 # http://metasploit.com/framework/
 ##
 
+# The most useful and interesting feature of this module is the way the 
+# loot file gets appended to, rather than rewritten. Might be use for
+# this technique in other modules that gather loot.
+
 require 'msf/core'
 
 class Metasploit3 < Msf::Auxiliary

unstable-scripts/search_hash_creds.rc

@@ -1,4 +1,6 @@
-# Not for distribution
+# Not for distribution -- just an example of looping through creds to do things
+# with them. However, duckduck_password and this script should certainly just
+# be combined into one plugin, rather than a module.
 
 use auxiliary/gather/duckduck_password
 <ruby>