feat(prebuilt/cloud-sql): Add create backup tool for Cloud SQL (#2141)

## Description

This pull request adds a new tool, cloud-sql-create-backup, which
enables taking a backup on a Cloud SQL instance from the toolbox using
the Cloud SQL Admin API. The tool supports optionally supplying a
location or description for the backup.

Tested:
<img width="1561" height="425" alt="image"
src="https://github.com/user-attachments/assets/c8984b07-5450-470a-9ac6-df16943e25e9"
/>


## PR Checklist

> Thank you for opening a Pull Request! Before submitting your PR, there
are a
> few things you can do to make sure it goes smoothly:

- [x] Make sure you reviewed

[CONTRIBUTING.md](https://github.com/googleapis/genai-toolbox/blob/main/CONTRIBUTING.md)
- [x] Make sure to open an issue as a

[bug/issue](https://github.com/googleapis/genai-toolbox/issues/new/choose)
  before writing your code! That way we can discuss the change, evaluate
  designs, and agree on the general idea
- [x] Ensure the tests and linter pass
- [x] Code coverage does not decrease (if any source code was changed)
- [x] Appropriate docs were updated (if necessary)
- [x] Make sure to add `!` if this involve a breaking change

🛠️ Fixes #2140

---------

Co-authored-by: Yuan Teoh <45984206+Yuan325@users.noreply.github.com>
Co-authored-by: Averi Kitsch <akitsch@google.com>

CONTRIBUTING.md

@@ -59,6 +59,13 @@ You can manually trigger the bot by commenting on your Pull Request:
 *   `/gemini summary`: Posts a summary of the changes in the pull request.
 *   `/gemini help`: Overview of the available commands
 
+## Guidelines for Pull Requests
+
+1. Please keep your PR small for more thorough review and easier updates. In case of regression, it also allows us to roll back a single feature instead of multiple ones.
+1. For non-trivial changes, consider opening an issue and discussing it with the code owners first.
+1. Provide a good PR description as a record of what change is being made and why it was made. Link to a GitHub issue if it exists.
+1. Make sure your code is thoroughly tested with unit tests and integration tests. Remember to clean up the test instances properly in your code to avoid memory leaks.
+
 ## Adding a New Database Source or Tool
 
 Please create an
@@ -110,6 +117,8 @@ implementation](https://github.com/googleapis/genai-toolbox/blob/main/internal/s
 We recommend looking at an [example tool
 implementation](https://github.com/googleapis/genai-toolbox/tree/main/internal/tools/postgres/postgressql).
 
+Remember to keep your PRs small. For example, if you are contributing a new Source, only include one or two core Tools within the same PR, the rest of the Tools can come in subsequent PRs. 
+
 * **Create a new directory** under `internal/tools` for your tool type (e.g., `internal/tools/newdb/newdbtool`).
 * **Define a configuration struct** for your tool in a file named `newdbtool.go`.
 Create a `Config` struct and a `Tool` struct to store necessary parameters for
@@ -163,6 +172,8 @@ tools.
             parameters][temp-param-doc]. Only run this test if template
             parameters apply to your tool.
 
+* **Add additional tests** for the tools that are not covered by the predefined tests. Every tool must be tested!
+
 * **Add the new database to the integration test workflow** in
   [integration.cloudbuild.yaml](.ci/integration.cloudbuild.yaml).
 
@@ -244,4 +255,4 @@ resources.
 * **PR Description:** PR description should **always** be included. It should
   include a concise description of the changes, it's impact, along with a
   summary of the solution. If the PR is related to a specific issue, the issue
-  number should be mentioned in the PR description (e.g. `Fixes #1`).
+  number should be mentioned in the PR description (e.g. `Fixes #1`).

