What does the SQL Injection Detector skill do?

It scans your application's source code and database configurations to identify risks where malicious SQL queries could be executed, providing a detailed report of potential vulnerabilities.

Where are the security reports saved?

By default, the skill generates and saves Markdown-formatted security reports in the {baseDir}/security-reports/ directory of your project.

Which frameworks are supported by this skill?

The skill is designed to work with major frameworks including Django, Rails, Express, and Spring by analyzing their specific ORM patterns and query construction methods.

Can I use this for automated security testing in CI/CD?

While the skill uses Bash-based code-scan and security-test tools, it is optimized for developer-led audits within the Claude Code environment.

Does it provide recommendations on how to fix vulnerabilities?

Yes, the skill generates a vulnerability report that includes recommended fixes such as implementing parameterized queries, specific ORM patterns, and input validation techniques.

SQL Injection Detector

Name: SQL Injection Detector
Author: Brmbobo

byBrmbobo

0•

セキュリティとテスト

Identifies and analyzes SQL injection vulnerabilities within application code and database queries to ensure robust data security.

This skill empowers Claude to perform automated security audits by scanning source code for potential SQL injection vectors, reviewing ORM configurations, and validating input sanitization patterns. It bridges the gap between development and security by providing detailed vulnerability reports and actionable remediation advice, such as recommending parameterized queries or specific framework-level security patterns for Django, Rails, Express, and Spring. Whether you are conducting a pre-deployment check or reviewing legacy code, this tool helps maintain a secure data layer by documenting impact and recommending best practices.

主な機能

01Automated SQLi code scanning

02Vulnerability report generation

03ORM and database query review

04Input sanitization validation

050 GitHub stars

06Remediation and fix recommendations

ユースケース

01Reviewing legacy database query logic

02Pre-deployment security auditing

03Validating user input handling for web forms

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add brmbobo/web2podcast detecting-sql-injection-vulnerabilities

For use in Claude.ai and ChatGPT

Download Skill