ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

EdgeIQ SQL Injection Scanner

v1.0.0

Scans web app parameters for SQL injection vulnerabilities using boolean, time-based, and UNION SELECT techniques with optional JSON reporting.

0· 34·0 current·0 all-time
by@snipercat69

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for snipercat69/edgeiq-sql-injection-scanner.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "EdgeIQ SQL Injection Scanner" (snipercat69/edgeiq-sql-injection-scanner) from ClawHub.
Skill page: https://clawhub.ai/snipercat69/edgeiq-sql-injection-scanner
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install snipercat69/edgeiq-sql-injection-scanner

ClawHub CLI

Package manager switcher

npx clawhub@latest install edgeiq-sql-injection-scanner
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, SKILL.md, README, and the included Python scanner code are consistent: the package implements boolean, time-based, and UNION SELECT SQL injection checks and JSON reporting as described.
Instruction Scope
SKILL.md instructs running sql_scanner.py against target URLs (and optionally setting EDGEIQ_EMAIL). The tool performs active HTTP requests to targets (expected for a scanner). SKILL.md warns about legality, which is appropriate. Note: the instructions suggest Discord commands but there is no Discord integration code — that's just an example usage channel.
Install Mechanism
No install spec or remote downloads; code files are included with the skill. No archive downloads or execution of externally fetched code were observed in the provided files.
!
Credentials
Registry metadata declares no required env vars, but SKILL.md and the code use EDGEIQ_EMAIL and EDGEIQ_LICENSE_KEY and read ~/.edgeiq/license.key and stripe_licenses.json. The code grants full Pro/Bundle access if EDGEIQ_EMAIL is a specific hardcoded address (gpalmieri21@gmail.com). Undeclared env vars and a hardcoded email-based licensing fallback are surprising and disproportionate to the scanner's purpose.
Persistence & Privilege
Skill does not request always:true, does not modify other skills, and only reads (not writes) a user license path in the home directory. No evidence of persistent system-wide changes.
What to consider before installing
This package appears to implement an active SQL injection scanner as advertised, but you should be cautious before installing or running it. Key points to consider: - Active scanning risk: The tool will send many crafted HTTP requests to targets. Only run it against systems you own or have explicit written permission to test. Unauthorized scanning is illegal and can trigger intrusion detection. - Undeclared env vars and license backdoor: The skill and code expect EDGEIQ_EMAIL and EDGEIQ_LICENSE_KEY and read ~/.edgeiq/license.key, but the registry says no env vars are required. There's a suspicious hardcoded acceptance of a specific email (gpalmieri21@gmail.com) to enable Pro/Bundle features; this is unexpected and should be clarified or removed by the author. - Source provenance: The registry lists source/homepage as unknown. Prefer code from a verifiable repository or vendor. Confirm the upstream GitHub repo and verify integrity before use. - Run in isolation: If you want to test it, run the scanner in an isolated environment (air-gapped VM or a throwaway container) and monitor network activity to ensure it performs only the intended requests. - Code review: If you plan to use it in production, review/modify the licensing logic to remove hardcoded allowances and make license checks explicit. Also consider adding safe defaults (longer delays, rate-limiting) to avoid accidental DoS. If you want, I can list the exact lines that implement the license checks and the hardcoded email so you can review or patch them.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dvevsx1srwk9k7qnm5erkdx85fc4g
34downloads
0stars
1versions
Updated 19h ago
v1.0.0
MIT-0
@snipercat69
latest
Download

SQL Injection Scanner

Skill Name: sql-injection-scanner
Version: 1.0.0
Category: Security / Vulnerability Assessment
Price: Free (basic) / Pro ($19/mo) / Bundle ($39/mo)
Author: EdgeIQ Labs
OpenClaw Compatible: Yes — Python 3, pure stdlib + urllib, WSL + Linux

What It Does

Detects SQL injection vulnerabilities in web application parameters using multiple detection techniques: boolean-based blind injection, time-based blind injection, and UNION SELECT extraction. Designed for security professionals and developers auditing their own applications.

⚠️ Legal Notice: Only scan domains you own or have explicit written authorization to test. Unauthorized scanning is illegal.

Features

  • Boolean-based blind injection — infer SQL truth from page response differences
  • Time-based blind injection — use SLEEP() delays to confirm injection
  • UNION SELECT extraction — pull database version, user, and schema via UNION payloads
  • Auto-detection — automatically identifies which parameter types are injectable
  • Parameter scanner — test multiple parameters in a single run
  • JSON export — structured results for reporting and integration

Tier Comparison

FeatureFreePro ($19/mo)Bundle ($39/mo)
Single URL + parameter test
Boolean blind detection
Time-based detection
UNION SELECT extraction
Multiple parameter scan✅ (10 params)✅ (unlimited)
JSON export
Custom payload wordlist

Installation

cp -r /home/guy/.openclaw/workspace/apps/sql-injection-scanner ~/.openclaw/skills/sql-injection-scanner

Usage

Basic scan (free tier)

python3 sql_scanner.py --url "https://example.com/product?id=1"

Pro scan (time-based + UNION + multiple params)

EDGEIQ_EMAIL=your_email@gmail.com python3 sql_scanner.py \
  --url "https://example.com/product?id=1&category=2&search=test" \
  --pro

Test specific parameter only

python3 sql_scanner.py --url "https://example.com/search?q=test" --param q

Full bundle scan with JSON export

EDGEIQ_EMAIL=your_email@gmail.com python3 sql_scanner.py \
  --url "https://example.com/api/user?id=1" \
  --bundle --output report.json

As OpenClaw Discord Command

In #edgeiq-support channel:

!sqli https://example.com/product?id=1
!sqli https://example.com/search?q=test --pro
!sqli https://example.com/api?id=1&uid=2 --bundle

Parameters

FlagTypeDefaultDescription
--urlstringTarget URL with parameter(s)
--paramstringallSpecific parameter to test
--proflagFalseEnable Pro features
--bundleflagFalseEnable Bundle features
--outputstringWrite JSON report to file
--delayfloat1.0Delay between requests (seconds)
--timeoutint10Request timeout (seconds)

Output Example

=== SQL Injection Scanner ===
Target: https://example.com/product?id=1

  [1mParameter: id — INJECTABLE 🔴[0m
    Method:     Boolean Blind
    Payload:    ' OR 1=1 --
    True resp:  1423 bytes / 200 OK
    False resp: 0 bytes / 302 redirect
    Confidence: HIGH

  [1mParameter: category — SAFE ✅[0m
    Method:     All checks passed
    Response:   1244 bytes / 200 OK

  Database: MySQL 8.0.23 (via UNION)
  User:     app_user@localhost

  Threat Level: CRITICAL — 1 injectable parameter found

Pro Upgrade

Boolean blind + time-based + UNION SELECT + multiple parameters:

👉 Upgrade to Pro — $19/mo

Support

Open a ticket in #edgeiq-support or email gpalmieri21@gmail.com

Comments

Loading comments...