腾讯云CloudBase关系型数据库MCP工具使用指南 - 数据库管理与SQL操作

relational-database-mcp-cloudbase by tencentcloudbase/skills

568 周安装量

41 GitHub Stars

GitHub

安装命令

npx skills add https://github.com/tencentcloudbase/skills --skill relational-database-mcp-cloudbase

云服务数据库开发运维

🇨🇳中文介绍

激活合约

在以下情况下优先使用

当代理需要通过 MCP 工具检查 SQL 数据、执行 SQL 语句、创建或销毁 MySQL、初始化表结构或管理表安全规则时。

编写代码前请阅读，如果

任务包含 querySqlDatabase、manageSqlDatabase、readSecurityRule 或 writeSecurityRule。

同时请阅读

网页应用集成 -> ../relational-database-web/SKILL.md
原始 HTTP 数据库访问 -> ../http-api/SKILL.md

请勿用于

应使用 SDK 而非 MCP 操作的前端或后端应用程序代码。

常见错误 / 注意事项

广告位招租

在这里展示您的产品或服务

触达数万 AI 开发者，精准高效

联系我们

何时使用此技能

当代理需要通过 MCP 工具操作 CloudBase 关系型数据库时使用此技能，例如：

检查或查询 SQL 数据
为环境创建 MySQL
为环境销毁 MySQL
轮询 MySQL 创建状态
修改数据或模式（INSERT/UPDATE/DELETE/DDL）
MySQL 准备就绪后初始化表和索引
读取或更改表安全规则

请勿将此技能用于：

构建通过 SDK 直接与 CloudBase 关系型数据库通信的 Web 或 Node.js 应用程序
认证流程或用户身份管理

如何使用此技能（针对编码代理）

识别 MCP 上下文
- 如果您可以调用 querySqlDatabase、manageSqlDatabase、readSecurityRule、writeSecurityRule 等工具，则您处于 MCP 上下文中。
- 在此上下文中，切勿为 CloudBase 关系型数据库初始化 SDK；请改用 MCP 工具。
为任务选择正确的工具
- 只读 SQL 和创建状态检查 -> querySqlDatabase
- MySQL 创建、MySQL 销毁、写 SQL、DDL、模式初始化 -> manageSqlDatabase
- 检查规则 -> readSecurityRule
- 更改规则 -> writeSecurityRule
始终明确安全性
- 在执行破坏性操作（DELETE、DROP 等）之前，总结您将要运行的操作及其原因。
- 在执行写操作之前，优先使用 querySqlDatabase(action="getInstanceInfo") 或只读 SQL 检查。
- 创建或销毁 MySQL 需要明确确认，因为这两个操作都会对环境产生影响。

可用的 MCP 工具（CloudBase 关系型数据库）

这些工具是通过 MCP 与 CloudBase 关系型数据库交互的受支持方式：

1. `querySqlDatabase`

目的： 查询 SQL 数据和创建状态。
用于：
- 使用 action="runQuery" 运行 SELECT 和其他只读 SQL 查询
- 使用 action="getInstanceInfo" 检查 MySQL 是否已存在
- 使用 action="describeCreateResult" 或 action="describeTaskStatus" 检查异步创建进度

{
  "action": "runQuery",
  "sql": "SELECT id, email FROM users ORDER BY created_at DESC LIMIT 50"
}

2. `manageSqlDatabase`

目的： 管理 SQL 生命周期并执行变更性 SQL。
用于：
- 使用 action="provisionMySQL" 创建 MySQL
- 使用 action="destroyMySQL" 销毁 MySQL
- 使用 action="runStatement" 执行 INSERT、UPDATE、DELETE、CREATE TABLE、ALTER TABLE、DROP TABLE
- 使用 action="initializeSchema" 初始化表和索引

重要提示： 创建新表时，您必须包含 _openid 列以实现按用户访问控制：

_openid VARCHAR(64) DEFAULT '' NOT NULL

注意：当用户登录时，_openid 由服务器根据认证会话自动填充。在正常的插入操作中不要手动填充它。

调用此工具前，请确认：

当前环境已有一个准备就绪的 MySQL 实例，或者您刚刚创建了一个。
目标表和条件是正确的。
在适当的时候，您已经运行了相应的只读查询。

销毁 MySQL 时，请确认：

当前环境确实不再需要该 SQL 实例。
您已获得执行此破坏性操作的明确确认。
您已准备好随后查询 describeTaskStatus 来检查销毁结果。

3. `readSecurityRule`

目的： 读取给定 SQL 表的安全规则。
用于：
- 了解谁可以读取/写入表
- 审核敏感表的权限

4. `writeSecurityRule`

目的： 为给定的 SQL 表设置或更新安全规则。
用于：
- 加强对敏感数据的访问控制
- 开放读取权限同时限制写入权限
- 在需要时应用自定义规则

关键原则：MCP 工具 vs SDK

MCP 工具 用于代理操作和数据库管理：
- 创建 MySQL。
- 销毁 MySQL。
- 轮询生命周期状态。
- 运行即席 SQL。
- 检查和更改安全规则。
- 不依赖于应用程序的认证状态。
SDK 用于应用程序代码：
- 前端 Web 应用 -> Web 关系型数据库技能。
- 后端 Node 应用 -> Node 关系型数据库快速入门。

