sql-code-review
🎯Skillfrom github/awesome-copilot
|Reviews SQL code across all database platforms for security vulnerabilities, maintainability issues, and quality standards.
Overview
This skill performs comprehensive SQL code reviews across all major database platforms (MySQL, PostgreSQL, SQL Server, Oracle). It focuses on security vulnerability detection including SQL injection prevention, access control review, code quality standards, anti-pattern detection, and maintainability analysis to ensure production-grade SQL code.
Key Features
- SQL Injection Prevention - Identifies dynamic SQL concatenation vulnerabilities and enforces parameterized queries with platform-specific prepared statement patterns
- Access Control & Permissions Review - Evaluates principle of least privilege, role-based access, schema security, and DEFINER vs INVOKER rights for stored procedures
- Query Structure Analysis - Detects inefficient patterns like implicit joins, SELECT *, missing WHERE clauses, and recommends optimized alternatives with proper join syntax
- Anti-Pattern Detection - Catches common SQL anti-patterns including God queries, implicit type conversions, unnecessary DISTINCT usage, and function calls on indexed columns
- Data Protection Audit - Reviews sensitive data exposure, audit logging practices, data masking implementations, and encryption requirements
Who is this for?
Database developers, backend engineers, and security-focused teams who need thorough SQL code reviews before deploying to production. Ideal as a complement to SQL optimization workflows, providing the security and maintainability analysis that completes a full development coverage audit.
Same repository
github/awesome-copilot(314 items)
Installation
npx vibeindex add github/awesome-copilot --skill sql-code-reviewnpx skills add github/awesome-copilot --skill sql-code-review~/.claude/skills/sql-code-review/SKILL.mdSKILL.md
More from this repository10
A community-curated collection of custom agents, prompts, instructions, and skills to enhance GitHub Copilot across different domains, languages, and use cases.
A community-curated collection of custom agents, prompts, instructions, and skills to enhance GitHub Copilot across different domains, languages, and use cases.
Generates comprehensive Product Requirements Documents (PRDs) by systematically analyzing requirements and crafting detailed technical specifications
Expert technical writer guided by the Diataxis framework, creating tutorials, how-to guides, reference docs, and explanation pages for software documentation.
Generates Excalidraw diagrams from natural language descriptions, creating visual representations of processes, systems, relationships, and ideas.
A community-curated collection of custom agents, prompts, instructions, and skills to enhance GitHub Copilot across different domains, languages, and use cases.
Provides Spring Boot best practices covering project setup, dependency injection, REST API design, data access with JPA, security configuration, and testing strategies.
Creates optimized multi-stage Dockerfiles for any language or framework, separating builder and runtime stages to produce smaller, more secure container images.
Creates README.md files for projects.
Merges mature lessons from domain memory files into instruction files, consolidating knowledge with minimal redundancy across global, user, and workspace scopes.