AgentSkill.club - Claude Skills Marketplace Logoagentskill.club

detecting-sql-injection-vulnerabilitiesClaude Skill

Detect and analyze SQL injection vulnerabilities in application code and database queries.

1.4k Stars
173 Forks
2025/10/10

Install & Download

Linux / macOS:

请登录后查看安装命令

Windows (PowerShell):

请登录后查看安装命令

Download and extract to ~/.claude/skills/

namedetecting-sql-injection-vulnerabilities
descriptionDetect and analyze SQL injection vulnerabilities in application code and database queries. Use when you need to scan code for SQL injection risks, review query construction, validate input sanitization, or implement secure query patterns. Trigger with phrases like "detect SQL injection", "scan for SQLi vulnerabilities", "review database queries", or "check SQL security".
allowed-toolsRead, Write, Edit, Grep, Glob, Bash(code-scan:*), Bash(security-test:*)
version1.0.0
authorJeremy Longshore <jeremy@intentsolutions.io>
licenseMIT

Detecting Sql Injection Vulnerabilities

Overview

This skill provides automated assistance for the described functionality.

Prerequisites

Before using this skill, ensure:

  • Application source code accessible in {baseDir}/
  • Database query files and ORM configurations available
  • Framework information (Django, Rails, Express, Spring, etc.)
  • Write permissions for security reports in {baseDir}/security-reports/

Instructions

  1. Identify input surfaces and data flows into database queries.
  2. Review query construction and parameterization patterns.
  3. Flag injection vectors and document impact.
  4. Recommend fixes (parameterized queries, ORM patterns, validation) and tests.

See {baseDir}/references/implementation.md for detailed implementation guide.

Output

The skill produces:

Primary Output: SQL injection vulnerability report saved to {baseDir}/security-reports/sqli-scan-YYYYMMDD.md

Report Structure:

# SQL Injection Vulnerability Report
Scan Date: 2024-01-15
Application: E-commerce Platform
Framework: Django 4.2

## Error Handling

See `{baseDir}/references/errors.md` for comprehensive error handling.

## Examples

See `{baseDir}/references/examples.md` for detailed examples.

## Resources

- SQL Injection Prevention Cheat Sheet: https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html
- OWASP Top 10 - Injection: https://owasp.org/www-project-top-ten/
- CWE-89: SQL Injection: https://cwe.mitre.org/data/definitions/89.html
- CAPEC-66: SQL Injection: https://capec.mitre.org/data/definitions/66.html
- Django Security: https://docs.djangoproject.com/en/stable/topics/security/

Similar Claude Skills & Agent Workflows

idapython

5.1k
mrexodia's avatar - Developer of idapython Claude skillmrexodia/ida-pro-mcp
2026/01/18

IDA Pro Python scripting for reverse engineering.

webhook-signature-validator

1.0k
jeremylongshore's avatar - Developer of webhook-signature-validator Claude skilljeremylongshore/claude-code-plugins-plus-skills
2026/01/18

Validate webhook signature validator operations.

bearer-token-validator

1.0k
jeremylongshore's avatar - Developer of bearer-token-validator Claude skilljeremylongshore/claude-code-plugins-plus-skills
2026/01/18

Validate bearer token validator operations.

api-key-auth-setup

1.0k
jeremylongshore's avatar - Developer of api-key-auth-setup Claude skilljeremylongshore/claude-code-plugins-plus-skills
2026/01/18

Configure api key auth setup operations.

iam-binding-creator

1.0k
jeremylongshore's avatar - Developer of iam-binding-creator Claude skilljeremylongshore/claude-code-plugins-plus-skills
2026/01/18

Create iam binding creator operations.

firewall-rule-generator

1.0k
jeremylongshore's avatar - Developer of firewall-rule-generator Claude skilljeremylongshore/claude-code-plugins-plus-skills
2026/01/18

Generate firewall rule generator operations.