Can it fix the vulnerabilities it finds?

Yes, it provides specific remediation guidance and code recommendations, such as converting vulnerable strings into parameterized queries or prepared statements.

Is this skill suitable for production code audits?

Absolutely. It is designed to scan entire codebases to identify security flaws during development, code reviews, or as part of a final security audit before release.

Does it support multiple database types?

It focuses on common SQL injection patterns and logic flaws that apply across most relational database systems including MySQL, PostgreSQL, and SQL Server.

How does the skill detect SQL injection?

It uses the sql-injection-detector plugin to analyze code patterns, identifying unvalidated inputs and insecure database query construction within your project.

How do I trigger a security scan?

You can trigger the skill by asking Claude phrases like 'detect SQL injection', 'scan for SQLi', or 'check for SQL injection vulnerabilities' in your current directory.

SQL Injection Security Detector

Name: SQL Injection Security Detector
Author: jeremylongshore

byjeremylongshore

•

883

セキュリティとテスト

Scans codebases to identify SQL injection vulnerabilities and provide actionable remediation guidance for secure database interactions.

概要

This skill empowers Claude to proactively secure applications by identifying SQL injection (SQLi) vulnerabilities within code. By integrating with the sql-injection-detector plugin, it performs deep code analysis to pinpoint dangerous input vectors and query patterns, generating detailed reports with severity levels and specific fixes. Whether you are auditing a legacy codebase or reviewing recent PRs, this skill helps developers implement best practices like parameterized queries and input validation to protect against data breaches.

主な機能

Automated SQL injection vulnerability scanning
Actionable remediation and code fix recommendations
883 GitHub stars
Integration with code review workflows for security audits
Detailed vulnerability reporting with severity levels
Support for identifying insecure query patterns and input vectors

ユースケース

Reviewing specific pull requests to ensure new code changes do not introduce SQLi risks
Auditing a web application's codebase for security vulnerabilities before deployment
Learning and implementing secure coding standards through guided remediation steps

概要

主な機能

Automated SQL injection vulnerability scanning
Actionable remediation and code fix recommendations
883 GitHub stars
Integration with code review workflows for security audits
Detailed vulnerability reporting with severity levels
Support for identifying insecure query patterns and input vectors

ユースケース

Reviewing specific pull requests to ensure new code changes do not introduce SQLi risks
Auditing a web application's codebase for security vulnerabilities before deployment
Learning and implementing secure coding standards through guided remediation steps