Back to Details

postgres

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

PostgreSQL Read-Only Query Skill

PostgreSQL只读查询工具

Execute safe, read-only queries against configured PostgreSQL databases.
对已配置的PostgreSQL数据库执行安全的只读查询。

Requirements

依赖要求

  • Python 3.8+
  • psycopg2-binary: 
    pip install -r requirements.txt
  • Python 3.8+
  • psycopg2-binary:
    pip install -r requirements.txt

Setup

配置步骤

Create 
connections.json
in the skill directory or 
~/.config/claude/postgres-connections.json
.
Security: Set file permissions to 
600
since it contains credentials:
bash
chmod 600 connections.json
json
{
  "databases": [
    {
      "name": "production",
      "description": "Main app database - users, orders, transactions",
      "host": "db.example.com",
      "port": 5432,
      "database": "app_prod",
      "user": "readonly_user",
      "password": "your-password",
      "sslmode": "require"
    }
  ]
}
在工具目录下创建
connections.json
文件,也可以放置在
~/.config/claude/postgres-connections.json
路径。
安全提示:由于该文件包含凭证信息,请将文件权限设置为
600
bash
chmod 600 connections.json
json
{
  "databases": [
    {
      "name": "production",
      "description": "Main app database - users, orders, transactions",
      "host": "db.example.com",
      "port": 5432,
      "database": "app_prod",
      "user": "readonly_user",
      "password": "your-password",
      "sslmode": "require"
    }
  ]
}

Config Fields

配置字段

FieldRequiredDescription
nameYesIdentifier for the database (case-insensitive)
descriptionYesWhat data this database contains (used for auto-selection)
hostYesDatabase hostname
portNoPort number (default: 5432)
databaseYesDatabase name
userYesUsername
passwordYesPassword
sslmodeNoSSL mode: disable, allow, prefer (default), require, verify-ca, verify-full
字段是否必填描述
name数据库的标识符(不区分大小写)
description该数据库包含的数据内容(用于自动选择)
host数据库主机地址
port端口号(默认:5432)
database数据库名称
user用户名
password密码
sslmodeSSL模式:disable、allow、prefer(默认)、require、verify-ca、verify-full

Usage

使用说明

List configured databases

列出已配置的数据库

bash
python3 scripts/query.py --list
bash
python3 scripts/query.py --list

Query a database

查询指定数据库

bash
python3 scripts/query.py --db production --query "SELECT * FROM users LIMIT 10"
bash
python3 scripts/query.py --db production --query "SELECT * FROM users LIMIT 10"

List tables

列出所有数据表

bash
python3 scripts/query.py --db production --tables
bash
python3 scripts/query.py --db production --tables

Show schema

查看表结构

bash
python3 scripts/query.py --db production --schema
bash
python3 scripts/query.py --db production --schema

Limit results

限制返回结果数量

bash
python3 scripts/query.py --db production --query "SELECT * FROM orders" --limit 100
bash
python3 scripts/query.py --db production --query "SELECT * FROM orders" --limit 100

Database Selection

数据库选择规则

Match user intent to database 
description
:
User asks aboutLook for description containing
users, accountsusers, accounts, customers
orders, salesorders, transactions, sales
analytics, metricsanalytics, metrics, reports
logs, eventslogs, events, audit
If unclear, run 
--list
and ask user which database.
将用户意图与数据库的
description
字段匹配:
用户查询内容查找包含以下关键词的描述
用户、账号users、accounts、customers
订单、销售orders、transactions、sales
分析、指标analytics、metrics、reports
日志、事件logs、events、audit
如果无法明确匹配,运行
--list
命令询问用户需要使用哪个数据库。

Safety Features

安全特性

  • Read-only session: Connection uses PostgreSQL 
    readonly=True
    mode (primary protection)
  • Query validation: Only SELECT, SHOW, EXPLAIN, WITH queries allowed
  • Single statement: Multiple statements per query rejected
  • SSL support: Configurable SSL mode for encrypted connections
  • Query timeout: 30-second statement timeout enforced
  • Memory protection: Max 10,000 rows per query to prevent OOM
  • Column width cap: 100 char max per column for readable output
  • Credential sanitization: Error messages don't leak passwords
  • 只读会话:连接使用PostgreSQL 
    readonly=True
    模式(核心防护机制)
  • 查询校验:仅允许SELECT、SHOW、EXPLAIN、WITH类型的查询
  • 单语句限制:拒绝单次请求包含多条语句的查询
  • SSL支持:可配置SSL模式实现加密连接
  • 查询超时:强制设置30秒的语句超时时间
  • 内存防护:单次查询最多返回10000行数据,避免内存溢出
  • 列宽限制:单列最多显示100个字符,保证输出可读性
  • 凭证脱敏:错误信息不会泄露密码内容

Troubleshooting

故障排查

ErrorSolution
Config not foundCreate 
connections.json
in skill directory
Authentication failedCheck username/password in config
Connection timeoutVerify host/port, check firewall/VPN
SSL errorTry 
"sslmode": "disable"
for local databases
Permission warningRun 
chmod 600 connections.json
错误信息解决方案
Config not found在工具目录下创建
connections.json
文件
Authentication failed检查配置中的用户名和密码
Connection timeout验证主机/端口配置,检查防火墙/VPN设置
SSL error本地数据库可尝试设置
"sslmode": "disable"
Permission warning执行
chmod 600 connections.json
命令

Exit Codes

退出码

  • 0: Success
  • 1: Error (config missing, auth failed, invalid query, database error)
  • 0:执行成功
  • 1:发生错误(配置缺失、认证失败、查询无效、数据库错误)

Workflow

工作流程

  1. Run 
    --list
    to show available databases
  2. Match user intent to database description
  3. Run 
    --tables
    or 
    --schema
    to explore structure
  4. Execute query with appropriate LIMIT
  1. 运行
    --list
    命令查看可用数据库
  2. 将用户意图与数据库描述进行匹配
  3. 运行
    --tables
    --schema
    命令探索数据库结构
  4. 执行带有合适LIMIT限制的查询