cmd/root.go

@@ -92,6 +92,7 @@ import (
 	_ "github.com/googleapis/genai-toolbox/internal/tools/cloudhealthcare/cloudhealthcaresearchdicomstudies"
 	_ "github.com/googleapis/genai-toolbox/internal/tools/cloudmonitoring"
 	_ "github.com/googleapis/genai-toolbox/internal/tools/cloudsql/cloudsqlcloneinstance"
+	_ "github.com/googleapis/genai-toolbox/internal/tools/cloudsql/cloudsqlcreatebackup"
 	_ "github.com/googleapis/genai-toolbox/internal/tools/cloudsql/cloudsqlcreatedatabase"
 	_ "github.com/googleapis/genai-toolbox/internal/tools/cloudsql/cloudsqlcreateusers"
 	_ "github.com/googleapis/genai-toolbox/internal/tools/cloudsql/cloudsqlgetinstances"

cmd/root_test.go

@@ -1493,7 +1493,7 @@ func TestPrebuiltTools(t *testing.T) {
 			wantToolset: server.ToolsetConfigs{
 				"cloud_sql_postgres_admin_tools": tools.ToolsetConfig{
 					Name:      "cloud_sql_postgres_admin_tools",
-					ToolNames: []string{"create_instance", "get_instance", "list_instances", "create_database", "list_databases", "create_user", "wait_for_operation", "postgres_upgrade_precheck", "clone_instance"},
+					ToolNames: []string{"create_instance", "get_instance", "list_instances", "create_database", "list_databases", "create_user", "wait_for_operation", "postgres_upgrade_precheck", "clone_instance", "create_backup"},
 				},
 			},
 		},
@@ -1503,7 +1503,7 @@ func TestPrebuiltTools(t *testing.T) {
 			wantToolset: server.ToolsetConfigs{
 				"cloud_sql_mysql_admin_tools": tools.ToolsetConfig{
 					Name:      "cloud_sql_mysql_admin_tools",
-					ToolNames: []string{"create_instance", "get_instance", "list_instances", "create_database", "list_databases", "create_user", "wait_for_operation", "clone_instance"},
+					ToolNames: []string{"create_instance", "get_instance", "list_instances", "create_database", "list_databases", "create_user", "wait_for_operation", "clone_instance", "create_backup"},
 				},
 			},
 		},
@@ -1513,7 +1513,7 @@ func TestPrebuiltTools(t *testing.T) {
 			wantToolset: server.ToolsetConfigs{
 				"cloud_sql_mssql_admin_tools": tools.ToolsetConfig{
 					Name:      "cloud_sql_mssql_admin_tools",
-					ToolNames: []string{"create_instance", "get_instance", "list_instances", "create_database", "list_databases", "create_user", "wait_for_operation", "clone_instance"},
+					ToolNames: []string{"create_instance", "get_instance", "list_instances", "create_database", "list_databases", "create_user", "wait_for_operation", "clone_instance", "create_backup"},
 				},
 			},
 		},

docs/en/how-to/connect-ide/cloud_sql_mssql_admin_mcp.md

@@ -48,6 +48,7 @@ instance, database and users:
     * `roles/cloudsql.editor`: Provides permissions to manage existing resources.
         * All `viewer` tools
         * `create_database`
+        * `create_backup`
     * `roles/cloudsql.admin`: Provides full control over all resources.
         * All `editor` and `viewer` tools
         * `create_instance`
@@ -299,6 +300,7 @@ instances and interacting with your database:
 * **create_user**: Creates a new user in a Cloud SQL instance.
 * **wait_for_operation**: Waits for a Cloud SQL operation to complete.
 * **clone_instance**: Creates a clone of an existing Cloud SQL for SQL Server instance.
+* **create_backup**: Creates a backup on a Cloud SQL instance.
 
 {{< notice note >}}
 Prebuilt tools are pre-1.0, so expect some tool changes between versions. LLMs

docs/en/how-to/connect-ide/cloud_sql_mysql_admin_mcp.md

@@ -48,6 +48,7 @@ database and users:
     * `roles/cloudsql.editor`: Provides permissions to manage existing resources.
         * All `viewer` tools
         * `create_database`
+        * `create_backup`
     * `roles/cloudsql.admin`: Provides full control over all resources.
         * All `editor` and `viewer` tools
         * `create_instance`
@@ -299,6 +300,7 @@ instances and interacting with your database:
 * **create_user**: Creates a new user in a Cloud SQL instance.
 * **wait_for_operation**: Waits for a Cloud SQL operation to complete.
 * **clone_instance**: Creates a clone of an existing Cloud SQL for MySQL instance.
+* **create_backup**: Creates a backup on a Cloud SQL instance.
 
