# Strawberry (Python) Security

Security vulnerabilities and detection rules for strawberry framework. 1 rules across 1 CWE categories.

- Total rules: 1
- CWE categories: 1

## CWEs

- **CWE-89**: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

## Rules

- **GraphQL Injection / Unsafe Query Construction** [HIGH]: Detects unsafe GraphQL query construction with user input, missing query depth
limiting, or disabled introspection in production. These can lead to injection
attacks, DoS via deeply nested queries, or information disclosure.