Can it fix the vulnerabilities it finds?

Yes, it provides specific remediation guidance and code recommendations, such as converting vulnerable strings into parameterized queries or prepared statements.

Is this skill suitable for production code audits?

Absolutely. It is designed to scan entire codebases to identify security flaws during development, code reviews, or as part of a final security audit before release.

Does it support multiple database types?

It focuses on common SQL injection patterns and logic flaws that apply across most relational database systems including MySQL, PostgreSQL, and SQL Server.

How does the skill detect SQL injection?

It uses the sql-injection-detector plugin to analyze code patterns, identifying unvalidated inputs and insecure database query construction within your project.

How do I trigger a security scan?

You can trigger the skill by asking Claude phrases like 'detect SQL injection', 'scan for SQLi', or 'check for SQL injection vulnerabilities' in your current directory.

SQL Injection Security Detector

Name: SQL Injection Security Detector
Author: jeremylongshore

byjeremylongshore

•

883

•

セキュリティとテスト

Scans codebases to identify SQL injection vulnerabilities and provide actionable remediation guidance for secure database interactions.

This skill empowers Claude to proactively secure applications by identifying SQL injection (SQLi) vulnerabilities within code. By integrating with the sql-injection-detector plugin, it performs deep code analysis to pinpoint dangerous input vectors and query patterns, generating detailed reports with severity levels and specific fixes. Whether you are auditing a legacy codebase or reviewing recent PRs, this skill helps developers implement best practices like parameterized queries and input validation to protect against data breaches.

主な機能

01Automated SQL injection vulnerability scanning

02Actionable remediation and code fix recommendations

03883 GitHub stars

04Integration with code review workflows for security audits

05Detailed vulnerability reporting with severity levels

06Support for identifying insecure query patterns and input vectors

ユースケース

01Reviewing specific pull requests to ensure new code changes do not introduce SQLi risks

02Auditing a web application's codebase for security vulnerabilities before deployment

03Learning and implementing secure coding standards through guided remediation steps

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeremylongshore/claude-code-plugins-plus-skills skill-adapter

For use in Claude.ai and ChatGPT

Download Skill