Guardrails: Evaluate SQL injection via SELECT queries
pramitchoudhary opened this issue · 0 comments
pramitchoudhary commented
Reference: https://github.com/payloadbox/sql-injection-payload-list
Current thinking, we do this as a 2-factor approach,
- Part 1: Based on rules, patterns and known info on the common string, interpolation/injection is possible within a SELECT query. #34
- Part 2: Use LLM to flag malicious patterns.