Sql Query Reviewer

Audit SQL and ORM queries for security vulnerabilities, N+1 performance issues, and indexing anti-patterns.

Install
cmdop skills install agensi-sql-query-reviewer

What it does

The SQL Query Reviewer is a specialized auditing tool designed to inspect data-access code for security vulnerabilities, performance bottlenecks, and logic errors. It scans raw SQL files, migration scripts, and ORM code (Django, SQLAlchemy, Prisma, ActiveRecord, etc.) to ensure your database interactions are safe and efficient.

Why use this skill

Reviewing SQL requires deep domain expertise. This skill automates the detection of critical issues like SQL injection and N+1 query patterns that are often missed in standard code reviews. It provides developer-centric feedback, suggesting specific remediations—such as replacing OFFSET with keyset pagination or identifying missing indexes—saving hours of manual troubleshooting and preventing production outages.

Key Features

  • Security Audit: Detects critical SQL injection patterns in string interpolations and dynamic queries.
  • Performance Profiling: Flags N+1 issues in ORM loops and identifies full table scans in large datasets.
  • Explain Plan Analysis: Guidance on interpreting EXPLAIN ANALYZE output across PostgreSQL, MySQL, and SQL Server.
  • ORM Support: Specialized checks for popular frameworks and query builders.
  • Correctness Checks: Validates NULL handling, transaction atomicity, and deterministic pagination.