From aj-geddes-useful-ai-prompts-4
Prevents SQL injection attacks using prepared statements, parameterized queries, input validation, and ORM best practices in Node.js, Python, and Java database apps.
npx claudepluginhub joshuarweaver/cascade-code-languages-misc-1 --plugin aj-geddes-useful-ai-prompts-4This skill uses the workspace's default tool permissions.
- [Overview](#overview)
Searches, retrieves, and installs Agent Skills from prompts.chat registry using MCP tools like search_skills and get_skill. Activates for finding skills, browsing catalogs, or extending Claude.
Searches prompts.chat for AI prompt templates by keyword or category, retrieves by ID with variable handling, and improves prompts via AI. Use for discovering or enhancing prompts.
Checks Next.js compilation errors using a running Turbopack dev server after code edits. Fixes actionable issues before reporting complete. Replaces `next build`.
Implement comprehensive SQL injection prevention using prepared statements, parameterized queries, ORM best practices, and input validation.
Minimal working example:
// secure-db.js
const { Pool } = require("pg");
class SecureDatabase {
constructor() {
this.pool = new Pool({
host: process.env.DB_HOST,
database: process.env.DB_NAME,
user: process.env.DB_USER,
password: process.env.DB_PASSWORD,
max: 20,
idleTimeoutMillis: 30000,
connectionTimeoutMillis: 2000,
});
}
/**
* ✅ SECURE: Parameterized query
*/
async getUserById(userId) {
const query = "SELECT * FROM users WHERE id = $1";
const values = [userId];
try {
const result = await this.pool.query(query, values);
// ... (see reference guides for full implementation)
Detailed implementations in the references/ directory:
| Guide | Contents |
|---|---|
| Node.js with PostgreSQL | Node.js with PostgreSQL |
| Python with SQLAlchemy ORM | Python with SQLAlchemy ORM |
| Java JDBC with Prepared Statements | Java JDBC with Prepared Statements |
| Input Validation & Sanitization | Input Validation & Sanitization |