Labsco
prisma logo

prisma-client-api-raw-queries

✓ Official8

by prisma · part of prisma/cursor-plugin

Raw Queries. Reference when using this Prisma feature.

🔥🔥🔥✓ VerifiedFreeQuick setup
🧩 One of 7 skills in the prisma/cursor-plugin package — works on its own, and pairs well with its siblings.

Raw Queries. Reference when using this Prisma feature.

Inspect the full instructions your agent will receiveExpand

This is the exact playbook injected into your agent when the skill activates — shown here so you can audit it before installing. You don't need to read it to use the skill.

by prisma

Raw Queries. Reference when using this Prisma feature. npx skills add https://github.com/prisma/cursor-plugin --skill prisma-client-api-raw-queries Download ZIPGitHub8

Raw Queries

Execute raw SQL when Prisma's query API isn't sufficient.

$queryRaw

Execute SELECT queries and get typed results:

Copy & paste — that's it
const users = await prisma.$queryRaw`
 SELECT * FROM "User" WHERE email LIKE ${'%@prisma.io'}
`

With type

Copy & paste — that's it
type User = { id: number; email: string; name: string | null }

const users = await prisma.$queryRaw `
 SELECT id, email, name FROM "User" WHERE role = ${'ADMIN'}
`

Dynamic table/column names

Use Prisma.raw() for identifiers (not safe for user input):

Copy & paste — that's it
import { Prisma } from '../generated/client'

const column = 'email'
const users = await prisma.$queryRaw`
 SELECT ${Prisma.raw(column)} FROM "User"
`

With Prisma.sql

Build queries dynamically:

Copy & paste — that's it
import { Prisma } from '../generated/client'

const email = '[email protected]'
const query = Prisma.sql`SELECT * FROM "User" WHERE email = ${email}`
const users = await prisma.$queryRaw(query)

Join multiple SQL fragments

Copy & paste — that's it
import { Prisma } from '../generated/client'

const conditions = [
 Prisma.sql`role = ${'ADMIN'}`,
 Prisma.sql`verified = ${true}`
]

const users = await prisma.$queryRaw`
 SELECT * FROM "User" 
 WHERE ${Prisma.join(conditions, ' AND ')}
`

$executeRaw

Execute INSERT, UPDATE, DELETE (returns affected count):

Copy & paste — that's it
const count = await prisma.$executeRaw`
 UPDATE "User" SET verified = true WHERE email LIKE ${'%@prisma.io'}
`
console.log(`Updated ${count} users`)

Delete example

Copy & paste — that's it
const deleted = await prisma.$executeRaw`
 DELETE FROM "User" WHERE "deletedAt" For fully dynamic queries (use with caution!):

// ⚠️ SQL injection risk - only use with trusted input const table = 'User' const users = await prisma.$queryRawUnsafe( SELECT * FROM "${table}" WHERE id = $1, userId )

Copy & paste — that's it

### Parameterized unsafe query

const result = await prisma.$executeRawUnsafe( 'UPDATE "User" SET name = $1 WHERE id = $2', 'Alice', 1 )

Copy & paste — that's it

## SQL Injection Prevention

### Safe (parameterized)

// ✅ User input is parameterized const email = userInput const users = await prisma.$queryRaw SELECT * FROM "User" WHERE email = ${email}

Copy & paste — that's it

### Unsafe (concatenation)

// ❌ SQL injection vulnerability! const email = userInput const users = await prisma.$queryRawUnsafe( SELECT * FROM "User" WHERE email = '${email}' )

Copy & paste — that's it

## Database-Specific Features

### PostgreSQL

// Array operations const users = await prisma.$queryRaw SELECT * FROM "User" WHERE 'admin' = ANY(roles)

// JSON operations const users = await prisma.$queryRaw SELECT * FROM "User" WHERE metadata->>'theme' = 'dark'

Copy & paste — that's it

### MySQL

// Full-text search const posts = await prisma.$queryRaw SELECT * FROM Post WHERE MATCH(title, content) AGAINST(${searchTerm})

Copy & paste — that's it

## Transactions with Raw Queries

await prisma.$transaction(async (tx) => { await tx.$executeRawUPDATE "Account" SET balance = balance - ${amount} WHERE id = ${senderId} await tx.$executeRawUPDATE "Account" SET balance = balance + ${amount} WHERE id = ${recipientId} })

Copy & paste — that's it

## Handling Results

### BigInt handling

 PostgreSQL returns BigInt for COUNT:

const result = await prisma.$queryRaw SELECT COUNT(*) as count FROM "User" const count = Number(result[0].count)

Copy & paste — that's it

### Date handling

type Result = { createdAt: Date } const users = await prisma.$queryRaw SELECT "createdAt" FROM "User" // createdAt is already a Date object

Copy & paste — that's it