Snyk has two high severity alerts about sanitizing the queries on Trino and Enabled Tags.

It is not critical, but it would be good to add an extra layer of protection. The simple solution is to use the trino.sqlalchemy module's text function. This function can escape any special characters in the query parameters.

As it is an internal function, I've put this as low priority. We have to test it after the change to check if it is running properly.

REF:

• https://app.snyk.io/org/red-hat-insights-cost-management/project/95f69b69-cdb3-469f-b4bf-4c651ea15fda