Back to skill
Skillv1.0.0
VirusTotal security
Sql Injection Detection And Exploitation · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 12:06 PM
- Hash
- 6b94edc18297cf07d4f65262c78c9f1780c780c3cb81a8dba8dccadfdb93440e
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: bookforge-sql-injection-detection-and-exploitation Version: 1.0.0 The skill bundle provides a comprehensive guide for performing SQL injection attacks, including data exfiltration and OS command execution (e.g., via 'xp_cmdshell' or 'UTL_HTTP'). While the content is educational and aligned with its stated purpose of security testing—referencing 'The Web Application Hacker's Handbook' and providing remediation guidance—it equips the AI agent with high-risk capabilities and specific exploitation payloads. Per the classification criteria, the presence of these high-risk behaviors without evidence of intentional malice against the user or environment warrants a 'suspicious' classification. IOCs include the placeholder domain 'attacker.net' used in exfiltration examples in SKILL.md and references/cross-platform-sql-syntax.md.
- External report
- View on VirusTotal