[Aikido] AI Fix for Potential SQL injection via string-based query concatenation

[aikido-autofix]

This patch mitigates SQL injection vulnerabilities by using parameterized queries with the mysql package's built-in parameter binding.

Aikido used AI to generate this PR.

Low confidence: Aikido has tested similar fixes, which indicate the correct approach but may be incomplete. Further validation is necessary.