Skip to content

feat: add PostgreSQL database analysis tool and agent#204

Merged
brainless merged 5 commits intomainfrom
feature/postgres-tools-agent
Feb 8, 2026
Merged

feat: add PostgreSQL database analysis tool and agent#204
brainless merged 5 commits intomainfrom
feature/postgres-tools-agent

Conversation

@brainless
Copy link
Owner

@brainless brainless commented Feb 8, 2026

Summary

  • add read-only PostgreSQL reader tool/executor with AST validation, reflection, and safety limits
  • add postgres reader agent with schema discovery and LLM tool schema
  • add postgres reader runner binary and dependencies

Testing

  • not run (not requested)

brainless and others added 5 commits February 4, 2026 17:01
@brainless
Fix GLM-4.6 confirm_extraction loop in PdfToTextAgent
4cf1388 
- Change tool_choice from Required to Auto to let model decide when to use tools
- Add loop detection for confirm_extraction calls
- Stop extraction after 3+ confirm_extraction calls to prevent infinite loops
- This resolves issue where GLM-4.6 repeatedly calls confirm_extraction tool
@brainless
Add pdftotext agent runner script
3f6d1bc 
- Convenience script to run PdfToTextAgent with Zai GLM-4.6
- Uses config from ~/Library/Application Support/nocodo/api.toml
- Supports custom prompt and allowed working directories
@brainless
Add Gemini LlmClient implementation and schema sanitization
39f6296
@brainless @claude
refactor: improve code formatting and enhance Gemini logging
1ca60c7 
- Format long lines across agent modules for better readability
- Add smart payload redaction in Gemini client to log tool definitions
  and system prompts only once, reducing log verbosity
- Configure HTTP client with no_proxy option

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
@brainless @claude
feat: add PostgreSQL database analysis tool and agent
a236bc1 
Implement read-only PostgreSQL database query execution capabilities,
mirroring the existing SQLite reader tool and agent. This provides
AI-powered database analysis for PostgreSQL with comprehensive security
and credential isolation.

Key Features:
- Read-only SQL query execution with multi-layer security validation
- Connection pooling with sqlx for efficient PostgreSQL access
- Credential isolation (agent manages connections, LLM never sees credentials)
- Schema auto-discovery using INFORMATION_SCHEMA
- Reflection mode for inspecting database structure without writing SQL
- Query validation using AST parsing with PostgreSQL dialect
- Transaction-level safety with READ ONLY mode
- Statement timeout and result set limits

Implementation:

Tool Layer (nocodo-tools):
- Add PostgresReaderRequest/Response types with Query and Reflect modes
- Implement PostgresExecutor with connection pooling and query validation
- Create formatter for LLM-friendly output
- Build reflection queries using INFORMATION_SCHEMA (schemas, tables,
  columns, indexes, views, foreign keys, constraints, stats)
- Multi-layer security: AST validation, keyword blocking, read-only
  transactions, statement timeouts

Agent Layer (nocodo-agents):
- Implement PostgresReaderAgent with schema discovery at initialization
- Generate dynamic system prompt with discovered table list
- Inject connection string into tool calls (hidden from LLM)
- Add LLM schema definition for postgres_reader tool
- Create standalone runner binary for testing

Security Measures:
- Only SELECT queries allowed (INSERT/UPDATE/DELETE/DROP blocked)
- Connection string never exposed to LLM
- BEGIN READ ONLY transaction wrapper
- Statement timeout (5 seconds)
- Result set limits (max 1000 rows)
- AST-based query validation with dangerous keyword scanning

Dependencies:
- Add sqlx with postgres feature and tokio runtime
- Add url crate for connection string parsing
- Add testcontainers for integration testing
- Feature-gated behind 'postgres' flag

Testing:
- Unit tests for query validation and connection string parsing
- PostgreSQL-specific reflection query tests
- Runner binary for manual testing (postgres-reader-runner)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
@github-actions
Copy link

github-actions bot commented Feb 8, 2026

📊 Code Complexity Analysis

  • Lines added: 6412
  • Lines removed: 12
  • Net change: 6400

💡 Suggestion: This is a large PR with 6412 added lines. Consider:

  • Breaking it into smaller, focused PRs
  • Adding comprehensive tests for the new functionality
  • Updating documentation as needed

Automated analysis by GitHub Actions

@brainless brainless merged commit 49470bb into main Feb 8, 2026
4 checks passed
@brainless brainless deleted the feature/postgres-tools-agent branch February 8, 2026 11:06
@github-actions
Copy link

github-actions bot commented Feb 8, 2026

🤖 Automated Code Review Summary

This automated review was generated to help ensure code quality and security standards.

Rust Code Analysis

  • ⚠️ Code formatting: Some Rust files are not formatted according to rustfmt standards.

    • Run cargo fmt to fix formatting issues.

  • ⚠️ Linting: Clippy found potential issues in Rust code.

    • Run cargo clippy --workspace --all-targets -- --deny warnings to see detailed warnings.

Security Analysis

  • ⚠️ Potential secrets: Found references to passwords, secrets, or tokens.

    • Please verify no hardcoded credentials are present.

  • ℹ️ Debug output: Found debug print statements.

    • Consider removing or replacing with proper logging.

Recommendations

  • Run the full CI pipeline to ensure all tests pass
  • Consider adding tests for any new functionality
  • Update documentation if API changes are involved
  • Follow the development workflow described in CLAUDE.md

This review was automatically generated. Please address any issues before merging.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@brainless