diff --git a/codeql-sqlite/TaintFlowDebugging.ql b/codeql-sqlite/TaintFlowDebugging.ql
new file mode 100644
index 0000000..37e1ab6
--- /dev/null
+++ b/codeql-sqlite/TaintFlowDebugging.ql
@@ -0,0 +1,67 @@
+/**
+ * @name introduction workshop
+ * @description Sample SQL Injection problem
+ * @id test
+ * @kind path-problem
+ * @problem.severity warning
+ */
+
+import java
+import semmle.code.java.dataflow.FlowSources
+
+class ReadLineSource extends Source {
+  ReadLineSource() { this.getMethod().hasQualifiedName("java.io", "Console", "readLine") }
+}
+
+abstract class Source extends MethodCall { }
+
+class Sink extends MethodCall {
+  Sink() { this.getMethod().hasQualifiedName("java.sql", "Statement", "executeUpdate") }
+}
+
+// from Sink s
+// select s, ""
+// from MethodCall mc
+// where mc.getMethod().getName() = "readLine"
+// select mc, mc.getMethod().getQualifiedName()
+import semmle.code.java.dataflow.TaintTracking
+
+module MyFlowConfiguration implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node source) {
+    //exists(Source s | source.asExpr() = s)
+    source.asExpr() instanceof Source
+  }
+
+  predicate isSink(DataFlow::Node sink) {
+    //sink.asExpr() instanceof Sink
+    exists(Sink sink2 | sink.asExpr() = sink2.getArgument(_))
+    //any()
+  }
+
+  predicate isBarrier(DataFlow::Node node) {
+    exists(MethodCall s |
+      s.getMethod().getName() = "hypotheticalSanitizer" and
+      s.getAnArgument() = node.asExpr()
+    )
+  }
+  //   predicate isAdditionalFlowStep(DataFlow::Node inNode, DataFlow::Node outNode) {
+  //     exists(MethodCall mc |
+  //       outNode.asExpr() = mc and
+  //       mc.getMethod().hasQualifiedName("java.lang", "String", "format") and
+  //       inNode.asExpr() = mc.getAnArgument()
+  //     )
+  //     // exists(MethodCall mc |
+  //     //   mc.getAnArgument() = inNode.asExpr() and
+  //     //   outNode.asExpr() = mc
+  //     // )
+  //   }
+}
+
+//purposely does not find the result
+module MyFlow = DataFlow::Global<MyFlowConfiguration>;
+
+import MyFlow::PathGraph
+
+from MyFlow::PathNode source, MyFlow::PathNode sink
+where MyFlow::flowPath(source, sink)
+select sink, source, sink, "Potential sql injection here "