Skills

second-order-injection-anti-pattern

Installation
SKILL.md

Second-Order Injection Anti-Pattern

Severity: High

Summary

Malicious payloads are stored safely in databases or logs, then executed later when retrieved and used without re-sanitization. Initial storage appears secure (properly parameterized), but subsequent retrieval and unsafe use activates the payload. Injection and execution points are separated in time and code location, making detection difficult.

The Anti-Pattern

The anti-pattern is treating database-retrieved data as safe and using it in queries or commands without re-sanitization or parameterization.

BAD Code Example

# VULNERABLE: Data is stored safely, but later retrieved and used unsafely.
import sqlite3
Installs
7
Repository
igbuend/grimbard
GitHub Stars
5
First Seen
Feb 19, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass
second-order-injection-anti-pattern — igbuend/grimbard