{
  "id": "review-ai-generated-sql",
  "type": "checklists",
  "category": "checklists",
  "locale": "es",
  "url": "/es/checklists/review-ai-generated-sql",
  "title": "Lista de verificación para revisar consultas SQL generadas por IA",
  "description": "Una lista de verificación humana para SQL escrita por agentes de codificación de IA: corrección, inyección, rendimiento y migraciones.",
  "tools": [
    "Cursor",
    "Claude Code",
    "Codex"
  ],
  "stack": [
    "PostgreSQL",
    "TypeScript"
  ],
  "tags": [
    "sql",
    "review",
    "security",
    "postgres"
  ],
  "difficulty": null,
  "updated": "2026-06-08",
  "markdown": "La IA escribe SQL rápido, pero no siempre de forma segura. Ejecuta cada consulta generada por IA a través de esto antes de fusionar.\n\n## Corrección\n\n```txt\n[ ] Joins use the right keys (no accidental cross joins)\n[ ] NULL handling is intentional (COALESCE / IS NULL, not = NULL)\n[ ] Aggregates have correct GROUP BY columns\n[ ] Pagination is stable (ORDER BY a unique column)\n```\n\n## Seguridad\n\n```txt\n[ ] No string-concatenated SQL — parameterised queries only\n[ ] User input never reaches identifiers (table/column names)\n[ ] Row-level access is enforced (tenant_id / user_id filter present)\n```\n\n## Rendimiento\n\n```txt\n[ ] Queries hit an index (check EXPLAIN for Seq Scan on large tables)\n[ ] No SELECT * in hot paths\n[ ] N+1 patterns batched or joined\n```\n\n## Migraciones\n\n```txt\n[ ] Migration is reversible (or explicitly one-way and documented)\n[ ] No blocking locks on large tables during deploy\n[ ] Defaults/backfills won't rewrite the whole table synchronously\n```\n\n## Prompt de corrección\n\n```txt title=\"Fix Prompt\"\nReview this SQL against the checklist above. Parameterise any concatenated\ninput, add the missing tenant filter, and confirm the query uses an index\nwith EXPLAIN. Return the corrected query only.\n```"
}