作为 MCP 代理工作时，对于 CloudBase 关系型数据库始终优先使用这些 MCP 工具，并避免在同一流程中将其与 SDK 初始化混合使用。

2026 年 1 月 22 日

🇺🇸English

Activation Contract

Use this first when

The agent must inspect SQL data, execute SQL statements, provision or destroy MySQL, initialize table structure, or manage table security rules through MCP tools.

Read before writing code if

The task includes querySqlDatabase, manageSqlDatabase, readSecurityRule, or writeSecurityRule.

Then also read

Web application integration -> ../relational-database-web/SKILL.md
Raw HTTP database access -> ../http-api/SKILL.md

Do NOT use for

Frontend or backend application code that should use SDKs instead of MCP operations.

Common mistakes / gotchas

Initializing SDKs in an MCP management flow.
Running write SQL or DDL before checking whether MySQL is provisioned and ready.
Treating document database tasks as MySQL management tasks.
Skipping _openid and security-rule review after creating new SQL tables.
Destroying MySQL without explicit confirmation or without checking whether the environment still needs the instance.

When to use this skill

Use this skill when an agent needs to operate on CloudBase Relational Database via MCP tools , for example:

Inspecting or querying SQL data
Provisioning MySQL for an environment
Destroying MySQL for an environment
Polling MySQL provisioning status
Modifying data or schema (INSERT/UPDATE/DELETE/DDL)
Initializing tables and indexes after MySQL is ready
Reading or changing table security rules

Do NOT use this skill for:

Building Web or Node.js applications that talk to CloudBase Relational Database directly through SDKs
Auth flows or user identity management

How to use this skill (for a coding agent)

Recognize MCP context
- If you can call tools like querySqlDatabase, manageSqlDatabase, readSecurityRule, writeSecurityRule, you are in MCP context.
- In this context, never initialize SDKs for CloudBase Relational Database ; use MCP tools instead.
Pick the right tool for the job
- Read-only SQL and provisioning status checks -> querySqlDatabase
- MySQL provisioning, MySQL destruction, write SQL, DDL, schema initialization -> manageSqlDatabase
- Inspect rules -> readSecurityRule
- Change rules ->

Available MCP tools (CloudBase Relational Database)

These tools are the supported way to interact with CloudBase Relational Database via MCP:

1. `querySqlDatabase`

Purpose: Query SQL data and provisioning state.
Use for:
- Running SELECT and other read-only SQL queries with action="runQuery"
- Checking whether MySQL already exists with action="getInstanceInfo"
- Inspecting asynchronous provisioning progress with action="describeCreateResult" or action="describeTaskStatus"

Example flow:

{
  "action": "runQuery",
  "sql": "SELECT id, email FROM users ORDER BY created_at DESC LIMIT 50"
}

2. `manageSqlDatabase`

Purpose: Manage SQL lifecycle and execute mutating SQL.
Use for:
- Provisioning MySQL with action="provisionMySQL"
- Destroying MySQL with action="destroyMySQL"
- Executing INSERT, UPDATE, DELETE, CREATE TABLE, ALTER TABLE, DROP TABLE with action="runStatement"
- Initializing tables and indexes with action="initializeSchema"

Important: When creating a new table, you must include the _openid column for per-user access control:

_openid VARCHAR(64) DEFAULT '' NOT NULL

Note: when a user is logged in, _openid is automatically populated by the server from the authenticated session. Do not manually fill it in normal inserts.

Before calling this tool, confirm :

The current environment has a ready MySQL instance, or you have just provisioned one.
The target tables and conditions are correct.
You have run a corresponding read-only query when appropriate.

When destroying MySQL, confirm:

The current environment really should lose the SQL instance.
You have explicit confirmation for the destructive action.
You are prepared to query describeTaskStatus afterward to inspect the destroy result.

