sql-code-review
๐ฏSkillfrom github/awesome-copilot
|Reviews SQL code across all database platforms for security vulnerabilities, maintainability issues, and quality standards.
Overview
This skill performs comprehensive SQL code reviews across all major database platforms (MySQL, PostgreSQL, SQL Server, Oracle). It focuses on security vulnerability detection including SQL injection prevention, access control review, code quality standards, anti-pattern detection, and maintainability analysis to ensure production-grade SQL code.
Key Features
- SQL Injection Prevention - Identifies dynamic SQL concatenation vulnerabilities and enforces parameterized queries with platform-specific prepared statement patterns
- Access Control & Permissions Review - Evaluates principle of least privilege, role-based access, schema security, and DEFINER vs INVOKER rights for stored procedures
- Query Structure Analysis - Detects inefficient patterns like implicit joins, SELECT *, missing WHERE clauses, and recommends optimized alternatives with proper join syntax
- Anti-Pattern Detection - Catches common SQL anti-patterns including God queries, implicit type conversions, unnecessary DISTINCT usage, and function calls on indexed columns
- Data Protection Audit - Reviews sensitive data exposure, audit logging practices, data masking implementations, and encryption requirements
Who is this for?
Database developers, backend engineers, and security-focused teams who need thorough SQL code reviews before deploying to production. Ideal as a complement to SQL optimization workflows, providing the security and maintainability analysis that completes a full development coverage audit.
Same repository
github/awesome-copilot(224 items)
Installation
npx vibeindex add github/awesome-copilot --skill sql-code-reviewnpx skills add github/awesome-copilot --skill sql-code-review~/.claude/skills/sql-code-review/SKILL.mdSKILL.md
More from this repository10
A community-curated collection of custom agents, prompts, instructions, and skills to enhance GitHub Copilot across different domains, languages, and use cases.
A community-curated collection of custom agents, prompts, instructions, and skills to enhance GitHub Copilot across different domains, languages, and use cases.
Generates comprehensive Product Requirements Documents (PRDs) by systematically analyzing requirements and crafting detailed technical specifications
A community-curated collection of custom agents, prompts, instructions, and skills to enhance GitHub Copilot across different domains, languages, and use cases.
Generates Excalidraw diagrams from natural language descriptions, creating visual representations of processes, systems, relationships, and ideas.
Expert technical writer guided by the Diataxis framework, creating tutorials, how-to guides, reference docs, and explanation pages for software documentation.
Automates browser interactions, debugging, and performance analysis using Chrome DevTools for comprehensive web page inspection and control.
Provides Spring Boot best practices covering project setup, dependency injection, REST API design, data access with JPA, security configuration, and testing strategies.
A community-curated collection of custom agents, prompts, instructions, and skills to enhance GitHub Copilot across different domains, languages, and use cases.
Manages GitHub Issues through the GitHub API, enabling creation, searching, labeling, and triaging of issues directly from the coding environment.