 {{< notice note >}}
 Prebuilt tools are pre-1.0, so expect some tool changes between versions. LLMs

docs/en/how-to/connect-ide/cloud_sql_pg_admin_mcp.md

@@ -48,6 +48,7 @@ instance, database and users:
     * `roles/cloudsql.editor`: Provides permissions to manage existing resources.
         * All `viewer` tools
         * `create_database`
+        * `create_backup`
     * `roles/cloudsql.admin`: Provides full control over all resources.
         * All `editor` and `viewer` tools
         * `create_instance`
@@ -299,6 +300,7 @@ instances and interacting with your database:
 * **create_user**: Creates a new user in a Cloud SQL instance.
 * **wait_for_operation**: Waits for a Cloud SQL operation to complete.
 * **clone_instance**: Creates a clone of an existing Cloud SQL for PostgreSQL instance.
+* **create_backup**: Creates a backup on a Cloud SQL instance.
 
 {{< notice note >}}
 Prebuilt tools are pre-1.0, so expect some tool changes between versions. LLMs

docs/en/how-to/connect_via_mcp.md

@@ -20,7 +20,6 @@ The native SDKs can be combined with MCP clients in many cases.
 
 Toolbox currently supports the following versions of MCP specification:
 
-* [2025-11-25](https://modelcontextprotocol.io/specification/2025-11-25)
 * [2025-06-18](https://modelcontextprotocol.io/specification/2025-06-18)
 * [2025-03-26](https://modelcontextprotocol.io/specification/2025-03-26)
 * [2024-11-05](https://modelcontextprotocol.io/specification/2024-11-05)

docs/en/reference/prebuilt-tools.md

@@ -187,6 +187,7 @@ See [Usage Examples](../reference/cli.md#examples).
         manage existing resources.
         * All `viewer` tools
         * `create_database`
+        * `create_backup`
     *   **Cloud SQL Admin** (`roles/cloudsql.admin`): Provides full control over
         all resources.
         * All `editor` and `viewer` tools
@@ -203,6 +204,7 @@ See [Usage Examples](../reference/cli.md#examples).
     *   `create_user`: Creates a new user in a Cloud SQL instance.
     *   `wait_for_operation`: Waits for a Cloud SQL operation to complete.
     *   `clone_instance`: Creates a clone for an existing Cloud SQL for MySQL instance.
+    *   `create_backup`: Creates a backup on a Cloud SQL instance.
 
 ## Cloud SQL for PostgreSQL
 
@@ -275,6 +277,7 @@ See [Usage Examples](../reference/cli.md#examples).
         manage existing resources.
         * All `viewer` tools
         * `create_database`
+        * `create_backup`
     *   **Cloud SQL Admin** (`roles/cloudsql.admin`): Provides full control over
         all resources.
         * All `editor` and `viewer` tools
@@ -290,6 +293,7 @@ See [Usage Examples](../reference/cli.md#examples).
     *   `create_user`: Creates a new user in a Cloud SQL instance.
     *   `wait_for_operation`: Waits for a Cloud SQL operation to complete.
     *   `clone_instance`: Creates a clone for an existing Cloud SQL for PostgreSQL instance.
+    *   `create_backup`: Creates a backup on a Cloud SQL instance.
 
 ## Cloud SQL for SQL Server
 
@@ -336,6 +340,7 @@ See [Usage Examples](../reference/cli.md#examples).
         manage existing resources.
         * All `viewer` tools
         * `create_database`
+        * `create_backup`
     *   **Cloud SQL Admin** (`roles/cloudsql.admin`): Provides full control over
         all resources.
         * All `editor` and `viewer` tools
@@ -351,6 +356,7 @@ See [Usage Examples](../reference/cli.md#examples).
     *   `create_user`: Creates a new user in a Cloud SQL instance.
     *   `wait_for_operation`: Waits for a Cloud SQL operation to complete.
     *   `clone_instance`: Creates a clone for an existing Cloud SQL for SQL Server instance.
+    *   `create_backup`: Creates a backup on a Cloud SQL instance.
 