3. `readSecurityRule`

Purpose: Read security rules for a given SQL table.
Use for:
- Understanding who can read/write a table
- Auditing permissions on sensitive tables

4. `writeSecurityRule`

Purpose: Set or update security rules for a given SQL table.
Use for:
- Hardening access to sensitive data
- Opening up read access while restricting writes
- Applying custom rules when needed

Recommended lifecycle flow

Scenario 1: MySQL is not provisioned yet

Call querySqlDatabase(action="getInstanceInfo").
If no instance exists, call manageSqlDatabase(action="provisionMySQL", confirm=true).
Poll provisioning status with:
- querySqlDatabase(action="describeCreateResult")
- querySqlDatabase(action="describeTaskStatus")
Only continue when the returned lifecycle status is READY.
For MySQL provisioning, prefer describeCreateResult; reserve describeTaskStatus for destroy flows whose task response carries TaskName.

Scenario 2: Safely inspect data in a table

Use querySqlDatabase(action="runQuery") with a limited SELECT.
Include LIMIT and relevant filters.
Review the result set and confirm it matches expectations before any write operation.

Scenario 3: Apply schema initialization after provisioning

Confirm MySQL is ready.
Prepare ordered DDL statements.
Run them through manageSqlDatabase(action="initializeSchema").
After creating tables, verify security rules with readSecurityRule or writeSecurityRule.

Scenario 4: Execute a targeted write or DDL change

Use querySqlDatabase(action="runQuery") to inspect current data or schema if needed.
Run the mutation once with manageSqlDatabase(action="runStatement").
Validate with another read-only query or by checking security rules.

Scenario 5: Destroy MySQL when the environment no longer needs it

Use querySqlDatabase(action="getInstanceInfo") to confirm the current environment still has a SQL instance.
Call manageSqlDatabase(action="destroyMySQL", confirm=true).
Query querySqlDatabase(action="describeTaskStatus") until the destroy task completes or fails.
If the task succeeds, optionally call querySqlDatabase(action="getInstanceInfo") to confirm the instance no longer exists.
If the task fails, treat the returned error as the terminal result and let the caller decide whether to retry.

Key principle: MCP tools vs SDKs

MCP tools are for agent operations and database management :
- Provision MySQL.
- Destroy MySQL.
- Poll lifecycle state.
- Run ad-hoc SQL.
- Inspect and change security rules.
- Do not depend on application auth state.
SDKs are for application code :
- Frontend Web apps -> Web Relational Database skill.
- Backend Node apps -> Node Relational Database quickstart.

When working as an MCP agent, always prefer these MCP tools for CloudBase Relational Database, and avoid mixing them with SDK initialization in the same flow.

Weekly Installs

546

Repository

tencentcloudbase/skills

GitHub Stars

First Seen

Jan 22, 2026

Security Audits

Gen Agent Trust HubPass SocketPass SnykPass

Installed on

opencode481

codex480

gemini-cli471

github-copilot458

kimi-cli451

amp449

Always be explicit about safety

Before destructive operations (DELETE, DROP, etc.), summarize what you are about to run and why.
Prefer querySqlDatabase(action="getInstanceInfo") or a read-only SQL check before writes.
Provisioning or destroying MySQL requires explicit confirmation because both actions have environment-level impact.

腾讯云CloudBase关系型数据库MCP工具使用指南 - 数据库管理与SQL操作

🇨🇳中文介绍

激活合约

在以下情况下优先使用

编写代码前请阅读，如果

同时请阅读

请勿用于

常见错误 / 注意事项

相关 Skills

何时使用此技能

如何使用此技能（针对编码代理）

可用的 MCP 工具（CloudBase 关系型数据库）

1. querySqlDatabase

2. manageSqlDatabase

3. readSecurityRule

4. writeSecurityRule

推荐的生命周期流程

场景 1：MySQL 尚未创建

场景 2：安全地检查表中的数据

场景 3：创建后应用模式初始化

场景 4：执行目标明确的写操作或 DDL 更改

场景 5：当环境不再需要时销毁 MySQL

关键原则：MCP 工具 vs SDK

🇺🇸English

Activation Contract

Use this first when

Read before writing code if

Then also read

Do NOT use for

Common mistakes / gotchas

When to use this skill

How to use this skill (for a coding agent)

Available MCP tools (CloudBase Relational Database)

1. querySqlDatabase

2. manageSqlDatabase

3. readSecurityRule

4. writeSecurityRule

Recommended lifecycle flow

Scenario 1: MySQL is not provisioned yet

Scenario 2: Safely inspect data in a table

Scenario 3: Apply schema initialization after provisioning

Scenario 4: Execute a targeted write or DDL change

Scenario 5: Destroy MySQL when the environment no longer needs it

Key principle: MCP tools vs SDKs

最新 Skills

1. `querySqlDatabase`

2. `manageSqlDatabase`

3. `readSecurityRule`

4. `writeSecurityRule`

1. `querySqlDatabase`

2. `manageSqlDatabase`

3. `readSecurityRule`

4. `writeSecurityRule`