agent-first-psql 0.4.0

Persistent PostgreSQL client for AI agents — SQL-native JSONL in, JSONL out
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224

# Agent-First PSQL — CLI Manual

Practical usage for `afpsql`.

## Interface Policy

`afpsql` has two CLI entry modes with one execution core:

1. agent-first mode (default)
2. `psql mode` (`--mode psql`) as argument translation only

Both modes execute through the same Agent-First Data runtime protocol and produce the same
structured output events.

`afpsql` CLI parsing/output follows shared Agent-First Data helpers from `agent-first-data`
(`cli_parse_output`, `cli_parse_log_filters`, `cli_output`, `build_cli_error`).

Protocol stream contract:

- `stdout` carries all structured protocol events (`result` / `error` / `log` / ...)
- `stderr` is not a protocol channel and should not be parsed by agents

## Run One Query

```bash
afpsql --sql "select now() as now_rfc3339"
```

Default output is structured JSON:

```json
{"code":"result","command_tag":"ROWS 1","columns":[{"name":"now_rfc3339","type":"timestamptz"}],"rows":[{"now_rfc3339":"2026-02-19T12:34:56Z"}],"row_count":1,"trace":{"duration_ms":3}}
```

## Query Sources

SQL string:

```bash
afpsql --sql "select * from users limit 10"
```

SQL file:

```bash
afpsql --sql-file ./query.sql
```

## Safe Parameters

Use placeholders with positional param flags:

```bash
afpsql \
  --sql "select * from users where id = $1 and status = $2" \
  --param 1=123 \
  --param 2=active
```

Rules:

- placeholder count must match parameter count (validated against prepared-statement metadata, not SQL text scanning)
- malformed params return `invalid_params`
- values are type-checked against server-prepared parameter OIDs
- text-template substitution is not supported

Single canonical form: `--param N=VALUE` (repeatable).

## Connection Flags (Agent-First)

URI DSN:

```bash
afpsql --dsn-secret "postgresql://app:secret@127.0.0.1:5432/appdb?sslmode=prefer" --sql "select 1"
```

Conninfo:

```bash
afpsql --conninfo-secret "host=127.0.0.1 port=5432 dbname=appdb user=app sslmode=prefer" --sql "select 1"
```

Discrete fields:

```bash
afpsql \
  --host 127.0.0.1 \
  --port 5432 \
  --user app \
  --dbname appdb \
  --password-secret 'secret' \
  --sql "select 1"
```

Optional environment fallback (agent-first names):

- `AFPSQL_DSN_SECRET`
- `AFPSQL_CONNINFO_SECRET`
- `AFPSQL_HOST`
- `AFPSQL_PORT`
- `AFPSQL_USER`
- `AFPSQL_DBNAME`
- `AFPSQL_PASSWORD_SECRET`

Standard PostgreSQL environment fallback is also supported (lower precedence):

- `PGHOST`
- `PGPORT`
- `PGUSER`
- `PGDATABASE`

## `psql` Mode (Translation Only)

Enable with `--mode psql`.

Purpose:

- parse legacy-style CLI connection/query arguments
- translate to canonical agent-first request/config fields

Still not supported:

- table/text output compatibility
- meta-commands
- text interpolation

Supported translated inputs:

- query: `-c`, `-f`
- connection: `-h`, `-p`, `-U`, `-d`, DSN/conninfo equivalents
- numeric `-v` bindings -> `params` positions

Example:

```bash
afpsql --mode psql -h 127.0.0.1 -p 5432 -U app -d appdb \
  -c "select * from users where id = $1 and status = $2" \
  -v 1=123 -v 2=active
```

Compatibility boundary:

- compatible: accepted CLI flags and positional bind translation
- incompatible by design: output format, `psql` meta-commands, interpolation semantics

## Large Result Sets

For large `select *`, enable streaming:

```bash
afpsql --sql "select * from big_table" --stream-rows --batch-rows 1000
```

Output sequence:

1. `result_start`
2. repeated `result_rows`
3. `result_end`

If streaming is disabled and result exceeds inline limits, `afpsql` returns:

```json
{"code":"error","error_code":"result_too_large","retryable":false,...}
```

## Pipe Mode

Long-lived JSONL session:

```bash
afpsql --mode pipe <<'EOF'
{"code":"query","id":"q1","sql":"select 1 as n"}
{"code":"query","id":"q2","sql":"select * from big_table where id > $1","params":[100],"options":{"stream_rows":true,"batch_rows":1000}}
{"code":"close"}
EOF
```

## Output Formats

```bash
afpsql --sql "select 1 as n" --output json
afpsql --sql "select 1 as n" --output yaml
afpsql --sql "select 1 as n" --output plain
```

## Diagnostic Log Events

Structured diagnostics are optional and disabled by default.

Enable by category:

```bash
afpsql --dsn-secret "$DATABASE_URL" --log startup,query.result --sql "select 1 as n"
```

Enable multiple categories:

```bash
afpsql --mode pipe --log query.result,query.error
```

Category matching:

- exact event (`startup`, `query.result`)
- group prefix (`query` matches `query.result`, `query.error`, `query.sql_error`)
- wildcard (`all` or `*`)

`startup` emits one diagnostic event at process start with AFDATA-style payload:

- `version`
- `argv`
- `config` (resolved runtime config)
- `args` (parsed CLI arguments)
- `env` (read runtime env vars; null when unset)

Secret fields ending with `_secret` / `_SECRET` are redacted by AFDATA output processing.

## Exit Codes

| Code | Meaning |
|---|---|
| `0` | Query completed (`result` or `result_*`) |
| `1` | `sql_error` or runtime `error` |
| `2` | Invalid CLI arguments |