feat(tool): added introspection tools for all db integrations

[waleedlatif1]

Summary

• added introspection tools for all db integrations
• don't need sanitization because we want users to have authority over their own credentials

Type of Change

• New feature

Testing

Tested manually

Checklist

• Code follows project style guidelines
• Self-reviewed my changes
• Tests added/updated and passing
• No new warnings introduced
• I confirm that I have read and agree to the terms outlined in the Contributor License Agreement (CLA)

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Review	Updated (UTC)
docs	Skipped		Jan 12, 2026 9:25pm

[greptile-apps]

Greptile Overview

Greptile Summary

This PR adds introspection capabilities to 8 database integrations (PostgreSQL, MySQL, MongoDB, Neo4j, DynamoDB, RDS, Supabase, Elasticsearch), enabling AI agents to discover database schemas, tables, collections, and relationships. The implementation follows a consistent three-layer architecture: tool configuration files, API route handlers for validation, and utility functions for database-specific introspection logic.

Architecture Pattern:

• Tool configs define parameters and request structure
• API routes validate inputs with Zod schemas
• Utils modules execute introspection queries and handle connections
• All implementations use try-finally blocks for proper connection cleanup

Security Approach:
Most implementations use secure parameterized queries (PostgreSQL, MySQL, RDS, MongoDB use their respective driver's parameter binding). DynamoDB and Elasticsearch use AWS SDK and REST API respectively.

Critical Issue:
The Supabase implementation contains a SQL injection vulnerability. While it uses escapeSqlString() to escape single quotes, it then uses string interpolation to insert the escaped value directly into SQL queries (lines 163, 187, 203, 213). This is still vulnerable to SQL injection because:

1. escapeSqlString() only escapes single quotes by doubling them
2. String interpolation with escaped values doesn't provide the same security as parameterized queries
3. An attacker could potentially bypass the escaping with crafted input

Recommendation:
The Supabase introspection must be refactored to use parameterized queries like the PostgreSQL implementation does, since Supabase is PostgreSQL-based.

Confidence Score: 1/5

• Not safe to merge - contains critical SQL injection vulnerability in Supabase introspection
• The Supabase implementation has a P0 SQL injection vulnerability where user-controlled schema parameters are inserted into SQL queries via string interpolation despite being "escaped". This completely undermines the security model and allows attackers to execute arbitrary SQL commands on user databases. While the other 7 database integrations are implemented securely with parameterized queries, this single critical security flaw makes the PR unsafe to merge.
• apps/sim/tools/supabase/introspect.ts requires immediate security fix before merge

Important Files Changed

File Analysis

Filename	Score	Overview
apps/sim/tools/supabase/introspect.ts	0/5	Critical SQL injection vulnerability in schema filtering: uses string interpolation with escaped values instead of parameterized queries
apps/sim/tools/postgresql/introspect.ts	5/5	Safe implementation: properly defines tool configuration with parameterized request body
apps/sim/tools/mysql/introspect.ts	5/5	Safe implementation: properly defines tool configuration with parameterized request body
apps/sim/tools/mongodb/introspect.ts	5/5	Safe implementation: properly defines tool configuration with parameterized request body
apps/sim/tools/neo4j/introspect.ts	5/5	Safe implementation: properly defines tool configuration with parameterized request body
apps/sim/tools/dynamodb/introspect.ts	5/5	Safe implementation: properly defines tool configuration with AWS SDK-based request body
apps/sim/tools/rds/introspect.ts	5/5	Safe implementation: properly defines tool configuration with parameterized request body
apps/sim/tools/elasticsearch/list_indices.ts	5/5	Safe implementation: uses Elasticsearch REST API with proper authentication handling
apps/sim/app/api/tools/postgresql/utils.ts	5/5	Secure implementation: uses parameterized queries throughout with postgres library's built-in parameter binding
apps/sim/app/api/tools/mysql/utils.ts	5/5	Secure implementation: uses parameterized queries with mysql2 library's execute method
apps/sim/app/api/tools/mongodb/utils.ts	5/5	Secure implementation: validates dangerous operators and uses MongoDB driver's safe methods
apps/sim/app/api/tools/rds/utils.ts	5/5	Secure implementation: uses AWS RDS Data API with parameterized queries for both PostgreSQL and MySQL
apps/sim/app/api/tools/neo4j/introspect/route.ts	5/5	Secure implementation: uses Neo4j system procedures (CALL db.labels(), SHOW CONSTRAINTS) which don't accept user input in query construction
apps/sim/lib/core/security/input-validation.ts	5/5	Added escapeSqlString function that escapes single quotes, but insufficient for preventing SQL injection when used with string interpolation

Sequence Diagram

sequenceDiagram
    participant User
    participant ToolConfig as Tool Config<br/>(introspect.ts)
    participant APIRoute as API Route<br/>(route.ts)
    participant Utils as DB Utils<br/>(utils.ts)
    participant DB as Database

    User->>ToolConfig: Configure introspection tool
    Note over ToolConfig: Define params (host, port,<br/>credentials, schema)
    
    User->>ToolConfig: Execute introspection
    ToolConfig->>APIRoute: POST /api/tools/{db}/introspect
    Note over APIRoute: Validate params with Zod
    
    APIRoute->>Utils: createConnection(config)
    Utils->>DB: Establish connection
    DB-->>Utils: Connection established
    
    APIRoute->>Utils: executeIntrospect(connection, schema)
    
    loop For each table
        Utils->>DB: Query INFORMATION_SCHEMA<br/>(parameterized)
        DB-->>Utils: Table metadata
        Utils->>DB: Query columns, keys, indexes
        DB-->>Utils: Schema details
    end
    
    Utils-->>APIRoute: IntrospectionResult
    
    APIRoute->>Utils: connection.close()
    Utils->>DB: Close connection
    
    APIRoute-->>ToolConfig: JSON response
    ToolConfig-->>User: Schema information

Loading

[greptile-apps]

_{1 file reviewed, 1 comment}

_{Edit Code Review Agent Settings | Greptile}

[waleedlatif1]

@greptile

[greptile-apps]

_{2 files reviewed, 2 comments}

_{Edit Code Review Agent Settings | Greptile}

[waleedlatif1]

@greptile

[greptile-apps]

_{2 files reviewed, 2 comments}

_{Edit Code Review Agent Settings | Greptile}