Back to skill
Skillv1.0.0
VirusTotal security
Php Sql Fixer · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 15, 2026, 5:41 PM
- Hash
- 4f65fe18c9c78748323d7ef4964d93076d48d302e7b90b2fbcc826e7936cf3a2
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: php-sql-fixer Version: 1.0.0 The skill bundle is a legitimate security auditing tool designed to identify and suggest fixes for SQL injection vulnerabilities in PHP projects, specifically those using the Yaf framework. The 'scan_sql.sh' script uses grep to find common unsafe patterns like string concatenation and superglobal interpolation in SQL queries, while 'SKILL.md' and 'references/fix-patterns.md' provide clear instructions and documentation for an AI agent to triage and remediate these risks. Although the bundle contains a highly specific hardcoded path for a Docker configuration (/mnt/d/Users/Public/php20250819/docker-php7.3/docker-compose.yml), this appears to be an environment-specific setting for syntax verification rather than a malicious indicator. No evidence of data exfiltration, unauthorized execution, or prompt injection was found.
- External report
- View on VirusTotal