CtrlK
BlogDocsLog inGet started
Tessl Logo

sql-injection-detector

Sql Injection Detector - Auto-activating skill for Security Fundamentals. Triggers on: sql injection detector, sql injection detector Part of the Security Fundamentals skill category.

38

0.98x

Quality

7%

Does it follow best practices?

Impact

94%

0.98x

Average score across 3 eval scenarios

SecuritybySnyk

Passed

No known issues

Optimize this skill with Tessl

npx tessl skill review --optimize ./planned-skills/generated/03-security-fundamentals/sql-injection-detector/SKILL.md
SKILL.md
Quality
Evals
Security

Evaluation results

100%

SQL Injection Detection Middleware for Express API

Production-ready SQL injection detection middleware with npm and OWASP patterns

Criteria
Without context
With context

npm package.json present

100%

100%

npm dependencies declared

100%

100%

OWASP SQL injection patterns

100%

100%

OWASP reference in documentation

100%

100%

Input validation coverage

100%

100%

Production-ready structure

100%

100%

HTTP response on detection

100%

100%

Logging of detected attempts

100%

100%

Demo tests benign inputs

100%

100%

Demo tests malicious inputs

100%

100%

Secure coding: no eval or exec on input

100%

100%

Without context: $0.6079 · 2m 45s · 25 turns · 26 in / 9,987 out tokens

With context: $0.5812 · 2m 20s · 29 turns · 418 in / 8,528 out tokens

84%

-1%

SQL Injection Vulnerability Audit Tool

Step-by-step SQL injection vulnerability detection in source code with OWASP coverage

Criteria
Without context
With context

Step-by-step methodology

50%

40%

OWASP reference

0%

0%

String concatenation detection

100%

100%

Correct safe code excluded

100%

100%

Severity levels assigned

100%

100%

Vulnerability categories

100%

100%

Line numbers reported

100%

100%

Both file types scanned

100%

100%

Severity breakdown summary

100%

100%

Authentication vulnerability flagged

100%

100%

Input validation dimension addressed

100%

100%

Without context: $0.7513 · 2m 54s · 29 turns · 28 in / 12,394 out tokens

With context: $1.2792 · 4m 58s · 41 turns · 296 in / 19,597 out tokens

100%

Secure User Authentication Module

Authentication security with input validation and SQL injection prevention

Criteria
Without context
With context

Parameterized queries used

100%

100%

No string interpolation in SQL

100%

100%

Input validation present

100%

100%

Password hashing

100%

100%

SQL injection test payloads

100%

100%

Injection tests pass correctly

100%

100%

OWASP reference

100%

100%

Secure coding techniques documented

100%

100%

Attack categories described

100%

100%

Normal auth tests included

100%

100%

Authentication dimension coverage

100%

100%

Without context: $0.4398 · 1m 47s · 23 turns · 24 in / 6,447 out tokens

With context: $0.5240 · 2m 3s · 27 turns · 27 in / 7,385 out tokens

Repository
jeremylongshore/claude-code-plugins-plus-skills
Commit

994edc4

Evaluated
Agent
Claude Code
Model
Claude Sonnet 4.6

Table of Contents

SQL Injection Detection Middleware for Express APISQL Injection Vulnerability Audit ToolSecure User Authentication Module

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.

Claim skill