Bug
SQL queries with LIKE '%...' patterns fail because psycopg interprets % in the SQL string as parameter placeholders.
Reproduction
Query: "Is there any green juice videos"
The query agent generates:
SELECT * FROM watch_history WHERE LOWER(title) LIKE '%green juice%'
psycopg rejects this with:
only '%s', '%b', '%t' are allowed as placeholders, got '%g'
The %g in %green is parsed as a psycopg format specifier instead of a SQL LIKE wildcard.
Root cause
db.execute() passes SQL through psycopg's parameter substitution. Literal % characters in SQL need to be escaped as %%, or (better) the LIKE pattern should be passed as a parameter:
SELECT * FROM watch_history WHERE LOWER(title) LIKE %s
-- params: ['%green juice%']
The query agent inlines string values directly in SQL instead of using parameterized queries.
Possible fixes
- Agent prompt fix: instruct query agents to always use
%s parameterized queries for string values
- Engine fix: escape
% in SQL before passing to psycopg (risky — could break intentional %s params)
- Engine fix: switch psycopg to
ClientCursor with mogrify() or use a different param style
Impact
Any LIKE/ILIKE query with a pattern starting with a letter after % fails silently — the agent gets an error and reports "technical error" to the user instead of results.
Found via trace logging on the live CVM deployment.
Bug
SQL queries with
LIKE '%...'patterns fail because psycopg interprets%in the SQL string as parameter placeholders.Reproduction
Query: "Is there any green juice videos"
The query agent generates:
psycopg rejects this with:
The
%gin%greenis parsed as a psycopg format specifier instead of a SQL LIKE wildcard.Root cause
db.execute()passes SQL through psycopg's parameter substitution. Literal%characters in SQL need to be escaped as%%, or (better) the LIKE pattern should be passed as a parameter:The query agent inlines string values directly in SQL instead of using parameterized queries.
Possible fixes
%sparameterized queries for string values%in SQL before passing to psycopg (risky — could break intentional%sparams)ClientCursorwithmogrify()or use a different param styleImpact
Any LIKE/ILIKE query with a pattern starting with a letter after
%fails silently — the agent gets an error and reports "technical error" to the user instead of results.Found via trace logging on the live CVM deployment.