Agent-Skills.md

Agent Skills: MSSQL Read-Only Query Skill

Execute read-only SQL queries against multiple Microsoft SQL Server databases. Use when: (1) querying MSSQL/SQL Server databases, (2) exploring database schemas/tables, (3) running SELECT queries for data analysis, (4) checking database contents. Supports multiple database connections with descriptions for intelligent auto-selection. Blocks all write operations (INSERT, UPDATE, DELETE, DROP, etc.) for safety.

UncategorizedID: sanjay3290/postgres-skill/mssql

Repository

sanjay3290/postgres-skill
sanjay3290License: Apache-2.0
17815

Install this agent skill to your local

pnpm dlx add-skill https://github.com/sanjay3290/ai-skills/tree/HEAD/skills/mssql

Skill Files

Browse the full folder contents for mssql.

Download Skill

Loading file tree…

skills/mssql/SKILL.md

Skill Metadata

Name
mssql
Description
"Execute read-only SQL queries against multiple Microsoft SQL Server databases. Use when: (1) querying MSSQL/SQL Server databases, (2) exploring database schemas/tables, (3) running SELECT queries for data analysis, (4) checking database contents. Supports multiple database connections with descriptions for intelligent auto-selection. Blocks all write operations (INSERT, UPDATE, DELETE, DROP, etc.) for safety."

MSSQL Read-Only Query Skill

Execute safe, read-only queries against configured Microsoft SQL Server databases.

Requirements

  • Python 3.8+
  • pymssql: pip install -r requirements.txt

Setup

Create connections.json in the skill directory or ~/.config/claude/mssql-connections.json.

Security: Set file permissions to 600 since it contains credentials:

chmod 600 connections.json

{
  "databases": [
    {
      "name": "production",
      "description": "Main app database - users, orders, transactions",
      "host": "db.example.com",
      "port": 1433,
      "database": "app_prod",
      "user": "readonly_user",
      "password": "your-password",
      "encrypt": true,
      "tds_version": "7.3"
    }
  ]
}

Config Fields

| Field | Required | Description | |-------|----------|-------------| | name | Yes | Identifier for the database (case-insensitive) | | description | Yes | What data this database contains (used for auto-selection) | | host | Yes | Database hostname | | port | No | Port number (default: 1433) | | database | Yes | Database name | | user | Yes | Username | | password | Yes | Password | | encrypt | No | Enable TLS encryption (default: false) | | tds_version | No | TDS protocol version: 7.0, 7.1, 7.2, 7.3, 7.4 (default: auto) |

Usage

List configured databases

python3 scripts/query.py --list

Query a database

python3 scripts/query.py --db production --query "SELECT TOP 10 * FROM users"

List tables

python3 scripts/query.py --db production --tables

Show schema

python3 scripts/query.py --db production --schema

Limit results

python3 scripts/query.py --db production --query "SELECT * FROM orders" --limit 100

Note: MSSQL uses TOP N instead of LIMIT. The --limit flag automatically inserts TOP N after SELECT.

Database Selection

Match user intent to database description:

| User asks about | Look for description containing | |-----------------|--------------------------------| | users, accounts | users, accounts, customers | | orders, sales | orders, transactions, sales | | analytics, metrics | analytics, metrics, reports | | logs, events | logs, events, audit |

If unclear, run --list and ask user which database.

Safety Features

  • Read-only enforcement: Query validation blocks write operations (use a db_datareader role user for server-side protection)
  • Query validation: Only SELECT, SHOW, EXPLAIN, WITH, SP_HELP queries allowed
  • Single statement: Multiple statements per query rejected
  • TLS support: Configurable encryption for secure connections
  • Query timeout: 30-second timeout enforced via pymssql
  • Connection timeout: 10-second login timeout
  • Memory protection: Max 10,000 rows per query to prevent OOM
  • Column width cap: 100 char max per column for readable output
  • Credential sanitization: Error messages don't leak passwords

Troubleshooting

| Error | Solution | |-------|----------| | Config not found | Create connections.json in skill directory | | Authentication failed | Check username/password in config | | Connection timeout | Verify host/port, check firewall/VPN | | TDS version error | Try "tds_version": "7.3" or "7.4" | | Encryption error | Set "encrypt": true for Azure SQL | | Permission warning | Run chmod 600 connections.json |

Exit Codes

  • 0: Success
  • 1: Error (config missing, auth failed, invalid query, database error)

Workflow

  1. Run --list to show available databases
  2. Match user intent to database description
  3. Run --tables or --schema to explore structure
  4. Execute query with appropriate --limit (auto-converts to TOP N)