Which programming frameworks are supported?

The skill is framework-agnostic but provides specific guidance for popular ecosystems including Django, Ruby on Rails, Express (Node.js), and Spring (Java).

Does it provide automated fixes for security bugs?

While it identifies the vulnerabilities, it focuses on providing expert remediation recommendations and code patterns for the developer to review and implement safely.

How does this skill find SQL injection vulnerabilities?

It uses a combination of pattern matching, grep-based scanning, and data flow analysis to identify where user input reaches database queries without proper sanitization or parameterization.

Where are the security scan reports saved?

Reports are automatically generated and saved as Markdown files within the {baseDir}/security-reports/ directory for easy tracking and documentation.

SQL Injection Vulnerability Detector

Name: SQL Injection Vulnerability Detector
Author: jeremylongshore

byjeremylongshore

•

1,031

•

安全与测试

Identifies and mitigates SQL injection risks by analyzing application source code and database query patterns.

This skill empowers developers to proactively secure their applications by automating the detection and analysis of SQL injection vulnerabilities. By scanning source code, ORM configurations, and query construction patterns, it flags potential injection vectors, documents their impact, and provides actionable recommendations for remediation—such as parameterized queries and robust input validation—ensuring database integrity and application security across various frameworks like Django, Rails, and Express.

主要功能

01Remediation guidance based on OWASP security standards

02Automated source code scanning for SQLi risks

03Data flow analysis from input surfaces to database queries

04Detailed security reporting with impact documentation

05Review of ORM configurations and raw SQL construction

061,031 GitHub stars

使用场景

01Refactoring manual SQL queries into secure parameterized patterns

02Reviewing new code submissions for potential injection vulnerabilities before deployment

03Performing a security audit on legacy database-driven applications

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeremylongshore/claude-code-plugins-plus-skills detecting-sql-injection-vulnerabilities

For use in Claude.ai and ChatGPT

Download Skill

主要功能

01Remediation guidance based on OWASP security standards

02Automated source code scanning for SQLi risks

03Data flow analysis from input surfaces to database queries

04Detailed security reporting with impact documentation

05Review of ORM configurations and raw SQL construction

061,031 GitHub stars

使用场景

01Refactoring manual SQL queries into secure parameterized patterns

02Reviewing new code submissions for potential injection vulnerabilities before deployment

03Performing a security audit on legacy database-driven applications

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeremylongshore/claude-code-plugins-plus-skills detecting-sql-injection-vulnerabilities

For use in Claude.ai and ChatGPT

Download Skill