The php and sql statements should not be displayed, but appear to be benign. There are a bunch of echo statements in driver_sqlite/schema.php which were probably intended for debugging during development and were never removed.
As for the password, a random password was emailed to me at the email address I gave in step 1. This worked fine, and I was able to change my password from within wordpress. However, it is clearly a bug that the password input in step 1 is not actually used when creating the account.
