Home / sql-injection: src/devos/db.py:704
← Prev Next →

sql-injection: src/devos/db.py:704

scanned high scan sweep 2026-04-01 16:52

Next step: Evaluate this item to determine if it's worth fixing.

Location

src/devos/db.py:704 python
Pattern: SQL query with f-string interpolation

Code Context

699
700 def count_all(self, table: str) -> int:
701 with self._lock:
702 conn = self._get_conn()
703 try:
704return conn.execute(f"SELECT COUNT(*) as cnt FROM {table}").fetchone()["cnt"]
705 finally:
706 conn.close()

Evaluation

Click "Evaluate with Claude Code" to have an agent analyze this item.

Actions

Evaluate first to enable approval, or reject directly.

Reject Item