diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000..9f335b5
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,2 @@
+**/.venv
+**/venv
\ No newline at end of file
diff --git a/doris_mcp_server/utils/security.py b/doris_mcp_server/utils/security.py
index abf6a7f..c1c4dc8 100644
--- a/doris_mcp_server/utils/security.py
+++ b/doris_mcp_server/utils/security.py
@@ -537,7 +537,7 @@ class SQLSecurityValidator:
         """Check SQL injection risks"""
         # Check common SQL injection patterns
         injection_patterns = [
-            r"(\s|^)(union|select|insert|update|delete|drop|create|alter)\s+.*\s+(union|select|insert|update|delete|drop|create|alter)",
+            r"(?i)(?<![A-Za-z0-9_])(union|select|insert|update|delete|drop|create|alter)(?![A-Za-z0-9_])\s+[\s\S]*?\s+(?<![A-Za-z0-9_])(union|select|insert|update|delete|drop|create|alter)(?![A-Za-z0-9_])",
             r"(\s|^)(or|and)\s+\d+\s*=\s*\d+",
             r"(\s|^)(or|and)\s+['\"].*['\"]",
             r";\s*(drop|delete|truncate|alter|create)",