Sqlmap
Detect SQL injection vulnerabilities and assess DB security. Use when checking queries, validating sanitization, generating tests, formatting reports.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/bytesagain/sql-scannerSQL Scanner
SQL security scanner and database devtools toolkit. Check queries for vulnerabilities, validate SQL syntax, generate test cases, format queries, lint code, explain execution plans, and more — all from the command line.
Commands
Run sql-scanner <command> [args] to use. Each command records timestamped entries to its own log file.
Core Operations
| Command | Description |
|---|---|
check <input> | Check a SQL query for security issues or correctness |
validate <input> | Validate SQL syntax or sanitization rules |
generate <input> | Generate SQL test cases, mock queries, or schemas |
format <input> | Format and pretty-print a SQL query |
lint <input> | Lint SQL code for style and best-practice violations |
explain <input> | Record an execution plan analysis or query explanation |
convert <input> | Convert between SQL dialects or formats |
template <input> | Log or retrieve SQL templates for common patterns |
diff <input> | Record differences between two SQL versions or schemas |
preview <input> | Preview a query transformation before applying |
fix <input> | Log a fix applied to a problematic query |
report <input> | Record a scan report or audit finding |
Utility Commands
| Command | Description |
|---|---|
stats | Show summary statistics across all log files (entry counts, disk usage) |
export <fmt> | Export all data in a given format: json, csv, or txt |
search <term> | Search across all log files for a keyword (case-insensitive) |
recent | Display the last 20 lines from the activity history log |
status | Health check — version, data dir, entry count, disk usage |
help | Show the full command reference |
version | Print current version (v2.0.0) |
Note: Each core command works in two modes — call with no arguments to view recent entries (last 20), or pass input to record a new timestamped entry.
Data Storage
All data is stored locally in plain-text log files:
~/.local/share/sql-scanner/
├── check.log # Security check records
├── validate.log # Validation results
├── generate.log # Generated test cases
├── format.log # Formatted queries
├── lint.log # Lint findings
├── explain.log # Execution plan notes
├── convert.log # Dialect conversions
├── template.log # SQL templates
├── diff.log # Schema/query diffs
├── preview.log # Preview entries
├── fix.log # Applied fixes
├── report.log # Audit reports
└── history.log # Unified activity log (all commands)
Each entry is stored as YYYY-MM-DD HH:MM|<input> (pipe-delimited). The history.log file receives a line for every command executed, providing a single timeline of all activity.
Requirements
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-bytesagain-sql-scanner": {
"enabled": true,
"auto_update": true
}
}
}Related Skills
workflow-builder
工作流设计与优化工具。流程设计、自动化方案、流程优化、文档化、审批流、系统集成。Workflow builder with design, automate, optimize, document, approval.
wp-manager
Manage WordPress sites from terminal. Use when checking site health, listing posts and pages, searching content, or running security scans.
volume
Volume reference tool. Use when working with volume in finance contexts.
xhs-content-creator
Generate viral Xiaohongshu notes with titles, tags, and covers. Use when drafting seed posts, writing reviews, crafting tutorials, or boosting engagement.
Webhook Tester
Send test payloads and inspect webhook responses locally. Use when debugging integrations, validating schemas, testing error handling, or simulating calls.