diff --git a/apps/bi/services.py b/apps/bi/services.py
index e9fad319..0bba6d35 100644
--- a/apps/bi/services.py
+++ b/apps/bi/services.py
@@ -12,8 +12,11 @@ def check_sql_safe(sql: str):
     """检查sql安全性
     """
     sql_upper = sql.upper()
+    # 将SQL按空格和分号分割成单词
+    words = [word for word in sql_upper.replace(';', ' ').split() if word]
     for kw in forbidden_keywords:
-        if kw in sql_upper:
+        # 检查关键字是否作为独立单词出现
+        if kw in words:
             raise ParseError(f'sql查询有风险-{kw}')
     return sql