A common question is whether adding a (BIP39) passphrase to a seed phrase provides protection against Dark Skippy and similar attacks. The answer is no. This attack can work directly against the master private key, not the seed phrase.

https://nunchuk.io/blog/dark-skippy