latestaiagents/injection-prevention
skills/security/owasp-guardian/injection-prevention/SKILL.md
OWASP A01 - Injection Prevention. Use this skill when reviewing code for SQL injection, NoSQL injection, command injection, LDAP injection, or any user input that reaches databases, shells, or interpreters. Activate when: SQL query, database query, user input, command execution, shell command, exec, eval, system call, parameterized query.
$ install --global
skillsauthnpx skillsauth add latestaiagents/agent-skills injection-preventionInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 24, 2026, 2:55 AM8.8s1 file scanned
SKILL.md
- name:
- injection-prevention
- description:
- |
- databases, shells, or interpreters. Activate when:
- SQL query, database query, user input,
Injection Prevention (OWASP A01)
Prevent SQL, NoSQL, Command, and other injection attacks by validating and sanitizing all user input.
When to Use
- Reviewing code that builds SQL/NoSQL queries
- Code that executes shell commands
- Any place user input reaches an interpreter
- Building APIs that accept user data
- Migrating from string concatenation to parameterized queries
Injection Types
| Type | Danger | Common Locations | |------|--------|------------------| | SQL Injection | CRITICAL | Database queries, ORMs with raw queries | | NoSQL Injection | CRITICAL | MongoDB, Redis, Elasticsearch queries | | Command Injection | CRITICAL | Shell exec, system calls, child_process | | LDAP Injection | HIGH | Directory service queries | | XPath Injection | HIGH | XML document queries | | Expression Language | HIGH | Template engines, eval() |
Detection Patterns
SQL Injection Red Flags
// VULNERABLE - String concatenation
const query = "SELECT * FROM users WHERE id = " + userId;
const query = `SELECT * FROM users WHERE name = '${userName}'`;
// VULNERABLE - Format strings
query = "SELECT * FROM users WHERE id = %s" % user_id
// VULNERABLE - String interpolation in ORM
User.where("name = '#{params[:name]}'")
Command Injection Red Flags
// VULNERABLE - Direct user input in commands
exec(`ls ${userInput}`);
system("ping " + ipAddress);
child_process.exec(`convert ${filename} output.png`);
// VULNERABLE - eval with user data
eval(userCode);
new Function(userInput)();
Prevention Techniques
1. Parameterized Queries (SQL)
// SAFE - Node.js with parameterized query
const result = await db.query(
'SELECT * FROM users WHERE id = $1 AND status = $2',
[userId, status]
);
// SAFE - Using ORM properly
const user = await User.findOne({ where: { id: userId } });
// SAFE - Prepared statements
const stmt = db.prepare('SELECT * FROM users WHERE email = ?');
const user = stmt.get(email);
# SAFE - Python with parameterized query
cursor.execute(
"SELECT * FROM users WHERE id = %s AND status = %s",
(user_id, status)
)
# SAFE - SQLAlchemy ORM
user = session.query(User).filter(User.id == user_id).first()
// SAFE - PHP PDO with prepared statements
$stmt = $pdo->prepare('SELECT * FROM users WHERE id = :id');
$stmt->execute(['id' => $userId]);
2. NoSQL Injection Prevention
// VULNERABLE - MongoDB with user object
db.users.find({ username: req.body.username, password: req.body.password });
// Attack: { "username": "admin", "password": { "$ne": "" } }
// SAFE - Validate and sanitize input
const username = String(req.body.username).slice(0, 50);
const password = String(req.body.password);
// SAFE - Use mongoose with schema validation
const userSchema = new Schema({
username: { type: String, required: true, maxlength: 50 },
password: { type: String, required: true }
});
3. Command Injection Prevention
// VULNERABLE
exec(`convert ${filename} output.png`);
// SAFE - Use array arguments (no shell)
execFile('convert', [filename, 'output.png']);
// SAFE - Whitelist allowed values
const ALLOWED_FORMATS = ['png', 'jpg', 'gif'];
if (!ALLOWED_FORMATS.includes(format)) {
throw new Error('Invalid format');
}
// SAFE - Use library instead of shell
const sharp = require('sharp');
await sharp(inputFile).toFile(outputFile);
# VULNERABLE
os.system(f"ping {ip_address}")
# SAFE - Use subprocess with list arguments
import subprocess
subprocess.run(['ping', '-c', '4', ip_address], check=True)
# SAFE - Use library instead of shell
import socket
socket.gethostbyname(hostname)
4. Input Validation
// Validation helper
function validateInput(input, options = {}) {
const { maxLength = 255, pattern, allowedValues } = options;
// Type check
if (typeof input !== 'string') {
throw new ValidationError('Input must be a string');
}
// Length check
if (input.length > maxLength) {
throw new ValidationError(`Input exceeds ${maxLength} characters`);
}
// Pattern check
if (pattern && !pattern.test(input)) {
