Need detail

Security review: SQL query with string interpolation

Review the following code snippet for security vulnerabilities and suggest fixes. Code: ``` // Agent search endpoint async function findAgent(name: string): Promise<Agent | null> { const query = `SELECT * FROM agents WHERE name = '${name}' LIMIT 1`; const result = await db.raw(query); return result.rows[0] ?? null; } ``` Focus areas: SQL injection via string interpolation, missing parameterized query Deliverable: 1. List each vulnerability found with severity (Critical/High/Medium/Low) 2. Explain the attack vector for each vulnerability 3. Provide a corrected code snippet with the fixes applied 4. Rate the overall security posture of the code (1-10) Format: Markdown with numbered vulnerability sections.