 ## Dataplex
 

docs/en/resources/tools/cloudsql/cloudsqlcreatebackup.md

@@ -0,0 +1,45 @@
+---
+title: cloud-sql-create-backup
+type: docs
+weight: 10
+description: "Creates a backup on a Cloud SQL instance."
+---
+
+The `cloud-sql-create-backup` tool creates an on-demand backup on a Cloud SQL instance using the Cloud SQL Admin API.
+
+{{< notice info dd>}}
+This tool uses a `source` of kind `cloud-sql-admin`.
+{{< /notice >}}
+
+## Examples
+
+Basic backup creation (current state)
+
+```yaml
+tools:
+  backup-creation-basic:
+    kind: cloud-sql-create-backup
+    source: cloud-sql-admin-source
+    description: "Creates a backup on the given Cloud SQL instance."
+```
+## Reference
+### Tool Configuration
+| **field**      | **type** | **required** | **description**                                               |
+| -------------- | :------: | :----------: | ------------------------------------------------------------- |
+| kind           | string   | true         | Must be "cloud-sql-create-backup".                            |
+| source         | string   | true         | The name of the `cloud-sql-admin` source to use.              |
+| description    | string   | false        | A description of the tool.                                    |
+
+### Tool Inputs
+
+| **parameter**              | **type** | **required** | **description**                                                                 |
+| -------------------------- | :------: | :----------: | ------------------------------------------------------------------------------- |
+| project                    | string   | true         | The project ID.                                                                 |
+| instance                   | string   | true         | The name of the instance to take a backup on. Does not include the project ID.  |
+| location                   | string   | false        | (Optional) Location of the backup run.                                          |
+| backup_description         | string   | false        | (Optional) The description of this backup run.                                  |
+
+## See Also
+- [Cloud SQL Admin API documentation](https://cloud.google.com/sql/docs/mysql/admin-api)
+- [Toolbox Cloud SQL tools documentation](../cloudsql)
+- [Cloud SQL Backup API documentation](https://cloud.google.com/sql/docs/mysql/backup-recovery/backups)

docs/en/samples/neo4j/_index.md

@@ -0,0 +1,7 @@
+---
+title: "Neo4j"
+type: docs
+weight: 1
+description: >
+  How to get started with Toolbox using Neo4j.
+---

