Skills
skills/smithery.ai/detecting-sql-injection-vulnerabilities

detecting-sql-injection-vulnerabilities

SKILL.md

Detecting SQL Injection Vulnerabilities

Overview

Scan application source code for SQL injection vulnerabilities (CWE-89, OWASP A03:2021) by tracing user input from entry points through data flows into database query construction. Detect string concatenation, format string interpolation, and inadequate parameterization across raw SQL, ORM raw query methods, stored procedure calls, and dynamic query builders.

Prerequisites

  • Application source code accessible in ${CLAUDE_SKILL_DIR}/
  • Database query files, ORM models, and repository/DAO layers available
  • Framework and language identified (Django, Rails, Express, Spring, Laravel, ASP.NET, Go, etc.)
  • Database type known (MySQL, PostgreSQL, SQLite, MSSQL, Oracle) for syntax-specific detection
  • Write permissions for reports in ${CLAUDE_SKILL_DIR}/security-reports/

Instructions

Installs
2
Source
smithery.ai/ski…bilities
First Seen
Mar 29, 2026