throw new ValidationError('Input contains invalid characters');
}
// Whitelist check
if (allowedValues && !allowedValues.includes(input)) {
throw new ValidationError('Input value not allowed');
}
return input;
}
// Usage
const userId = validateInput(req.params.id, {
maxLength: 36,
pattern: /^[a-f0-9-]+$/i // UUID pattern
});
Code Review Checklist
Before Approving Code, Verify:
- [ ] No string concatenation in SQL queries
- [ ] All database queries use parameterized statements
- [ ] User input is validated before use
- [ ] Shell commands use array arguments, not string interpolation
- [ ] No eval(), new Function(), or similar with user data
- [ ] Input length limits are enforced
- [ ] Type checking is performed on all inputs
- [ ] Error messages don't expose query structure
Testing for Injection
Manual Test Payloads
# SQL Injection tests
' OR '1'='1
'; DROP TABLE users; --
' UNION SELECT * FROM passwords --
1; SELECT * FROM users
# NoSQL Injection tests
{"$gt": ""}
{"$ne": null}
{"$where": "sleep(5000)"}
# Command Injection tests
; ls -la
| cat /etc/passwd
`whoami`
$(id)
Automated Tools
# SQLMap for SQL injection
sqlmap -u "http://target.com/page?id=1" --dbs
# NoSQLMap for NoSQL injection
nosqlmap -u "http://target.com/api/users"
# Commix for command injection
commix -u "http://target.com/ping?ip=127.0.0.1"
Framework-Specific Guidance
Express.js / Node.js
- Use
express-validatorfor input validation - Use Sequelize/Prisma ORM with proper escaping
- Never use
eval()orchild_process.exec()with user input
Django / Python
- Use Django ORM (automatic parameterization)
- Use
subprocess.run()with list arguments - Enable
SECURE_CONTENT_TYPE_NOSNIFF
Rails / Ruby
- Use ActiveRecord properly (automatic parameterization)
- Avoid
where("column = '#{value}'") - Use
Shellwords.escape()for shell arguments
Laravel / PHP
- Use Eloquent ORM or Query Builder
- Use PDO prepared statements
- Use
escapeshellarg()for shell arguments
Best Practices
- Defense in Depth: Combine input validation + parameterized queries + output encoding
- Least Privilege: Database accounts should have minimum required permissions
- Whitelist Over Blacklist: Define what's allowed, not what's forbidden
- Escape Output: Even with safe queries, escape data when displaying
- Log Suspicious Input: Monitor for injection attempts
- Regular Security Audits: Use automated scanners in CI/CD pipeline
Related Skills
latestaiagents/skill-testing
development
VerifiedTrustedCommunity
Test skills for correct activation, content quality, and regression — both automated checks (frontmatter validity, lint) and manual verification (query-suite activation testing). Covers CI integration and how to catch skill regressions before users do. Use this skill when adding skills to a repo, setting up CI for a skill library, or debugging "the skill exists but doesn't work". Activate when: test skills, validate skills, skill CI, skill linting, skill activation test, skill regression.
2SKILL.mdUpdated Apr 23, 2026
latestaiagents/skill-frontmatter
documentation
VerifiedTrustedCommunity
Write the YAML frontmatter for a SKILL.md file so it activates reliably — name, description, and activation keywords that the model matches against. Covers length, tone, and the most common frontmatter mistakes. Use this skill when authoring a new skill, fixing a skill that isn't auto-activating, or reviewing skills for publication. Activate when: SKILL.md frontmatter, skill description, skill activation, skill YAML, write a skill, author a skill.
2SKILL.mdUpdated Apr 23, 2026
latestaiagents/skill-activation-patterns
development
VerifiedTrustedCommunity
Design skills that fire at the right moment — neither over-eager (noise) nor under-eager (silent). Covers activation specificity, trigger phrases, disambiguation between overlapping skills, and debugging activation. Use this skill when multiple skills could fire on the same query, a skill never fires, or a skill fires too often. Activate when: skill won't activate, skill over-activates, overlapping skills, skill triggers, skill selection, skill disambiguation.
2SKILL.mdUpdated Apr 23, 2026
latestaiagents/progressive-disclosure
development
VerifiedTrustedCommunity
Structure SKILL.md content so the model reads just enough — concise summary up front, progressively deeper detail, examples on demand. Covers section ordering, length budgets, when to split into multiple skills. Use this skill when writing or refactoring a skill body, one skill has grown too long, or a skill is wordy but not useful. Activate when: SKILL.md structure, skill content, skill too long, split skill, progressive disclosure, skill body.
2SKILL.mdUpdated Apr 23, 2026