注入扫描
Sqlmap
by bytesagain
Detect SQL injection vulnerabilities and assess DB security. Use when checking queries, validating sanitization, generating tests, formatting reports.
安装
claude skill add --url github.com/openclaw/skills/tree/main/skills/bytesagain/sql-scanner文档
SQL Scanner
SQL security scanner and database devtools toolkit. Check queries for vulnerabilities, validate SQL syntax, generate test cases, format queries, lint code, explain execution plans, and more — all from the command line.
Commands
Run sql-scanner <command> [args] to use. Each command records timestamped entries to its own log file.
Core Operations
| Command | Description |
|---|---|
check <input> | Check a SQL query for security issues or correctness |
validate <input> | Validate SQL syntax or sanitization rules |
generate <input> | Generate SQL test cases, mock queries, or schemas |
format <input> | Format and pretty-print a SQL query |
lint <input> | Lint SQL code for style and best-practice violations |
explain <input> | Record an execution plan analysis or query explanation |
convert <input> | Convert between SQL dialects or formats |
template <input> | Log or retrieve SQL templates for common patterns |
diff <input> | Record differences between two SQL versions or schemas |
preview <input> | Preview a query transformation before applying |
fix <input> | Log a fix applied to a problematic query |
report <input> | Record a scan report or audit finding |
Utility Commands
| Command | Description |
|---|---|
stats | Show summary statistics across all log files (entry counts, disk usage) |
export <fmt> | Export all data in a given format: json, csv, or txt |
search <term> | Search across all log files for a keyword (case-insensitive) |
recent | Display the last 20 lines from the activity history log |
status | Health check — version, data dir, entry count, disk usage |
help | Show the full command reference |
version | Print current version (v2.0.0) |
Note: Each core command works in two modes — call with no arguments to view recent entries (last 20), or pass input to record a new timestamped entry.
Data Storage
All data is stored locally in plain-text log files:
~/.local/share/sql-scanner/
├── check.log # Security check records
├── validate.log # Validation results
├── generate.log # Generated test cases
├── format.log # Formatted queries
├── lint.log # Lint findings
├── explain.log # Execution plan notes
├── convert.log # Dialect conversions
├── template.log # SQL templates
├── diff.log # Schema/query diffs
├── preview.log # Preview entries
├── fix.log # Applied fixes
├── report.log # Audit reports
└── history.log # Unified activity log (all commands)
Each entry is stored as YYYY-MM-DD HH:MM|<input> (pipe-delimited). The history.log file receives a line for every command executed, providing a single timeline of all activity.
Requirements
- Bash 4.0+ (uses
set -euo pipefail) - Standard Unix utilities:
date,wc,du,tail,grep,sed,cat,basename - No external dependencies — pure bash, works on any Linux or macOS system
When to Use
- SQL code review — use
checkandlintto record findings when reviewing queries for injection risks or style issues - Query formatting — use
formatto log prettified versions of messy SQL before sharing with the team - Schema migrations — use
diffandconvertto track changes when migrating between database dialects - Security auditing — use
reportandvalidateto document SQL injection scan results and sanitization checks - Test case generation — use
generateandtemplateto build and catalog reusable SQL test patterns
Examples
# Check a query for SQL injection risks
sql-scanner check "SELECT * FROM users WHERE id = '$input'"
# Lint a query for style issues
sql-scanner lint "select name,age from users where age>18"
# Format a messy query
sql-scanner format "SELECT a.id, b.name FROM table_a a JOIN table_b b ON a.id=b.aid WHERE a.status=1"
# Generate a test case
sql-scanner generate "INSERT injection test for login form"
# Log a schema diff
sql-scanner diff "users table: added column 'email_verified' BOOLEAN DEFAULT FALSE"
# Export all scan data to JSON
sql-scanner export json
# Search for all entries mentioning 'injection'
sql-scanner search injection
# View overall statistics
sql-scanner stats
Configuration
Set the SQL_SCANNER_DIR environment variable to change the data directory:
export SQL_SCANNER_DIR="/custom/path/to/data"
Default: ~/.local/share/sql-scanner/
Powered by BytesAgain | bytesagain.com | hello@bytesagain.com
相关 Skills
数据库建模
by alirezarezvani
把需求梳理成关系型数据库表结构,自动生成迁移脚本、TypeScript/Python 类型、种子数据、RLS 策略和索引方案,适合多租户、审计追踪、软删除等后端建模与 Schema 评审场景。
✎ 把数据库结构设计、ER图梳理和SQL建模放到一处,复杂业务也能快速统一数据模式,少走不少返工弯路。
资深数据科学家
by alirezarezvani
覆盖实验设计、特征工程、预测建模、因果推断与模型评估,适合用 Python/R/SQL 做 A/B 测试、时序分析和生产级 ML 落地,支撑数据驱动决策。
✎ 从 A/B 测试、因果分析到预测建模一条龙搞定,既有硬核统计方法也懂业务沟通,特别适合把数据结论真正落地。
数据库设计
by alirezarezvani
聚焦数据库 Schema 设计与演进,自动检查规范化、数据类型、约束和索引问题,生成 ERD,并为零停机迁移、数据变更和回滚提供可执行方案。
✎ 专注数据库设计与数据建模,帮你快速理清表结构和关系,减少后期返工,SQL 落地也更顺手。
相关 MCP 服务
PostgreSQL 数据库
编辑精选by Anthropic
PostgreSQL 是让 Claude 直接查询和管理你的数据库的 MCP 服务器。
✎ 这个服务器解决了开发者需要手动编写 SQL 查询的痛点,特别适合数据分析师或后端开发者快速探索数据库结构。不过,由于是参考实现,生产环境使用前务必评估安全风险,别指望它能处理复杂事务。
SQLite 数据库
编辑精选by Anthropic
SQLite 是让 AI 直接查询本地数据库进行数据分析的 MCP 服务器。
✎ 这个服务器解决了 AI 无法直接访问 SQLite 数据库的问题,适合需要快速分析本地数据集的开发者。不过,作为参考实现,它可能缺乏生产级的安全特性,建议在受控环境中使用。
Firecrawl 智能爬虫
编辑精选by Firecrawl
Firecrawl 是让 AI 直接抓取网页并提取结构化数据的 MCP 服务器。
✎ 它解决了手动写爬虫的麻烦,让 Claude 能直接访问动态网页内容。最适合需要实时数据的研究者或开发者,比如监控竞品价格或抓取新闻。但要注意,它依赖第三方 API,可能涉及隐私和成本问题。