Skip to main content
Glama
devopam

MCPg - Production-grade PostgreSQL MCP Server

Test RLS for role

test_rls_for_role
Read-only

Test which rows a PostgreSQL role can read under row-level security. Inspect RLS status, policies, and sample data without writes.

Instructions

Test what an RLS-bound role can read from a table. Reports whether RLS is enabled on the table, lists the policies that apply to the given role, counts the rows the role can read, and returns up to sample_size rows so the agent can inspect them. Runs as the target role inside a READ ONLY transaction — no writes can leak. Pure read.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
roleYes
tableYes
schemaYes
databaseNoOptional: target a configured secondary (read-only) database by name; omit for the primary. Call list_databases to see the configured ids.
sample_sizeNo

Output Schema

TableJSON Schema
NameRequiredDescriptionDefault
roleYes
tableYes
sampleYes
schemaYes
columnsYes
rls_enabledYes
rows_visibleYes
active_policiesYes
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Annotations declare readOnlyHint=true, and the description adds substantial context beyond that: it confirms read-only transaction, no writes leak, and details the reporting behavior (RLS enabled, policies, row count, samples). No contradiction with annotations.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is two concise sentences. The first sentence lists the tool's functions, the second emphasizes safety. It is front-loaded with purpose and contains no unnecessary words.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness5/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's complexity (testing RLS with multiple outputs), the description covers all key aspects: what it checks, that it runs as the target role, read-only guarantee, and what it reports. The presence of an output schema covers return values. The description is complete for an agent to understand when and what the tool does.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is only 20% (only 'database' has a description). The description adds meaning for 'sample_size' by stating 'returns up to sample_size rows', but does not elaborate on 'role', 'table', 'schema' beyond their names. It partially compensates for low coverage but not fully.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the verb 'Test' with the resource 'RLS for role' and details what it does: reports RLS enabled, lists policies, counts rows, returns samples. It distinguishes itself from siblings like 'run_select' by specifying it runs as the target role in a read-only transaction.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description explicitly says 'Runs as the target role inside a READ ONLY transaction — no writes can leak. Pure read,' providing clear context for safe usage. It implies when to use (testing RLS without side effects) but does not explicitly state when not to use or name alternatives, though the purpose is well-defined.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/devopam/MCPg'

If you have feedback or need assistance with the MCP directory API, please join our Discord server