MCPxelMCPxel
Co-Pilot
Updated a month ago

postgres

Ssanjay3290
0.0k
sanjay3290/ai-skills/skills/postgres
76
Agent Score

💡 Summary

A skill that executes read-only SQL queries against configured PostgreSQL databases for data exploration and analysis.

🎯 Target Audience

Data AnalystsProduct ManagersSoftware EngineersDevOps EngineersQA Testers

🤖 AI Roast:It's a database librarian that's so paranoid about writing, it probably refuses to take notes.

Security AnalysisMedium Risk

The skill reads database credentials from a JSON file, creating a local secrets management risk. It connects to external databases over the network, exposing a potential attack surface for credential interception or SQL injection if the query validation is bypassed. Mitigation: Store credentials in a secure secret manager and inject them at runtime, and ensure the query validation logic is robust against edge-case SQL syntax.

name: postgres description: "Execute read-only SQL queries against multiple PostgreSQL databases. Use when: (1) querying PostgreSQL databases, (2) exploring database schemas/tables, (3) running SELECT queries for data analysis, (4) checking database contents. Supports multiple database connections with descriptions for intelligent auto-selection. Blocks all write operations (INSERT, UPDATE, DELETE, DROP, etc.) for safety."

PostgreSQL Read-Only Query Skill

Execute safe, read-only queries against configured PostgreSQL databases.

Requirements

  • Python 3.8+
  • psycopg2-binary: pip install -r requirements.txt

Setup

Create connections.json in the skill directory or ~/.config/claude/postgres-connections.json.

Security: Set file permissions to 600 since it contains credentials:

chmod 600 connections.json
{
  "databases": [
    {
      "name": "production",
      "description": "Main app database - users, orders, transactions",
      "host": "db.example.com",
      "port": 5432,
      "database": "app_prod",
      "user": "readonly_user",
      "password": "your-password",
      "sslmode": "require"
    }
  ]
}

Config Fields

| Field | Required | Description | |-------|----------|-------------| | name | Yes | Identifier for the database (case-insensitive) | | description | Yes | What data this database contains (used for auto-selection) | | host | Yes | Database hostname | | port | No | Port number (default: 5432) | | database | Yes | Database name | | user | Yes | Username | | password | Yes | Password | | sslmode | No | SSL mode: disable, allow, prefer (default), require, verify-ca, verify-full |

Usage

List configured databases

python3 scripts/query.py --list

Query a database

python3 scripts/query.py --db production --query "SELECT * FROM users LIMIT 10"

List tables

python3 scripts/query.py --db production --tables

Show schema

python3 scripts/query.py --db production --schema

Limit results

python3 scripts/query.py --db production --query "SELECT * FROM orders" --limit 100

Database Selection

Match user intent to database description:

| User asks about | Look for description containing | |-----------------|--------------------------------| | users, accounts | users, accounts, customers | | orders, sales | orders, transactions, sales | | analytics, metrics | analytics, metrics, reports | | logs, events | logs, events, audit |

If unclear, run --list and ask user which database.

Safety Features

  • Read-only session: Connection uses PostgreSQL readonly=True mode (primary protection)
  • Query validation: Only SELECT, SHOW, EXPLAIN, WITH queries allowed
  • Single statement: Multiple statements per query rejected
  • SSL support: Configurable SSL mode for encrypted connections
  • Query timeout: 30-second statement timeout enforced
  • Memory protection: Max 10,000 rows per query to prevent OOM
  • Column width cap: 100 char max per column for readable output
  • Credential sanitization: Error messages don't leak passwords

Troubleshooting

| Error | Solution | |-------|----------| | Config not found | Create connections.json in skill directory | | Authentication failed | Check username/password in config | | Connection timeout | Verify host/port, check firewall/VPN | | SSL error | Try "sslmode": "disable" for local databases | | Permission warning | Run chmod 600 connections.json |

Exit Codes

  • 0: Success
  • 1: Error (config missing, auth failed, invalid query, database error)

Workflow

  1. Run --list to show available databases
  2. Match user intent to database description
  3. Run --tables or --schema to explore structure
  4. Execute query with appropriate LIMIT
5-Dim Analysis
Clarity8/10
Novelty4/10
Utility9/10
Completeness9/10
Maintainability8/10
Pros & Cons

Pros

  • Enforces read-only safety with multiple layers of validation.
  • Supports multiple database connections with intelligent selection.
  • Includes practical features like schema exploration and result limiting.
  • Clear documentation for setup and troubleshooting.

Cons

  • Limited novelty as a read-only SQL interface is a common pattern.
  • Configuration relies on a JSON file with credentials, a potential operational burden.
  • Lacks built-in support for query result caching or pagination.
  • No mention of connection pooling for performance.

Related Skills

spark-engineer

A
toolCo-Pilot
86/ 100

“This skill is like a Swiss Army knife for big data—just don't expect it to cut through all the noise.”

View Analysis

whodb

A
toolCo-Pilot
84/ 100

“Powerful, but the setup might scare off the impatient.”

View Analysis

exa-search

A
toolCo-Pilot
84/ 100

“Powerful, but the setup might scare off the impatient.”

View Analysis

Disclaimer: This content is sourced from GitHub open source projects for display and rating purposes only.

Copyright belongs to the original author sanjay3290.