Skills

postgres

Originally fromdedalus-erp-pas/foundation-skills
Installation
SKILL.md

PostgreSQL Read-Only Query Skill

Execute safe, read-only queries against configured PostgreSQL databases.

Prerequisites

  • Python 3.8+
  • psycopg2-binary: pip install -r requirements.txt

Setup

Create connections.json in the skill directory or ~/.config/claude/postgres-connections.json.

Security: Set file permissions to 600 since it contains credentials:

chmod 600 connections.json

{
  "databases": [
    {
      "name": "production",
      "description": "Main app database - users, orders, transactions",
      "host": "db.example.com",
      "port": 5432,
      "database": "app_prod",
      "user": "readonly_user",
      "password": "your-password",
      "sslmode": "require"
    }
  ]
}

Config Fields

Field Required Description
name Yes Identifier for the database (case-insensitive)
description Yes What data this database contains (used for auto-selection)
host Yes Database hostname
port No Port number (default: 5432)
database Yes Database name
user Yes Username
password Yes Password
sslmode No SSL mode: disable, allow, prefer (default), require, verify-ca, verify-full

Usage

List configured databases

python3 scripts/query.py --list

Query a database

python3 scripts/query.py --db production --query "SELECT * FROM users LIMIT 10"

List tables

python3 scripts/query.py --db production --tables

Show schema

python3 scripts/query.py --db production --schema

Limit results

python3 scripts/query.py --db production --query "SELECT * FROM orders" --limit 100

Database Selection

Match user intent to database description:

User asks about Look for description containing
users, accounts users, accounts, customers
orders, sales orders, transactions, sales
analytics, metrics analytics, metrics, reports
logs, events logs, events, audit

If unclear, run --list and ask user which database.

Safety Features

  • Read-only session: Connection uses PostgreSQL readonly=True mode (primary protection)
  • Query validation: Only SELECT, SHOW, EXPLAIN, WITH queries allowed
  • Single statement: Multiple statements per query rejected
  • SSL support: Configurable SSL mode for encrypted connections
  • Query timeout: 30-second statement timeout enforced
  • Memory protection: Max 10,000 rows per query to prevent OOM
  • Column width cap: 100 char max per column for readable output
  • Credential sanitization: Error messages don't leak passwords

Troubleshooting

Error Solution
Config not found Create connections.json in skill directory
Authentication failed Check username/password in config
Connection timeout Verify host/port, check firewall/VPN
SSL error Try "sslmode": "disable" for local databases
Permission warning Run chmod 600 connections.json

Exit Codes

  • 0: Success
  • 1: Error (config missing, auth failed, invalid query, database error)

Workflow

  1. Run --list to show available databases
  2. Match user intent to database description
  3. Run --tables or --schema to explore structure
  4. Execute query with appropriate LIMIT
Related skills

More from dedalus-erp-pas/hexagone-foundation-skills

Installs
20
Repository
dedalus-erp-pas…n-skills
GitHub Stars
3
First Seen
Mar 27, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass