sql-code-review

Solid

Universal SQL code review assistant that performs comprehensive security, maintainability, and code quality analysis across all SQL databases (MySQL, PostgreSQL, SQL Server, Oracle). Focuses on SQL injection prevention, access control, code standards, and anti-pattern detection. Complements SQL optimization prompt for complete development coverage.

API & Backend 34,887 stars 4287 forks Updated today MIT

Install

View on GitHub

Quality Score: 93/100

Stars 20%

100

Recency 20%

100

Frontmatter 20%

Documentation 15%

100

Issue Health 10%

License 10%

100

Description 5%

100

Skill Content

# SQL Code Review Perform a thorough SQL code review of ${selection} (or entire project if no selection) focusing on security, performance, maintainability, and database best practices. ## 🔒 Security Analysis ### SQL Injection Prevention ```sql -- ❌ CRITICAL: SQL Injection vulnerability query = "SELECT * FROM users WHERE id = " + userInput; query = f"DELETE FROM orders WHERE user_id = {user_id}"; -- ✅ SECURE: Parameterized queries -- PostgreSQL/MySQL PREPARE stmt FROM 'SELECT * FROM users WHERE id = ?'; EXECUTE stmt USING @user_id; -- SQL Server EXEC sp_executesql N'SELECT * FROM users WHERE id = @id', N'@id INT', @id = @user_id; ``` ### Access Control & Permissions - **Principle of Least Privilege**: Grant minimum required permissions - **Role-Based Access**: Use database roles instead of direct user permissions - **Schema Security**: Proper schema ownership and access controls - **Function/Procedure Security**: Review DEFINER vs INVOKER rights ### Data Protection - **Sensitive Data Exposure**: Avoid SELECT * on tables with sensitive columns - **Audit Logging**: Ensure sensitive operations are logged - **Data Masking**: Use views or functions to mask sensitive data - **Encryption**: Verify encrypted storage for sensitive data ## ⚡ Performance Optimization ### Query Structure Analysis ```sql -- ❌ BAD: Inefficient query patterns SELECT DISTINCT u.* FROM users u, orders o, products p WHERE u.id = o.user_id AND o.product_id = p.id AND YEAR(o.order_date) = 2024; -- ✅...

Details

Author: github
Repository: github/awesome-copilot
Created: 1 years ago
Last Updated: today
Language: Python
License: MIT

Integrates with

PostgreSQL · Database MySQL · Database

Similar Skills

Semantically similar based on skill content — not just same category

Code & Development Solid

postgresql-code-review

PostgreSQL-specific code review assistant focusing on PostgreSQL best practices, anti-patterns, and unique quality standards. Covers JSONB operations, array usage, custom types, schema design, function optimization, and PostgreSQL-exclusive security features like Row Level Security (RLS).

34,887 Updated today

github

Code & Development Solid

code-review

Reviews code diffs and files for security vulnerabilities (OWASP Top 10), error handling, complexity, naming conventions, and performance issues. Use when the user asks to review a PR, pull request, diff, merge request, or code changes.

530 Updated 5 days ago

open-gitagent

API & Backend Listed

sql-query-review

Static review of a SQL query — finds anti-patterns, structural problems, and performance issues from the query text alone, then proposes an optimized rewrite with a verification plan. Use when the user says "review this query", "check my SQL", "is this query okay", "clean up this query", or "optimize this" without runtime profile data.

0 Updated today

vermapragya