ssh_db_query
Execute SELECT queries on MySQL, PostgreSQL, or MongoDB databases through SSH connections to retrieve data from remote servers.
Instructions
Execute SELECT query on database (read-only, SELECT queries only)
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| server | Yes | Server name | |
| type | Yes | Database type | |
| database | Yes | Database name | |
| query | Yes | SQL query (SELECT only) or MongoDB find query | |
| collection | No | Collection name (MongoDB only) | |
| dbUser | No | Database user | |
| dbPassword | No | Database password | |
| dbHost | No | Database host (default: localhost) | |
| dbPort | No | Database port |
Implementation Reference
- src/tool-registry.js:49-54 (registration)Registration of 'ssh_db_query' tool in the TOOL_GROUPS.database array. This central registry controls which tools are conditionally registered based on user configuration.database: [ 'ssh_db_dump', 'ssh_db_import', 'ssh_db_list', 'ssh_db_query' ],
- src/database-manager.js:353-376 (helper)Helper function buildMySQLQueryCommand constructs the MySQL SELECT query command executed over SSH for the ssh_db_query tool.export function buildMySQLQueryCommand(options) { const { database, query, user, password, host = 'localhost', port = 3306, format = 'json' } = options; // Validate query is SELECT only if (!isSafeQuery(query)) { throw new Error('Only SELECT queries are allowed'); } let command = 'mysql'; if (user) command += ` -u${user}`; if (password) command += ` -p'${password}'`; if (host) command += ` -h ${host}`; if (port) command += ` -P ${port}`; command += ` ${database}`; if (format === 'json') { // Use JSON output if MySQL 5.7.8+ command += ` -e "${query}" --batch --skip-column-names | awk 'BEGIN{print "["} {if(NR>1)print ","; printf "{\\"row\\":%d,\\"data\\":\\"%s\\"}", NR, $0} END{print "]"}'`; } else { command += ` -e "${query}"`; } return command; }
- src/database-manager.js:381-401 (helper)Helper function buildPostgreSQLQueryCommand constructs the PostgreSQL SELECT query command for ssh_db_query tool.export function buildPostgreSQLQueryCommand(options) { const { database, query, user, password, host = 'localhost', port = 5432 } = options; if (!isSafeQuery(query)) { throw new Error('Only SELECT queries are allowed'); } let command = ''; if (password) { command = `PGPASSWORD='${password}' `; } command += 'psql'; if (user) command += ` -U ${user}`; if (host) command += ` -h ${host}`; if (port) command += ` -p ${port}`; command += ` -d ${database}`; command += ` -c "${query}"`; return command; }
- src/database-manager.js:406-418 (helper)Helper function buildMongoDBQueryCommand constructs the MongoDB query command for ssh_db_query tool.export function buildMongoDBQueryCommand(options) { const { database, collection, query, user, password, host = 'localhost', port = 27017 } = options; let command = 'mongo'; if (host) command += ` --host ${host}`; if (port) command += ` --port ${port}`; if (user) command += ` --username ${user}`; if (password) command += ` --password '${password}'`; command += ` ${database}`; command += ` --quiet --eval "db.${collection}.find(${query || '{}'}).forEach(printjson)"`; return command; }
- src/database-manager.js:423-444 (helper)Safety validation helper isSafeQuery ensures only safe SELECT queries are executed by ssh_db_query tool.export function isSafeQuery(query) { const trimmedQuery = query.trim().toLowerCase(); // Must start with SELECT if (!trimmedQuery.startsWith('select')) { return false; } // Block dangerous keywords const dangerousKeywords = [ 'insert', 'update', 'delete', 'drop', 'create', 'alter', 'truncate', 'grant', 'revoke', 'exec', 'execute' ]; for (const keyword of dangerousKeywords) { if (trimmedQuery.includes(keyword)) { return false; } } return true; }