Covers the fundamentals of preventing SQL injection with prepared statements, parameterized queries, and input validation across multiple stacks. Includes working examples for Node.js with PostgreSQL, Python with SQLAlchemy, and Java JDBC, plus a dedicated guide on input sanitization. The do's and don'ts are straightforward: always use prepared statements, never concatenate user input into queries, whitelist dynamic values when you absolutely need them. If you're writing database code or reviewing legacy systems for vulnerabilities, this gives you the patterns to lock things down. The reference implementations are practical enough to adapt directly into your codebase.
npx skills add https://github.com/aj-geddes/useful-ai-prompts --skill sql-injection-prevention