jeremylongshore

Detecting SQL Injection Vulnerabilities

@jeremylongshore/Detecting SQL Injection Vulnerabilities
jeremylongshore
1,004
123 forks
Updated 1/18/2026
View on GitHub

This skill enables Claude to detect SQL injection vulnerabilities in code. It uses the sql-injection-detector plugin to analyze codebases, identify potential SQL injection flaws, and provide remediation guidance. Use this skill when the user asks to find SQL injection vulnerabilities, scan for SQL injection, or check code for SQL injection risks. The skill is triggered by phrases like "detect SQL injection", "scan for SQLi", or "check for SQL injection vulnerabilities".

Installation

$skills install @jeremylongshore/Detecting SQL Injection Vulnerabilities
Claude Code
Cursor
Copilot
Codex
Antigravity

Details

Repositoryjeremylongshore/claude-code-plugins-plus-skills
Pathbackups/plugin-enhancements/plugin-backups/sql-injection-detector_20251019_121248/skills/skill-adapter/SKILL.md
Branchmain
Scoped Name@jeremylongshore/Detecting SQL Injection Vulnerabilities

Usage

After installing, this skill will be available to your AI coding assistant.

Verify installation:

skills list

Skill Instructions

name: Detecting SQL Injection Vulnerabilities description: | This skill enables Claude to detect SQL injection vulnerabilities in code. It uses the sql-injection-detector plugin to analyze codebases, identify potential SQL injection flaws, and provide remediation guidance. Use this skill when the user asks to find SQL injection vulnerabilities, scan for SQL injection, or check code for SQL injection risks. The skill is triggered by phrases like "detect SQL injection", "scan for SQLi", or "check for SQL injection vulnerabilities".

Overview

This skill empowers Claude to proactively identify and address SQL injection vulnerabilities within a codebase. By leveraging the sql-injection-detector plugin, Claude can perform comprehensive scans, pinpoint potential security flaws, and offer actionable recommendations to mitigate risks. This ensures more secure and robust applications.

How It Works

  1. Initiate Scan: Upon receiving a relevant request, Claude activates the sql-injection-detector plugin.
  2. Code Analysis: The plugin analyzes the codebase, examining code patterns, input vectors, and query contexts.
  3. Vulnerability Identification: The plugin identifies potential SQL injection vulnerabilities, categorizing them by severity.
  4. Report Generation: A detailed report is generated, outlining the identified vulnerabilities, their locations, and recommended remediation steps.

When to Use This Skill

This skill activates when you need to:

  • Audit a codebase for SQL injection vulnerabilities.
  • Secure a web application against SQL injection attacks.
  • Review code changes for potential SQL injection risks.
  • Understand how SQL injection vulnerabilities occur and how to prevent them.

Examples

Example 1: Securing a Web Application

User request: "Scan my web application for SQL injection vulnerabilities."

The skill will:

  1. Activate the sql-injection-detector plugin.
  2. Scan the web application's codebase for potential SQL injection flaws.
  3. Generate a report detailing any identified vulnerabilities, their severity, and remediation recommendations.

Example 2: Reviewing Code Changes

User request: "Check these code changes for potential SQL injection risks."

The skill will:

  1. Activate the sql-injection-detector plugin.
  2. Analyze the provided code changes for potential SQL injection vulnerabilities.
  3. Provide feedback on the security implications of the changes and suggest improvements.

Best Practices

  • Input Validation: Always validate and sanitize user inputs to prevent malicious data from entering the system.
  • Parameterized Queries: Utilize parameterized queries or prepared statements to prevent SQL injection attacks.
  • Least Privilege: Grant database users only the necessary privileges to minimize the impact of a potential SQL injection attack.

Integration

This skill integrates seamlessly with other code analysis and security plugins within the Claude Code ecosystem. It can be used in conjunction with static analysis tools, dynamic testing frameworks, and vulnerability management systems to provide a comprehensive security solution.

More by jeremylongshore

View all
rabbitmq-queue-setup
1,004

Rabbitmq Queue Setup - Auto-activating skill for Backend Development. Triggers on: rabbitmq queue setup, rabbitmq queue setup Part of the Backend Development skill category.

model-evaluation-suite
1,004

evaluating-machine-learning-models: This skill allows Claude to evaluate machine learning models using a comprehensive suite of metrics. It should be used when the user requests model performance analysis, validation, or testing. Claude can use this skill to assess model accuracy, precision, recall, F1-score, and other relevant metrics. Trigger this skill when the user mentions "evaluate model", "model performance", "testing metrics", "validation results", or requests a comprehensive "model evaluation".

neural-network-builder
1,004

building-neural-networks: This skill allows Claude to construct and configure neural network architectures using the neural-network-builder plugin. It should be used when the user requests the creation of a new neural network, modification of an existing one, or assistance with defining the layers, parameters, and training process. The skill is triggered by requests involving terms like "build a neural network," "define network architecture," "configure layers," or specific mentions of neural network types (e.g., "CNN," "RNN," "transformer").

oauth-callback-handler
1,004

Oauth Callback Handler - Auto-activating skill for API Integration. Triggers on: oauth callback handler, oauth callback handler Part of the API Integration skill category.