Co-Pilot / 辅助式
更新于 a month ago

postgres

Ssanjay3290
0.0k
sanjay3290/ai-skills/skills/postgres
76
Agent 评分

💡 摘要

一个针对已配置的 PostgreSQL 数据库执行只读 SQL 查询,用于数据探索与分析的技能。

🎯 适合人群

数据分析师产品经理软件工程师运维工程师测试工程师

🤖 AI 吐槽:它就像一个数据库图书管理员,对写入操作如此偏执,可能连笔记都不肯做。

安全分析中风险

该技能从 JSON 文件读取数据库凭据,存在本地密钥管理风险。它通过网络连接外部数据库,如果查询验证被绕过,可能暴露凭据拦截或 SQL 注入的攻击面。缓解措施:将凭据存储在安全的密钥管理器中并在运行时注入,确保查询验证逻辑能处理边缘情况的 SQL 语法。


name: postgres description: "Execute read-only SQL queries against multiple PostgreSQL databases. Use when: (1) querying PostgreSQL databases, (2) exploring database schemas/tables, (3) running SELECT queries for data analysis, (4) checking database contents. Supports multiple database connections with descriptions for intelligent auto-selection. Blocks all write operations (INSERT, UPDATE, DELETE, DROP, etc.) for safety."

PostgreSQL Read-Only Query Skill

Execute safe, read-only queries against configured PostgreSQL databases.

Requirements

  • Python 3.8+
  • psycopg2-binary: pip install -r requirements.txt

Setup

Create connections.json in the skill directory or ~/.config/claude/postgres-connections.json.

Security: Set file permissions to 600 since it contains credentials:

chmod 600 connections.json
{ "databases": [ { "name": "production", "description": "Main app database - users, orders, transactions", "host": "db.example.com", "port": 5432, "database": "app_prod", "user": "readonly_user", "password": "your-password", "sslmode": "require" } ] }

Config Fields

| Field | Required | Description | |-------|----------|-------------| | name | Yes | Identifier for the database (case-insensitive) | | description | Yes | What data this database contains (used for auto-selection) | | host | Yes | Database hostname | | port | No | Port number (default: 5432) | | database | Yes | Database name | | user | Yes | Username | | password | Yes | Password | | sslmode | No | SSL mode: disable, allow, prefer (default), require, verify-ca, verify-full |

Usage

List configured databases

python3 scripts/query.py --list

Query a database

python3 scripts/query.py --db production --query "SELECT * FROM users LIMIT 10"

List tables

python3 scripts/query.py --db production --tables

Show schema

python3 scripts/query.py --db production --schema

Limit results

python3 scripts/query.py --db production --query "SELECT * FROM orders" --limit 100

Database Selection

Match user intent to database description:

| User asks about | Look for description containing | |-----------------|--------------------------------| | users, accounts | users, accounts, customers | | orders, sales | orders, transactions, sales | | analytics, metrics | analytics, metrics, reports | | logs, events | logs, events, audit |

If unclear, run --list and ask user which database.

Safety Features

  • Read-only session: Connection uses PostgreSQL readonly=True mode (primary protection)
  • Query validation: Only SELECT, SHOW, EXPLAIN, WITH queries allowed
  • Single statement: Multiple statements per query rejected
  • SSL support: Configurable SSL mode for encrypted connections
  • Query timeout: 30-second statement timeout enforced
  • Memory protection: Max 10,000 rows per query to prevent OOM
  • Column width cap: 100 char max per column for readable output
  • Credential sanitization: Error messages don't leak passwords

Troubleshooting

| Error | Solution | |-------|----------| | Config not found | Create connections.json in skill directory | | Authentication failed | Check username/password in config | | Connection timeout | Verify host/port, check firewall/VPN | | SSL error | Try "sslmode": "disable" for local databases | | Permission warning | Run chmod 600 connections.json |

Exit Codes

  • 0: Success
  • 1: Error (config missing, auth failed, invalid query, database error)

Workflow

  1. Run --list to show available databases
  2. Match user intent to database description
  3. Run --tables or --schema to explore structure
  4. Execute query with appropriate LIMIT
五维分析
清晰度8/10
创新性4/10
实用性9/10
完整性9/10
可维护性8/10
优缺点分析

优点

  • 通过多层验证强制执行只读安全。
  • 支持多数据库连接及智能选择。
  • 包含模式探索、结果限制等实用功能。
  • 设置和故障排除文档清晰。

缺点

  • 作为只读 SQL 接口,新颖性有限。
  • 依赖存储凭据的 JSON 文件进行配置,增加操作负担。
  • 缺乏内置的查询结果缓存或分页支持。
  • 未提及用于性能优化的连接池。

相关技能

spark-engineer

A
toolCo-Pilot / 辅助式
86/ 100

“这个技能就像大数据的瑞士军刀——只要别指望它能切穿所有噪音。”

whodb

A
toolCo-Pilot / 辅助式
84/ 100

“看起来很能打,但别让配置把人劝退。”

exa-search

A
toolCo-Pilot / 辅助式
84/ 100

“看起来很能打,但别让配置把人劝退。”

免责声明:本内容来源于 GitHub 开源项目,仅供展示和评分分析使用。

版权归原作者所有 sanjay3290.