All skills
Skillintermediate
SQL Injection Prevention
Always use prepared statements or query builders that support parameter binding.
Claude Code Knowledge Pack7/10/2026
Overview
SQL Injection Prevention
Parameterized Queries
Always use prepared statements or query builders that support parameter binding.
rows, err := db.Query("SELECT * FROM users WHERE id = ?", userID)
Command Injection
Never construct shell commands from user input. Use exec.Command with separate arguments.