database-query
Query database safely with parameterized statements
Evaluation results
100%
Customer Search API
Parameterized query usage
Parameterized search query
100%
100%
No f-string SQL in search
100%
100%
Parameterized ID lookup
100%
100%
No f-string SQL in ID lookup
100%
100%
Notes mention input handling
100%
100%
Without context: $0.1551 · 44s · 12 turns · 15 in / 2,372 out tokens
With context: $0.5998 · 2m 4s · 33 turns · 454 in / 7,593 out tokens
100%
Inventory Filter Script
Safe query with dynamic filters
Parameterized category filter
100%
100%
Parameterized quantity filter
100%
100%
No string formatting in SQL
100%
100%
Notes mention query construction
100%
100%
Both parameters passed together
100%
100%
Without context: $0.2577 · 1m 1s · 19 turns · 20 in / 3,054 out tokens
With context: $0.4060 · 1m 23s · 26 turns · 269 in / 4,666 out tokens
100%
User Account Service Refactor
Avoid SQL injection in refactored code
Parameterized username lookup
100%
100%
No string concat in username query
100%
100%
Parameterized account type query
100%
100%
No f-string in account type query
100%
100%
Security review identifies injection
100%
100%
Security review mentions parameterized
100%
100%
Without context: $0.1567 · 42s · 12 turns · 13 in / 2,340 out tokens
With context: $0.2454 · 1m 5s · 17 turns · 15 in / 2,932 out tokens
- Repository
- cisco-ai-defense/skill-scanner
- Commit
c0a625f
- Evaluated
- Agent
- Claude Code
- Model
- Claude Sonnet 4.6
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.