Back to Details

postgres

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

PostgreSQL Read-Only Query Skill

PostgreSQL 只读查询Skill

Execute safe, read-only queries against configured PostgreSQL databases.
针对已配置的PostgreSQL数据库执行安全的只读查询。

Requirements

环境要求

  • Python 3.8+
  • psycopg2-binary: 
    pip install -r requirements.txt
  • Python 3.8+
  • psycopg2-binary:
    pip install -r requirements.txt

Setup

配置步骤

Create 
connections.json
in the skill directory or 
~/.config/claude/postgres-connections.json
.
Security: Set file permissions to 
600
since it contains credentials:
bash
chmod 600 connections.json
json
{
  "databases": [
    {
      "name": "production",
      "description": "Main app database - users, orders, transactions",
      "host": "db.example.com",
      "port": 5432,
      "database": "app_prod",
      "user": "readonly_user",
      "password": "your-password",
      "sslmode": "require"
    }
  ]
}
在Skill目录或
~/.config/claude/postgres-connections.json
路径下创建
connections.json
文件。
安全提示:由于文件包含凭证,请将文件权限设置为
600
bash
chmod 600 connections.json
json
{
  "databases": [
    {
      "name": "production",
      "description": "Main app database - users, orders, transactions",
      "host": "db.example.com",
      "port": 5432,
      "database": "app_prod",
      "user": "readonly_user",
      "password": "your-password",
      "sslmode": "require"
    }
  ]
}

Config Fields

配置字段说明

FieldRequiredDescription
nameYesIdentifier for the database (case-insensitive)
descriptionYesWhat data this database contains (used for auto-selection)
hostYesDatabase hostname
portNoPort number (default: 5432)
databaseYesDatabase name
userYesUsername
passwordYesPassword
sslmodeNoSSL mode: disable, allow, prefer (default), require, verify-ca, verify-full
字段是否必填说明
name数据库标识符(大小写不敏感)
description该数据库包含的数据内容(用于自动选择)
host数据库主机名
port端口号(默认:5432)
database数据库名称
user用户名
password密码
sslmodeSSL模式:disable、allow、prefer(默认)、require、verify-ca、verify-full

Usage

使用方法

List configured databases

查看已配置的数据库

bash
python3 scripts/query.py --list
bash
python3 scripts/query.py --list

Query a database

查询数据库

bash
python3 scripts/query.py --db production --query "SELECT * FROM users LIMIT 10"
bash
python3 scripts/query.py --db production --query "SELECT * FROM users LIMIT 10"

List tables

查看表列表

bash
python3 scripts/query.py --db production --tables
bash
python3 scripts/query.py --db production --tables

Show schema

查看架构信息

bash
python3 scripts/query.py --db production --schema
bash
python3 scripts/query.py --db production --schema

Limit results

限制查询结果行数

bash
python3 scripts/query.py --db production --query "SELECT * FROM orders" --limit 100
bash
python3 scripts/query.py --db production --query "SELECT * FROM orders" --limit 100

Database Selection

数据库自动选择规则

Match user intent to database 
description
:
User asks aboutLook for description containing
users, accountsusers, accounts, customers
orders, salesorders, transactions, sales
analytics, metricsanalytics, metrics, reports
logs, eventslogs, events, audit
If unclear, run 
--list
and ask user which database.
根据用户需求匹配数据库的
description
字段:
用户查询内容匹配包含关键词的描述
用户、账户users、accounts、customers
订单、销售orders、transactions、sales
分析、指标analytics、metrics、reports
日志、事件logs、events、audit
如果无法明确匹配,请执行
--list
命令并询问用户选择哪个数据库。

Safety Features

安全特性

  • Read-only session: Connection uses PostgreSQL 
    readonly=True
    mode (primary protection)
  • Query validation: Only SELECT, SHOW, EXPLAIN, WITH queries allowed
  • Single statement: Multiple statements per query rejected
  • SSL support: Configurable SSL mode for encrypted connections
  • Query timeout: 30-second statement timeout enforced
  • Memory protection: Max 10,000 rows per query to prevent OOM
  • Column width cap: 100 char max per column for readable output
  • Credential sanitization: Error messages don't leak passwords
  • 只读会话:连接使用PostgreSQL的
    readonly=True
    模式(核心保护措施)
  • 查询验证:仅允许SELECT、SHOW、EXPLAIN、WITH类型的查询
  • 单语句限制:拒绝包含多语句的查询
  • SSL支持:可配置SSL模式实现加密连接
  • 查询超时:强制设置30秒语句超时
  • 内存保护:每个查询最多返回10000行结果,防止内存溢出
  • 列宽限制:每列最多显示100个字符,保证输出可读性
  • 凭证脱敏:错误信息不会泄露密码

Troubleshooting

故障排查

ErrorSolution
Config not foundCreate 
connections.json
in skill directory
Authentication failedCheck username/password in config
Connection timeoutVerify host/port, check firewall/VPN
SSL errorTry 
"sslmode": "disable"
for local databases
Permission warningRun 
chmod 600 connections.json
错误解决方案
未找到配置文件在Skill目录下创建
connections.json
认证失败检查配置中的用户名/密码
连接超时验证主机/端口,检查防火墙/VPN设置
SSL错误对于本地数据库,尝试设置
"sslmode": "disable"
权限警告执行
chmod 600 connections.json

Exit Codes

退出码说明

  • 0: Success
  • 1: Error (config missing, auth failed, invalid query, database error)
  • 0:执行成功
  • 1:执行错误(配置缺失、认证失败、查询无效、数据库错误)

Workflow

操作流程

  1. Run 
    --list
    to show available databases
  2. Match user intent to database description
  3. Run 
    --tables
    or 
    --schema
    to explore structure
  4. Execute query with appropriate LIMIT
  1. 执行
    --list
    查看可用数据库
  2. 根据用户需求匹配数据库描述
  3. 执行
    --tables
    --schema
    探索数据库结构
  4. 使用合适的LIMIT参数执行查询