Skip to main content
Custom tools allow you to define reusable, parameterized SQL operations that are automatically registered as MCP tools. They provide type-safe interfaces for common database queries without writing repetitive code. Custom tools are ideal for:
  • Frequently used queries: Define once, use everywhere without rewriting SQL
  • Standardized data access: Ensure consistent query patterns across your team
  • Controlled database access: Expose specific operations without granting broad SQL access
  • AI-friendly interfaces: Give AI models well-defined tools with clear parameters instead of open-ended SQL
  • Complex queries: Encapsulate JOINs, aggregations, or multi-step operations into simple tool calls
  • Parameter validation: Enforce type checking and allowed values before queries execute

Configuration

Custom tools are defined in your dbhub.toml configuration file. See the TOML Configuration documentation for complete configuration reference. Required fields:
  • name - Unique tool identifier
  • description - What the tool does (helps AI models)
  • source - Database source ID to use
  • statement - SQL query with parameter placeholders
  • parameters - Parameter definitions (optional)
See TOML Configuration - Tool Options for detailed field descriptions, parameter types, and validation rules.

Examples

Basic Query

Simple SELECT query with a single parameter:

Search with Limit

Search query with optional limit parameter:

Optional Filter with Enum

Query with optional status filter using enum validation:

Multiple Database Types

The same tool pattern works across different databases, just adjust the parameter placeholder syntax:
See Parameter Placeholders for syntax reference.

Common Patterns

Flexible Filtering

Use COALESCE or NULL checks to make parameters optional:

Date Range Queries

Aggregation Queries

Security & Validation

SQL Injection Protection

Custom tools use parameterized queries, which provide automatic protection against SQL injection attacks. Parameter values are never interpolated directly into SQL strings.
Always use parameter placeholders. Never concatenate user input into SQL statements.

Readonly Mode

The readonly setting on execute_sql only affects that tool. Custom tools are controlled by their SQL statement - DBHub analyzes the statement to determine if it’s read-only.

Max Rows Enforcement

For custom tools with parameterized LIMIT clauses, the connector’s max_rows setting still applies:

Startup Validation

Tools are validated when the server starts:
  • All required fields must be present
  • The specified source must exist
  • Tool names must be unique and cannot conflict with built-in tools (execute_sql, search_objects)
  • Parameter count must match SQL placeholders
  • Parameter types must be valid
If validation fails, the server will not start and will display detailed error messages.

Tool Response Format

Custom tools return the same response format as execute_sql: Success:
Error:

Best Practices

  • Use descriptive names: Tool names should clearly indicate their purpose (e.g., get_active_users_by_department rather than query1)
  • Write detailed descriptions: Help AI models understand when to use the tool by providing clear, complete descriptions
  • Document parameter constraints: Include units, ranges, and format expectations in parameter descriptions
  • Leverage enums: Use allowed_values for parameters with a fixed set of valid options
  • Provide defaults: Make tools easier to use by providing sensible defaults for optional parameters
  • Keep tools focused: Each tool should perform a single, well-defined operation
  • Test parameter combinations: Ensure optional parameters work correctly in all combinations
  • Use multi-line strings: For complex SQL, use TOML’s """ multi-line syntax for readability

See Also