sql-injection-prevention
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides comprehensive security guidance for preventing SQL injection through prepared statements and parameterized queries across multiple platforms.
- [SAFE]: Code examples in
references/nodejs-with-postgresql.mdcorrectly implement thepglibrary's parameter binding to mitigate injection risks. - [SAFE]: Python examples in
references/python-with-sqlalchemy-orm.mddemonstrate safe use of SQLAlchemy's ORM and parameterized text queries. - [SAFE]: Java implementation in
references/java-jdbc-with-prepared-statements.mdutilizesPreparedStatementto ensure user input is treated as data rather than executable code. - [SAFE]: Input validation examples in
references/input-validation-sanitization.mdprovide helper methods for regex validation, type checking, and character sanitization. - [SAFE]: The shell script
scripts/validate-schema.shis a simple placeholder that echoes input and does not perform any dangerous file or command execution. - [SAFE]: No obfuscation, data exfiltration, or unauthorized remote code execution patterns were identified in any of the skill files.
Audit Metadata