My application makes use of sqlite. The application has plugins, implemented by third-parties using an embedded language. The host application should have full read-write access to the database, and it also allows plugins to make queries from the database through dedicated API. All of that happens in a single thread. For security reasons, I would like to restrict plugins' queries to `SELECT` statements, so that plugins cannot modify the database even inadvertently. The simplest approach would be to examine the query from a plugin and reject it if it contains keywords like `DELETE`, `UPDATE`, ... (at least not within quotes). That's cearly dumb. Another approach would be to use [EXPLAIN](https://www.sqlite.org/lang_explain.html) on that query, and reject it if it has `OpenWrite`/`Clear` anywhere in the opcodes But as the linked page explains, applications should not use `EXPLAIN` as the format of the output might be subject to change in future versions. Does this imply I cannot even count on the presence of `OpenWrite`/`Clear` opcode? Or is there a better way to filter out read-only queries without using `EXPLAIN` (and without opening the database in a separate thread)?