detecting-sql-injection-vulnerabilities

📁 jeremylongshore/claude-code-plugins-plus-skills 📅 8 days ago

总安装量

周安装量

#45044

全站排名

安装命令

npx skills add https://github.com/jeremylongshore/claude-code-plugins-plus-skills --skill detecting-sql-injection-vulnerabilities

Agent 安装分布

replit 1

amp 1

opencode 1

kimi-cli 1

codex 1

github-copilot 1

Skill 文档

Detecting Sql Injection Vulnerabilities

Overview

This skill provides automated assistance for the described functionality.

Prerequisites

Before using this skill, ensure:

Application source code accessible in {baseDir}/
Database query files and ORM configurations available
Framework information (Django, Rails, Express, Spring, etc.)
Write permissions for security reports in {baseDir}/security-reports/

Instructions

Identify input surfaces and data flows into database queries.
Review query construction and parameterization patterns.
Flag injection vectors and document impact.
Recommend fixes (parameterized queries, ORM patterns, validation) and tests.

See {baseDir}/references/implementation.md for detailed implementation guide.

Output

The skill produces:

Primary Output: SQL injection vulnerability report saved to {baseDir}/security-reports/sqli-scan-YYYYMMDD.md

Report Structure:

# SQL Injection Vulnerability Report
Scan Date: 2024-01-15
Application: E-commerce Platform
Framework: Django 4.2

## Error Handling

See `{baseDir}/references/errors.md` for comprehensive error handling.

## Examples

See `{baseDir}/references/examples.md` for detailed examples.

## Resources

- SQL Injection Prevention Cheat Sheet: https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html
- OWASP Top 10 - Injection: https://owasp.org/www-project-top-ten/
- CWE-89: SQL Injection: https://cwe.mitre.org/data/definitions/89.html
- CAPEC-66: SQL Injection: https://capec.mitre.org/data/definitions/66.html
- Django Security: https://docs.djangoproject.com/en/stable/topics/security/

GitHub 仓库 ↗ ← 返回陌讯 Skills 聚合平台