docs/en/samples/neo4j/mcp_quickstart.md

@@ -0,0 +1,141 @@
+---
+title: "Quickstart (MCP with Neo4j)"
+type: docs
+weight: 1
+description: >
+  How to get started running Toolbox with MCP Inspector and Neo4j as the source.
+---
+
+## Overview
+
+[Model Context Protocol](https://modelcontextprotocol.io) is an open protocol that standardizes how applications provide context to LLMs. Check out this page on how to [connect to Toolbox via MCP](../../how-to/connect_via_mcp.md).
+
+
+## Step 1: Set up your Neo4j Database and Data
+
+In this section, you'll set up a database and populate it with sample data for a movies-related agent. This guide assumes you have a running Neo4j instance, either locally or in the cloud.
+
+. **Populate the database with data.**
+To make this quickstart straightforward, we'll use the built-in Movies dataset available in Neo4j.
+
+. In your Neo4j Browser, run the following command to create and populate the database:
++
+```cypher
+:play movies
+````
+
+. Follow the instructions to load the data. This will create a graph with `Movie`, `Person`, and `Actor` nodes and their relationships.
+
+
+## Step 2: Install and configure Toolbox
+
+In this section, we will install the MCP Toolbox, configure our tools in a `tools.yaml` file, and then run the Toolbox server.
+
+. **Install the Toolbox binary.**
+The simplest way to get started is to download the latest binary for your operating system.
+
+. Download the latest version of Toolbox as a binary:
+\+
+
+```bash
+export OS="linux/amd64" # one of linux/amd64, darwin/arm64, darwin/amd64, or windows/amd64
+curl -O [https://storage.googleapis.com/genai-toolbox/v0.16.0/$OS/toolbox](https://storage.googleapis.com/genai-toolbox/v0.16.0/$OS/toolbox)
+```
+
+  + 
+. Make the binary executable:
+\+
+
+```bash
+chmod +x toolbox
+```
+
+. **Create the `tools.yaml` file.**
+This file defines your Neo4j source and the specific tools that will be exposed to your AI agent.
+\+
+{{\< notice tip \>}}
+Authentication for the Neo4j source uses standard username and password fields. For production use, it is highly recommended to use environment variables for sensitive information like passwords.
+{{\< /notice \>}}
+\+
+Write the following into a `tools.yaml` file:
+\+
+
+```yaml
+sources:
+  my-neo4j-source:
+    kind: neo4j
+    uri: bolt://localhost:7687
+    user: neo4j
+    password: my-password # Replace with your actual password
+
+tools:
+  search-movies-by-actor:
+    kind: neo4j-cypher
+    source: my-neo4j-source
+    description: "Searches for movies an actor has appeared in based on their name. Useful for questions like 'What movies has Tom Hanks been in?'"
+    parameters:
+      - name: actor_name
+        type: string
+        description: The full name of the actor to search for.
+    statement: |
+      MATCH (p:Person {name: $actor_name}) -[:ACTED_IN]-> (m:Movie)
+      RETURN m.title AS title, m.year AS year, m.genre AS genre
+  
+  get-actor-for-movie:
+    kind: neo4j-cypher
+    source: my-neo4j-source
+    description: "Finds the actors who starred in a specific movie. Useful for questions like 'Who acted in Inception?'"
+    parameters:
+      - name: movie_title
+        type: string
+        description: The exact title of the movie.
+    statement: |
+      MATCH (p:Person) -[:ACTED_IN]-> (m:Movie {title: $movie_title})
+      RETURN p.name AS actor
+```
+
+. **Start the Toolbox server.**
+Run the Toolbox server, pointing to the `tools.yaml` file you created earlier.
+\+
+
+```bash
+./toolbox --tools-file "tools.yaml"
+```
+
+## Step 3: Connect to MCP Inspector
+
+. **Run the MCP Inspector:**
+\+
+
+```bash
+npx @modelcontextprotocol/inspector
+```
+
+. Type `y` when it asks to install the inspector package.
+. It should show the following when the MCP Inspector is up and running (please take note of `<YOUR_SESSION_TOKEN>`):
+\+
+
+```bash
+Starting MCP inspector...
+⚙️ Proxy server listening on localhost:6277
+🔑 Session token: <YOUR_SESSION_TOKEN>
+    Use this token to authenticate requests or set DANGEROUSLY_OMIT_AUTH=true to disable auth
+
+🚀 MCP Inspector is up and running at:
+    http://localhost:6274/?MCP_PROXY_AUTH_TOKEN=<YOUR_SESSION_TOKEN>
+```
+
+1. Open the above link in your browser.
+
+1. For `Transport Type`, select `Streamable HTTP`.
+
+1. For `URL`, type in `http://127.0.0.1:5000/mcp`.
+
+1. For `Configuration` -\> `Proxy Session Token`, make sure `<YOUR_SESSION_TOKEN>` is present.
+
+1. Click `Connect`.
+
+1. Select `List Tools`, you will see a list of tools configured in `tools.yaml`.
+
+1. Test out your tools here\!
+

internal/prebuiltconfigs/tools/cloud-sql-mssql-admin.yaml

@@ -43,6 +43,9 @@ tools:
   clone_instance:
     kind: cloud-sql-clone-instance
     source: cloud-sql-admin-source
+  create_backup:
+    kind: cloud-sql-create-backup
+    source: cloud-sql-admin-source
 
 toolsets:
   cloud_sql_mssql_admin_tools:
@@ -54,3 +57,4 @@ toolsets:
     - create_user
     - wait_for_operation
     - clone_instance
+    - create_backup

internal/prebuiltconfigs/tools/cloud-sql-mysql-admin.yaml

@@ -43,6 +43,9 @@ tools:
   clone_instance:
     kind: cloud-sql-clone-instance
     source: cloud-sql-admin-source
+  create_backup:
+    kind: cloud-sql-create-backup
+    source: cloud-sql-admin-source
 
 toolsets:
   cloud_sql_mysql_admin_tools:
@@ -54,3 +57,4 @@ toolsets:
     - create_user
     - wait_for_operation
     - clone_instance
+    - create_backup

internal/prebuiltconfigs/tools/cloud-sql-postgres-admin.yaml

@@ -46,6 +46,9 @@ tools:
   postgres_upgrade_precheck:
     kind: postgres-upgrade-precheck
     source: cloud-sql-admin-source
+  create_backup:
+    kind: cloud-sql-create-backup
+    source: cloud-sql-admin-source
 
 toolsets:
   cloud_sql_postgres_admin_tools:
@@ -58,3 +61,4 @@ toolsets:
     - wait_for_operation
     - postgres_upgrade_precheck
     - clone_instance
+    - create_backup

internal/server/mcp/mcp.go

@@ -27,21 +27,19 @@ import (
 	v20241105 "github.com/googleapis/genai-toolbox/internal/server/mcp/v20241105"
 	v20250326 "github.com/googleapis/genai-toolbox/internal/server/mcp/v20250326"
 	v20250618 "github.com/googleapis/genai-toolbox/internal/server/mcp/v20250618"
-	v20251125 "github.com/googleapis/genai-toolbox/internal/server/mcp/v20251125"
 	"github.com/googleapis/genai-toolbox/internal/server/resources"
 	"github.com/googleapis/genai-toolbox/internal/tools"
 )
 
