mysql
SKILL.md
MySQL Read-Only Query Skill
Execute safe, read-only queries against configured MySQL databases.
Requirements
- Python 3.8+
- mysql-connector-python:
pip install -r requirements.txt
Setup
Create connections.json in the skill directory or ~/.config/claude/mysql-connections.json.
Security: Set file permissions to 600 since it contains credentials:
chmod 600 connections.json
{
"databases": [
{
"name": "production",
"description": "Main app database - users, orders, transactions",
"host": "db.example.com",
"port": 3306,
"database": "app_prod",
"user": "readonly_user",
"password": "your-password",
"ssl_disabled": false
}
]
}
Config Fields
| Field | Required | Description |
|---|---|---|
| name | Yes | Identifier for the database (case-insensitive) |
| description | Yes | What data this database contains (used for auto-selection) |
| host | Yes | Database hostname |
| port | No | Port number (default: 3306) |
| database | Yes | Database name |
| user | Yes | Username |
| password | Yes | Password |
| ssl_disabled | No | Set to true to disable SSL (default: false) |
| ssl_ca | No | Path to CA certificate file |
| ssl_cert | No | Path to client certificate file |
| ssl_key | No | Path to client private key file |
Usage
List configured databases
python3 scripts/query.py --list
Query a database
python3 scripts/query.py --db production --query "SELECT * FROM users LIMIT 10"
List tables
python3 scripts/query.py --db production --tables
Show schema
python3 scripts/query.py --db production --schema
Limit results
python3 scripts/query.py --db production --query "SELECT * FROM orders" --limit 100
Database Selection
Match user intent to database description:
| User asks about | Look for description containing |
|---|---|
| users, accounts | users, accounts, customers |
| orders, sales | orders, transactions, sales |
| analytics, metrics | analytics, metrics, reports |
| logs, events | logs, events, audit |
If unclear, run --list and ask user which database.
Safety Features
- Read-only session: Connection uses MySQL
SET SESSION TRANSACTION READ ONLY(primary protection) - Query validation: Only SELECT, SHOW, DESCRIBE, EXPLAIN, WITH queries allowed
- Single statement: Multiple statements per query rejected
- SSL support: Configurable SSL with CA, client cert, and key support
- Query timeout: 30-second max_execution_time enforced (MySQL 5.7.8+)
- Memory protection: Max 10,000 rows per query to prevent OOM
- Column width cap: 100 char max per column for readable output
- Credential sanitization: Error messages don't leak passwords
Troubleshooting
| Error | Solution |
|---|---|
| Config not found | Create connections.json in skill directory |
| Authentication failed | Check username/password in config |
| Connection timeout | Verify host/port, check firewall/VPN |
| SSL error | Try "ssl_disabled": true for local databases |
| Permission warning | Run chmod 600 connections.json |
| max_execution_time not supported | Upgrade to MySQL 5.7.8+ or MariaDB 10.1.1+ |
Exit Codes
- 0: Success
- 1: Error (config missing, auth failed, invalid query, database error)
Workflow
- Run
--listto show available databases - Match user intent to database description
- Run
--tablesor--schemato explore structure - Execute query with appropriate LIMIT
Weekly Installs
3
Repository
sanjay3290/ai-skillsFirst Seen
1 day ago
Security Audits
Installed on
gemini-cli3
antigravity3
github-copilot3
codex3
trae2
kilo2