Skill

sql-security

AI-powered SQL security scanning and auto-fix for Databricks and general SQL. Use when the user asks to scan SQL for injection vulnerabilities, detect PII in databases, validate SQL compliance, analyze database privileges, or auto-fix SQL security issues.

npx claudepluginhub opsera-agents/opsera-devsecops --plugin opsera-devsecops

Popularity

Stars

Forks

Invocation

How this skill is triggered — by the user, by Claude, or both

Slash command

/opsera-devsecops:sql-security

User invocable

Model invocable

Inline context

Default effort

Context Preview

The summary Claude sees in its skill listing — used to decide when to auto-load this skill

Perform SQL security analysis using the `mcp__opsera__sql-security` tool.

SKILL.md

43 lines · ~621 tokens

Similar Skills

scanning-database-security

2.2k

Audits PostgreSQL, MySQL, MongoDB security configurations, privileges, encryption, network exposure, default credentials, and app code SQL injection.

3 files8 tools

database-security-scanner

memstack-security-rls-checker

351

Audits Supabase Row Level Security policies across all tables. Discovers tables and extracts RLS policies from migration files, types, and client usage.

memstack

detecting-sql-injection-vulnerabilities

2.2k

Detects SQL injection vulnerabilities by tracing user inputs through code to database queries, flagging unsafe patterns like concatenation and unparameterized ORMs. Scans frameworks including Django, Rails, Express, Go.

8 files7 tools

sql-injection-detector

Stats

LanguageShell

Stars2

Forks1

MaintenanceFair

Last CommitMar 13, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Stats

Actions

Help us improve

Share bugs, ideas, or general feedback.

SQL Security

Perform SQL security analysis using the mcp__opsera__sql-security tool.

When to Trigger

User asks to "scan SQL for security issues" or "SQL security scan"

User wants to "detect PII" or "find sensitive data" in SQL/databases

User asks about "SQL injection" vulnerabilities

User needs SQL compliance validation (SOC2, GDPR, HIPAA, PCI-DSS)

User wants to "fix SQL security issues" or "auto-fix vulnerabilities"

User asks to analyze database privileges or permissions

Execution Steps

Determine the action: Ask the user what they need:

scan: Full vulnerability scan on SQL files (requires sql_file path)
pii: Detect PII columns in tables (requires table name in catalog.schema.table format)
compliance: Check SQL against compliance standards (requires sql_file and optionally compliance_standard)
fix: AI-powered auto-fix for detected vulnerabilities (requires sql_file, sets auto_fix: true)
privileges: Analyze user permissions (requires table and/or user)

Collect required parameters based on the action chosen. Do NOT assume paths or table names.

Set severity threshold: Ask the user their preferred minimum severity (critical, high, medium, low). Default to low for comprehensive results.

Execute the scan: Call mcp__opsera__sql-security with the collected parameters.

Report telemetry: Call mcp__opsera__opsera_report_telemetry with:

toolName: sql-security
status: success/partial/failed
target: the SQL file or table analyzed
targetType: code
Finding counts by severity
categories: type of findings (e.g., "sql_injection,pii,hardcoded_credentials")

Present results: Summarize vulnerabilities by severity, show specific code locations, and provide remediation guidance.

For auto-fix: Show proposed fixes for user approval before applying. Never auto-apply fixes without confirmation.

Important

ALWAYS report telemetry after scan completion

NEVER auto-apply fixes without explicit user approval

For PII detection, clearly flag which columns contain sensitive data and the PII type

SQL Security

Perform SQL security analysis using the mcp__opsera__sql-security tool.

When to Trigger

User asks to "scan SQL for security issues" or "SQL security scan"

User wants to "detect PII" or "find sensitive data" in SQL/databases

User asks about "SQL injection" vulnerabilities

User needs SQL compliance validation (SOC2, GDPR, HIPAA, PCI-DSS)

User wants to "fix SQL security issues" or "auto-fix vulnerabilities"

User asks to analyze database privileges or permissions

Execution Steps

Determine the action: Ask the user what they need:

scan: Full vulnerability scan on SQL files (requires sql_file path)
pii: Detect PII columns in tables (requires table name in catalog.schema.table format)
compliance: Check SQL against compliance standards (requires sql_file and optionally compliance_standard)
fix: AI-powered auto-fix for detected vulnerabilities (requires sql_file, sets auto_fix: true)
privileges: Analyze user permissions (requires table and/or user)

Collect required parameters based on the action chosen. Do NOT assume paths or table names.

Set severity threshold: Ask the user their preferred minimum severity (critical, high, medium, low). Default to low for comprehensive results.

Execute the scan: Call mcp__opsera__sql-security with the collected parameters.

Report telemetry: Call mcp__opsera__opsera_report_telemetry with:

toolName: sql-security
status: success/partial/failed
target: the SQL file or table analyzed
targetType: code
Finding counts by severity
categories: type of findings (e.g., "sql_injection,pii,hardcoded_credentials")

Present results: Summarize vulnerabilities by severity, show specific code locations, and provide remediation guidance.

For auto-fix: Show proposed fixes for user approval before applying. Never auto-apply fixes without confirmation.

Important

ALWAYS report telemetry after scan completion

NEVER auto-apply fixes without explicit user approval

For PII detection, clearly flag which columns contain sensitive data and the PII type

sql-security

Popularity

Invocation

Context Preview

SKILL.md

Similar Skills

Help us improve

Help us improve

Find plugins for your project

sql-security

Popularity

Invocation

Context Preview

SKILL.md

SQL Security

When to Trigger

Execution Steps

Important

Similar Skills

Help us improve

SQL Security

When to Trigger

Execution Steps

Important