 // LATEST_PROTOCOL_VERSION is the latest version of the MCP protocol supported.
 // Update the version used in InitializeResponse when this value is updated.
-const LATEST_PROTOCOL_VERSION = v20251125.PROTOCOL_VERSION
+const LATEST_PROTOCOL_VERSION = v20250618.PROTOCOL_VERSION
 
 // SUPPORTED_PROTOCOL_VERSIONS is the MCP protocol versions that are supported.
 var SUPPORTED_PROTOCOL_VERSIONS = []string{
 	v20241105.PROTOCOL_VERSION,
 	v20250326.PROTOCOL_VERSION,
 	v20250618.PROTOCOL_VERSION,
-	v20251125.PROTOCOL_VERSION,
 }
 
 // InitializeResponse runs capability negotiation and protocol version agreement.
@@ -104,8 +102,6 @@ func NotificationHandler(ctx context.Context, body []byte) error {
 // This is the Operation phase of the lifecycle for MCP client-server connections.
 func ProcessMethod(ctx context.Context, mcpVersion string, id jsonrpc.RequestId, method string, toolset tools.Toolset, promptset prompts.Promptset, resourceMgr *resources.ResourceManager, body []byte, header http.Header) (any, error) {
 	switch mcpVersion {
-	case v20251125.PROTOCOL_VERSION:
-		return v20251125.ProcessMethod(ctx, id, method, toolset, promptset, resourceMgr, body, header)
 	case v20250618.PROTOCOL_VERSION:
 		return v20250618.ProcessMethod(ctx, id, method, toolset, promptset, resourceMgr, body, header)
 	case v20250326.PROTOCOL_VERSION:

