When something calls itself a security tool it's usually assumed (if not explicitly stated) that it serves some purpose for assessing the security of something. Otherwise it is just a tool made for making attacks easier to perform, which is pretty frowned upon.
It's a proof-of-concept to illustrate that users will put their passwords anywhere they are asked to and click through any warnings that may appear on their screen.
