🗃️ Database Tools
0
0
🎯 Mục tiêu bài học
TB5 min
Sau bài học này, bạn sẽ:
✅ Hiểu Database Agent Architecture
✅ Xây dựng Text-to-SQL Tool cho natural language queries
✅ Implement SQL Executor Tool với safety validation
✅ Tạo Data Analysis Tool cho insights tự động
✅ Build Schema Discovery Tool
✅ Tạo Report Generator hoàn chỉnh
Cho phép agents truy vấn databases, phân tích data, và tạo reports tự động.
Task 0
1
1
🔍 Database Agent Architecture
TB5 min
Diagram
Đang vẽ diagram...
Checkpoint
Database Agent pipeline gồm những bước nào? Tại sao cần tách riêng SQL generation và execution?
Task 1
2
2
🛠️ Text-to-SQL Tool
TB5 min
JavaScript
1// Tool: text_to_sql2// Description: "Convert natural language question to SQL query"34// OpenAI prompt for SQL generation:5const sqlPrompt = `6You are a SQL expert. Convert the question to a SQL query.78Database schema:9- customers (id, name, email, created_at, plan)10- orders (id, customer_id, amount, status, created_at)11- products (id, name, price, category)12- order_items (id, order_id, product_id, quantity)1314Question: "${$json.question}"1516Rules:171. Use standard SQL syntax182. Include appropriate JOINs193. Add WHERE clauses for filters204. Use aggregations when needed215. Limit results to 100 rows2223Return only the SQL query, no explanation.`;Checkpoint
Text-to-SQL prompt cần chứa những thông tin gì? Tại sao schema context quan trọng?
Task 2
3
3
🛡️ SQL Executor Tool
TB5 min
JavaScript
1// Tool: execute_sql2// Description: "Execute a SQL query safely and return results"34// PostgreSQL or MySQL node:5// Query: {{ $json.sqlQuery }}67// SAFETY: Add read-only guards8function validateQuery(sql) {9 const dangerous = ['DROP', 'DELETE', 'UPDATE', 'INSERT', 'ALTER', 'TRUNCATE'];10 const upperSQL = sql.toUpperCase();11 12 for (const keyword of dangerous) {13 if (upperSQL.includes(keyword)) {14 return { safe: false, reason: `Query contains ${keyword} - write operations not allowed` };15 }16 }17 return { safe: true };18}1920const validation = validateQuery($json.sqlQuery);21if (!validation.safe) {22 return { json: { error: validation.reason } };23}2425// Execute query via database nodeCheckpoint
Tại sao SQL Executor cần validation? Những keywords nguy hiểm nào cần block?
Task 3
4
4
📊 Data Analysis Tool
TB5 min
JavaScript
1// Tool: analyze_data2// Description: "Analyze query results and provide insights"34const analysisPrompt = `5Analyze this data and provide insights:67Query: ${$json.originalQuestion}8SQL: ${$json.sqlQuery}9Results (${$json.results.length} rows):10${JSON.stringify($json.results.slice(0, 20), null, 2)}1112Provide:131. Direct answer to the question142. Key metrics (totals, averages, etc.)153. Notable patterns or outliers164. Recommendations if appropriate1718Format as a clear, concise report.`;Checkpoint
Data Analysis Tool cần output những gì? Tại sao chỉ gửi 20 rows đầu cho LLM?
Task 4
5
5
⚡ Complete Database Agent
TB5 min
Diagram
Đang vẽ diagram...
JavaScript
1// Agent System Prompt2const agentSystem = `3You are a data analyst assistant with access to our database.45Available tools:61. text_to_sql - Convert question to SQL72. execute_sql - Run SQL query (read-only)83. analyze_data - Analyze query results910Workflow:111. Understand the user's question122. Generate appropriate SQL133. Execute the query144. Analyze and explain results155. Present findings clearly1617Always explain your analysis in Vietnamese.18Include key numbers and insights.19`;Checkpoint
Complete Database Agent kết hợp 3 tools như thế nào? System prompt cần hướng dẫn agent workflow ra sao?
Task 5
6
6
🔧 Schema Discovery & Report Generator
TB5 min
Schema Discovery Tool
JavaScript
1// Tool: get_schema2// Description: "Get database table schema information"34// Query to get schema info:5const schemaQuery = `6SELECT table_name, column_name, data_type 7FROM information_schema.columns 8WHERE table_schema = 'public'9ORDER BY table_name, ordinal_position;10`;1112// Format for agent:13const schema = $json.results.reduce((acc, row) => {14 if (!acc[row.table_name]) acc[row.table_name] = [];15 acc[row.table_name].push(`${row.column_name} (${row.data_type})`);16 return acc;17}, {});1819const formatted = Object.entries(schema)20 .map(([table, cols]) => `${table}: ${cols.join(', ')}`)21 .join('\n');2223return { json: { schema: formatted } };Report Generator
JavaScript
1// Tool: generate_report2// Combine query results into formatted report34const reportPrompt = `5Create a report from this data analysis:67Topic: ${$json.topic}8Data: ${JSON.stringify($json.analysisResults)}910Format as Markdown report:11# Report: [Title]12## Summary13[Key findings]14## Metrics15| Metric | Value |16|--------|-------|17## Details18[Detailed analysis]19## Recommendations20[Action items]21`;Checkpoint
Schema Discovery tool giúp gì cho Agent? Report Generator format output như thế nào?
Task 6
7
7
🛡️ Security Best Practices
TB5 min
Security Best Practices
- Read-only access: Database user chỉ có SELECT permission
- Query validation: Block DROP, DELETE, UPDATE, INSERT
- Row limits: Luôn LIMIT results (max 100-1000 rows)
- Sanitize: Không cho agent truyền raw SQL từ user
- Audit log: Track tất cả queries executed
Checkpoint
Những biện pháp bảo mật nào cần áp dụng cho Database Agent? Tại sao cần audit log?
Task 7
8
8
📚 Bài tập thực hành
TB5 min
Exercises
- Build text-to-SQL tool với schema context
- Create safe SQL executor với validation
- Build data analysis tool cho insights
- Combine thành database agent hoàn chỉnh
Checkpoint
Bạn đã xây dựng được database agent hoàn chỉnh chưa? Agent có thể trả lời câu hỏi data từ natural language không?
Task 8
🚀 Bài tiếp theo
Bài tiếp theo: API Tools →