sql-code-review
Installation
Summary
Comprehensive SQL security, performance, and quality analysis across MySQL, PostgreSQL, SQL Server, and Oracle databases.
- Analyzes SQL injection vulnerabilities, access control issues, and sensitive data exposure with parameterized query examples for each database platform
- Reviews query performance through index strategy, join optimization, and anti-pattern detection (N+1 queries, function misuse in WHERE clauses, overuse of DISTINCT)
- Evaluates code quality including naming conventions, formatting, schema normalization, and appropriate data type choices
- Provides database-specific guidance for PostgreSQL (JSONB, GIN indexes), MySQL (storage engines), SQL Server (columnstore indexes), and Oracle (sequences)
- Delivers structured output with priority-ranked issues, before/after code examples, and scoring across security, performance, maintainability, and schema quality
SKILL.md
SQL Code Review
Perform a thorough SQL code review of ${selection} (or entire project if no selection) focusing on security, performance, maintainability, and database best practices.
๐ Security Analysis
SQL Injection Prevention
-- โ CRITICAL: SQL Injection vulnerability
query = "SELECT * FROM users WHERE id = " + userInput;
query = f"DELETE FROM orders WHERE user_id = {user_id}";
-- โ
SECURE: Parameterized queries
-- PostgreSQL/MySQL
PREPARE stmt FROM 'SELECT * FROM users WHERE id = ?';
EXECUTE stmt USING @user_id;