internal/server/mcp/v20251125/method.go

@@ -1,326 +0,0 @@
-// Copyright 2026 Google LLC
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package v20251125
-
-import (
-	"bytes"
-	"context"
-	"encoding/json"
-	"errors"
-	"fmt"
-	"net/http"
-	"strings"
-
-	"github.com/googleapis/genai-toolbox/internal/prompts"
-	"github.com/googleapis/genai-toolbox/internal/server/mcp/jsonrpc"
-	"github.com/googleapis/genai-toolbox/internal/server/resources"
-	"github.com/googleapis/genai-toolbox/internal/tools"
-	"github.com/googleapis/genai-toolbox/internal/util"
-)
-
-// ProcessMethod returns a response for the request.
-func ProcessMethod(ctx context.Context, id jsonrpc.RequestId, method string, toolset tools.Toolset, promptset prompts.Promptset, resourceMgr *resources.ResourceManager, body []byte, header http.Header) (any, error) {
-	switch method {
-	case PING:
-		return pingHandler(id)
-	case TOOLS_LIST:
-		return toolsListHandler(id, toolset, body)
-	case TOOLS_CALL:
-		return toolsCallHandler(ctx, id, resourceMgr, body, header)
-	case PROMPTS_LIST:
-		return promptsListHandler(ctx, id, promptset, body)
-	case PROMPTS_GET:
-		return promptsGetHandler(ctx, id, resourceMgr, body)
-	default:
-		err := fmt.Errorf("invalid method %s", method)
-		return jsonrpc.NewError(id, jsonrpc.METHOD_NOT_FOUND, err.Error(), nil), err
-	}
-}
-
-// pingHandler handles the "ping" method by returning an empty response.
-func pingHandler(id jsonrpc.RequestId) (any, error) {
-	return jsonrpc.JSONRPCResponse{
-		Jsonrpc: jsonrpc.JSONRPC_VERSION,
-		Id:      id,
-		Result:  struct{}{},
-	}, nil
-}
-
-func toolsListHandler(id jsonrpc.RequestId, toolset tools.Toolset, body []byte) (any, error) {
-	var req ListToolsRequest
-	if err := json.Unmarshal(body, &req); err != nil {
-		err = fmt.Errorf("invalid mcp tools list request: %w", err)
-		return jsonrpc.NewError(id, jsonrpc.INVALID_REQUEST, err.Error(), nil), err
-	}
-
-	result := ListToolsResult{
-		Tools: toolset.McpManifest,
-	}
-	return jsonrpc.JSONRPCResponse{
-		Jsonrpc: jsonrpc.JSONRPC_VERSION,
-		Id:      id,
-		Result:  result,
-	}, nil
-}
-
-// toolsCallHandler generate a response for tools call.
-func toolsCallHandler(ctx context.Context, id jsonrpc.RequestId, resourceMgr *resources.ResourceManager, body []byte, header http.Header) (any, error) {
-	authServices := resourceMgr.GetAuthServiceMap()
-
-	// retrieve logger from context
-	logger, err := util.LoggerFromContext(ctx)
-	if err != nil {
-		return jsonrpc.NewError(id, jsonrpc.INTERNAL_ERROR, err.Error(), nil), err
-	}
-
-	var req CallToolRequest
-	if err = json.Unmarshal(body, &req); err != nil {
-		err = fmt.Errorf("invalid mcp tools call request: %w", err)
-		return jsonrpc.NewError(id, jsonrpc.INVALID_REQUEST, err.Error(), nil), err
-	}
-
-	toolName := req.Params.Name
-	toolArgument := req.Params.Arguments
-	logger.DebugContext(ctx, fmt.Sprintf("tool name: %s", toolName))
-	tool, ok := resourceMgr.GetTool(toolName)
-	if !ok {
-		err = fmt.Errorf("invalid tool name: tool with name %q does not exist", toolName)
-		return jsonrpc.NewError(id, jsonrpc.INVALID_PARAMS, err.Error(), nil), err
-	}
-
-	// Get access token
-	authTokenHeadername, err := tool.GetAuthTokenHeaderName(resourceMgr)
-	if err != nil {
-		errMsg := fmt.Errorf("error during invocation: %w", err)
-		return jsonrpc.NewError(id, jsonrpc.INTERNAL_ERROR, errMsg.Error(), nil), errMsg
-	}
-	accessToken := tools.AccessToken(header.Get(authTokenHeadername))
-
-	// Check if this specific tool requires the standard authorization header
-	clientAuth, err := tool.RequiresClientAuthorization(resourceMgr)
-	if err != nil {
-		errMsg := fmt.Errorf("error during invocation: %w", err)
-		return jsonrpc.NewError(id, jsonrpc.INTERNAL_ERROR, errMsg.Error(), nil), errMsg
-	}
-	if clientAuth {
-		if accessToken == "" {
-			return jsonrpc.NewError(id, jsonrpc.INVALID_REQUEST, "missing access token in the 'Authorization' header", nil), util.ErrUnauthorized
-		}
-	}
-
-	// marshal arguments and decode it using decodeJSON instead to prevent loss between floats/int.
-	aMarshal, err := json.Marshal(toolArgument)
-	if err != nil {
-		err = fmt.Errorf("unable to marshal tools argument: %w", err)
-		return jsonrpc.NewError(id, jsonrpc.INTERNAL_ERROR, err.Error(), nil), err
-	}
-
-	var data map[string]any
