ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Report Sql

v1.0.0

Define and validate SQL template variables and blocks for report-service with zero tolerance, supporting safe injection, conditional fragments, loops, and da...

0· 58·1 current·1 all-time
by@23396599
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description and the SKILL.md both describe a SQL template protocol and transform rules for a 'report-service'. There are no unrelated required binaries, env vars, or install steps. The requested surface is proportionate for a templating specification.
!
Instruction Scope
SKILL.md prescribes variable syntax, block mechanics (${...}, loops, etc.) and repeatedly asserts '空安全' and '天然防 SQL 注入' (safe from SQL injection). However, this is purely a specification: there is no code or runtime provided that actually enforces escaping, parameterization, or block removal. If an agent or developer implements these templates by directly substituting user-supplied strings into SQL without a safe engine, SQL injection and syntax errors are possible. The instructions also give the agent broad discretion to emit SQL fragments; those emissions could be dangerous unless the executing environment provides binding/escaping.
Install Mechanism
Instruction-only skill with no install spec and no code files. This minimizes disk/write/install risk.
Credentials
The skill requires no environment variables, credentials, or config paths. Nothing asks for unrelated secrets or elevated access.
Persistence & Privilege
Metadata shows always:false and no special privileges. The skill does not request permanent presence or modify other skills' configs.
What to consider before installing
This skill is a detailed design document for a SQL templating protocol — it does not include an implementation. It does not request credentials or install anything, so there's no direct exfiltration risk from the package itself. However, the SKILL.md repeatedly claims the templates are 'safe' and 'injection-proof' but offers no runtime or enforcement code. Before using this in production, do the following: 1) Confirm the actual template engine or code that will render these templates implements parameter binding or proper escaping (do not rely on string concatenation). 2) Request example implementation code or tests from the author that prove block-removal semantics and escaping behavior (including edge cases and malicious inputs). 3) Run unit tests with attacker-controlled inputs to verify no SQL injection and that empty/partial blocks are removed safely. 4) Prefer parameterized queries (driver-level placeholders) over textual substitution where possible. 5) Review how the system logs queries and variables to avoid leaking PII/credentials. If you cannot obtain an implementation or confident tests, treat these instructions as a spec only and do not assume they protect you from injection.

Like a lobster shell, security has layers — review code before you run it.

latestvk97aq8m436dd64nwadgn9z1t7s83g4f3

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments