A quick summary of what exactly this scans for at the top of the README would be nice.

From the screenshots at the bottom, it looks like mainly SQL injection and outdated dependencies?

https://github.com/ajinabraham/njsscan/blob/master/njsscan/r...

Does this mean that if I use single quotes or add whitespace inside the parentheses the vulnerability will not be detected?

Static analysis software is quite valuable if you can successfully sell it.

https://github.blog/2019-09-18-github-welcomes-semmle/