name: sql-query-reviewer
description: "AI agent reviews SQL queries for correctness, performance, and security."
author: Hellinferno
version: "0.2.0"
tags:
  - openenv
  - sql
  - code-review
  - security
tasks:
  - id: easy_001
    name: Syntax Keyword Typos
    difficulty: easy
    description: "Detect misspelled SQL keywords (SELCT, FORM, WEHRE) and unnecessary SELECT *."
  - id: easy_002
    name: Missing FROM Clause
    difficulty: easy
    description: "Find missing FROM keyword before table name."
  - id: easy_003
    name: NULL Comparison Logic
    difficulty: easy
    description: "Detect = NULL instead of IS NULL."
  - id: easy_004
    name: Unclosed String Literal
    difficulty: easy
    description: "Find unterminated quote in WHERE clause."
  - id: easy_005
    name: Unknown Column Name
    difficulty: easy
    description: "Detect column name typo (statuz vs status)."
  - id: easy_006
    name: DELETE Without WHERE
    difficulty: easy
    description: "Detect dangerous unconditional DELETE statement."
  - id: easy_007
    name: Column Self-Comparison
    difficulty: easy
    description: "Detect column compared to itself instead of a value."
  - id: medium_001
    name: Wide Table SELECT Star
    difficulty: medium
    description: "Identify schema-aware performance problems like SELECT * on wide JSON tables."
  - id: medium_002
    name: Correlated Subquery
    difficulty: medium
    description: "Find correlated subqueries that could be rewritten as JOINs."
  - id: medium_003
    name: Redundant DISTINCT
    difficulty: medium
    description: "Detect unnecessary DISTINCT on unique columns."
  - id: medium_004
    name: Function on Indexed Column
    difficulty: medium
    description: "Detect DATE() function preventing index usage."
  - id: medium_005
    name: Leading Wildcard Search
    difficulty: medium
    description: "Identify LOWER() and leading wildcard preventing index usage."
  - id: medium_006
    name: DATE Function Index Bypass
    difficulty: medium
    description: "Detect DATE() function on indexed column preventing efficient lookups."
  - id: medium_007
    name: ORDER BY RAND Performance
    difficulty: medium
    description: "Detect expensive random ordering on large tables."
  - id: hard_001
    name: SQL Injection Detection
    difficulty: hard
    description: "Find string interpolation enabling SQL injection vectors."
  - id: hard_002
    name: Privilege Escalation via UNION
    difficulty: hard
    description: "Detect UNION with system tables exposing sensitive data."
  - id: hard_003
    name: PII Data Leakage
    difficulty: hard
    description: "Find unfiltered JOINs exposing personally identifiable information."
  - id: hard_004
    name: Self-Join Optimization
    difficulty: hard
    description: "Detect self-joins replaceable with window functions for 10x improvement."
  - id: hard_005
    name: Transaction Isolation Issues
    difficulty: hard
    description: "Find missing transaction isolation causing partial failure corruption."
  - id: hard_006
    name: Race Condition in Balance Update
    difficulty: hard
    description: "Detect TOCTOU race condition allowing double-spending."