Our review
Executes SQL queries against a Supabase PostgreSQL database, with automatic query generation from natural language descriptions and built-in safety measures.
Strengths
- Accepts raw SQL or constructs queries from user descriptions
- Formats results in a readable way
- Includes safety guards: confirmation for UPDATE/DELETE and default LIMIT 100
- Lists available tables and can describe their structure
Limitations
- Requires a pre-defined DATABASE_URL environment variable
- Limited to the specific tables of the icl-sail project (competition, team, race, etc.)
- Not a full SQL client for complex transactions
When you need to query or manipulate the icl-sail Supabase database tables via SQL.
For interacting with other databases or for operations requiring advanced ACID transactions.
Security analysis
CautionThe skill uses Bash to run psql with credentials from .env and executes arbitrary SQL from user input. While it includes safety guidelines like confirming destructive operations, the potential for data leakage or credential exposure warrants caution.
- •Arbitrary SQL execution via user-provided arguments could lead to data leakage or destruction if mishandled.
- •Sourcing .env in Bash could expose database credentials to the environment.
- •No input sanitization; user could inject shell commands if argument hint is not properly escaped.
Examples
Show all rows from the competition table.How many teams are there in the team table?Delete all feedback entries older than January 1, 2024.name: db description: Query and manipulate the Supabase PostgreSQL database. Use for SELECT, INSERT, UPDATE, DELETE operations. argument-hint: [SQL query or description] allowed-tools: Bash, Read
Database Skill
Execute SQL queries against the icl-sail Supabase database.
Connection
The database connection URL is stored in .env as DATABASE_URL. Load it before running queries:
source .env && psql "$DATABASE_URL" -c "YOUR_QUERY"
Available Tables
competition- Competition configurations (id, name, host, announcements, flags)team- Team information (~51 rows)race- Race results (~309 rows)admin- Admin users (~21 rows)flight- Flight information (~9 rows)halfflight- Half flight data (~13 rows)feedback- User feedback (~1 row)
Instructions
When the user provides $ARGUMENTS:
- If it's a raw SQL query, execute it directly
- If it's a description of what they want, construct the appropriate SQL
- For destructive operations (UPDATE, DELETE, DROP), confirm with the user first
- Always show the results in a readable format
Examples
List all tables:
source .env && psql "$DATABASE_URL" -c "\dt public.*"
Query with nice formatting:
source .env && psql "$DATABASE_URL" -c "SELECT * FROM competition;"
Describe a table:
source .env && psql "$DATABASE_URL" -c "\d+ public.competition"
Safety
- Never DROP tables without explicit user confirmation
- Always LIMIT large result sets (default to LIMIT 100)
- For UPDATE/DELETE, show a SELECT first to preview affected rows
Prompt Engineering
Data & AI
Prompt engineering best practices and templates to maximize AI outputs.
Data Visualization
Data & AI
Generates data visualizations and charts tailored to your data.
RAG Architecture Setup
Data & AI
Setup guide for RAG (Retrieval-Augmented Generation) architectures.