sqlite-sql

About

A sqlite-sql tool executes SQL statements against a SQLite database. It’s compatible with any of the following sources:

• sqlite

SQLite uses the ? placeholder for parameters in SQL statements. Parameters are bound in the order they are provided.

The statement field supports any valid SQLite SQL statement, including SELECT, INSERT, UPDATE, DELETE, CREATE/ALTER/DROP table statements, and other DDL statements.

Example

Note: This tool uses parameterized queries to prevent SQL injections. Query parameters can be used as substitutes for arbitrary expressions. Parameters cannot be used as substitutes for identifiers, column names, table names, or other parts of the query.

tools:  search-users:  kind: sqlite-sql  source: my-sqlite-db  description: Search users by name and age  parameters:  - name: name  type: string  description: The name to search for  - name: min_age  type: integer  description: Minimum age  statement: SELECT * FROM users WHERE name LIKE ? AND age >= ? 

Example with Template Parameters

Note: This tool allows direct modifications to the SQL statement, including identifiers, column names, and table names. This makes it more vulnerable to SQL injections. Using basic parameters only (see above) is recommended for performance and safety reasons. For more details, please check templateParameters.

tools:  list_table:  kind: sqlite-sql  source: my-sqlite-db  statement: |  SELECT * FROM {{.tableName}};  description: |  Use this tool to list all information from a specific table.  Example:  {{  "tableName": "flights",  }}  templateParameters:  - name: tableName  type: string  description: Table to select from 

Reference