Stats
Actions
Tags
'%20stop-opacity%3D'0.16'%2F%3E%3Cstop%20offset%3D'1'%20stop-color%3D'rgb(200%2C90%2C60)'%20stop-opacity%3D'0.03'%2F%3E%3C%2FlinearGradient%3E%3C%2Fdefs%3E%3Crect%20width%3D'320'%20height%3D'200'%20fill%3D'url(%23g)'%2F%3E%3Ccircle%20cx%3D'250'%20cy%3D'56'%20r%3D'92'%20fill%3D'rgb(200%2C90%2C60)'%20fill-opacity%3D'0.06'%2F%3E%3Ccircle%20cx%3D'64'%20cy%3D'172'%20r%3D'58'%20fill%3D'rgb(200%2C90%2C60)'%20fill-opacity%3D'0.05'%2F%3E%3C%2Fsvg%3E)
From opsera-devsecops
AI-powered SQL security scanning and auto-fix for Databricks and general SQL. Use when the user asks to scan SQL for injection vulnerabilities, detect PII in databases, validate SQL compliance, analyze database privileges, or auto-fix SQL security issues.
How this skill is triggered — by the user, by Claude, or both
Slash command
/opsera-devsecops:sql-securityThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Perform SQL security analysis using the `mcp__opsera__sql-security` tool.
Perform SQL security analysis using the mcp__opsera__sql-security tool.
sql_file path)table name in catalog.schema.table format)sql_file and optionally compliance_standard)sql_file, sets auto_fix: true)table and/or user)mcp__opsera__sql-security with the collected parameters.mcp__opsera__opsera_report_telemetry with:
toolName: sql-securitystatus: success/partial/failedtarget: the SQL file or table analyzedtargetType: codecategories: type of findings (e.g., "sql_injection,pii,hardcoded_credentials")npx claudepluginhub opsera-agents/opsera-devsecops --plugin opsera-devsecopsAudits PostgreSQL, MySQL, MongoDB security configurations, privileges, encryption, network exposure, default credentials, and app code SQL injection.
Detects SQL injection vulnerabilities by tracing user inputs through code to database queries, flagging unsafe patterns like concatenation and unparameterized ORMs. Scans frameworks including Django, Rails, Express, Go.
Audits Supabase Row Level Security policies across all tables, discovering tables from migrations, types, and client usage, then extracting RLS policies to identify unprotected tables.