-	if err = util.DecodeJSON(bytes.NewBuffer(aMarshal), &data); err != nil {
-		err = fmt.Errorf("unable to decode tools argument: %w", err)
-		return jsonrpc.NewError(id, jsonrpc.INTERNAL_ERROR, err.Error(), nil), err
-	}
-
-	// Tool authentication
-	// claimsFromAuth maps the name of the authservice to the claims retrieved from it.
-	claimsFromAuth := make(map[string]map[string]any)
-
-	// if using stdio, header will be nil and auth will not be supported
-	if header != nil {
-		for _, aS := range authServices {
-			claims, err := aS.GetClaimsFromHeader(ctx, header)
-			if err != nil {
-				logger.DebugContext(ctx, err.Error())
-				continue
-			}
-			if claims == nil {
-				// authService not present in header
-				continue
-			}
-			claimsFromAuth[aS.GetName()] = claims
-		}
-	}
-
-	// Tool authorization check
-	verifiedAuthServices := make([]string, len(claimsFromAuth))
-	i := 0
-	for k := range claimsFromAuth {
-		verifiedAuthServices[i] = k
-		i++
-	}
-
-	// Check if any of the specified auth services is verified
-	isAuthorized := tool.Authorized(verifiedAuthServices)
-	if !isAuthorized {
-		err = fmt.Errorf("unauthorized Tool call: Please make sure your specify correct auth headers: %w", util.ErrUnauthorized)
-		return jsonrpc.NewError(id, jsonrpc.INVALID_REQUEST, err.Error(), nil), err
-	}
-	logger.DebugContext(ctx, "tool invocation authorized")
-
-	params, err := tool.ParseParams(data, claimsFromAuth)
-	if err != nil {
-		err = fmt.Errorf("provided parameters were invalid: %w", err)
-		return jsonrpc.NewError(id, jsonrpc.INVALID_PARAMS, err.Error(), nil), err
-	}
-	logger.DebugContext(ctx, fmt.Sprintf("invocation params: %s", params))
-
-	// run tool invocation and generate response.
-	results, err := tool.Invoke(ctx, resourceMgr, params, accessToken)
-	if err != nil {
-		errStr := err.Error()
-		// Missing authService tokens.
-		if errors.Is(err, util.ErrUnauthorized) {
-			return jsonrpc.NewError(id, jsonrpc.INVALID_REQUEST, err.Error(), nil), err
-		}
-		// Upstream auth error
-		if strings.Contains(errStr, "Error 401") || strings.Contains(errStr, "Error 403") {
-			if clientAuth {
-				// Error with client credentials should pass down to the client
-				return jsonrpc.NewError(id, jsonrpc.INVALID_REQUEST, err.Error(), nil), err
-			}
-			// Auth error with ADC should raise internal 500 error
-			return jsonrpc.NewError(id, jsonrpc.INTERNAL_ERROR, err.Error(), nil), err
-		}
-		text := TextContent{
-			Type: "text",
-			Text: err.Error(),
-		}
-		return jsonrpc.JSONRPCResponse{
-			Jsonrpc: jsonrpc.JSONRPC_VERSION,
-			Id:      id,
-			Result:  CallToolResult{Content: []TextContent{text}, IsError: true},
-		}, nil
-	}
-
-	content := make([]TextContent, 0)
-
-	sliceRes, ok := results.([]any)
-	if !ok {
-		sliceRes = []any{results}
-	}
-
-	for _, d := range sliceRes {
-		text := TextContent{Type: "text"}
-		dM, err := json.Marshal(d)
-		if err != nil {
-			text.Text = fmt.Sprintf("fail to marshal: %s, result: %s", err, d)
-		} else {
-			text.Text = string(dM)
-		}
-		content = append(content, text)
-	}
-
-	return jsonrpc.JSONRPCResponse{
-		Jsonrpc: jsonrpc.JSONRPC_VERSION,
-		Id:      id,
-		Result:  CallToolResult{Content: content},
-	}, nil
-}
-
-// promptsListHandler handles the "prompts/list" method.
-func promptsListHandler(ctx context.Context, id jsonrpc.RequestId, promptset prompts.Promptset, body []byte) (any, error) {
-	// retrieve logger from context
-	logger, err := util.LoggerFromContext(ctx)
-	if err != nil {
-		return jsonrpc.NewError(id, jsonrpc.INTERNAL_ERROR, err.Error(), nil), err
-	}
-	logger.DebugContext(ctx, "handling prompts/list request")
-
-	var req ListPromptsRequest
-	if err := json.Unmarshal(body, &req); err != nil {
-		err = fmt.Errorf("invalid mcp prompts list request: %w", err)
-		return jsonrpc.NewError(id, jsonrpc.INVALID_REQUEST, err.Error(), nil), err
-	}
-
-	result := ListPromptsResult{
-		Prompts: promptset.McpManifest,
-	}
-	logger.DebugContext(ctx, fmt.Sprintf("returning %d prompts", len(promptset.McpManifest)))
-	return jsonrpc.JSONRPCResponse{
-		Jsonrpc: jsonrpc.JSONRPC_VERSION,
-		Id:      id,
-		Result:  result,
-	}, nil
-}
-
-// promptsGetHandler handles the "prompts/get" method.
-func promptsGetHandler(ctx context.Context, id jsonrpc.RequestId, resourceMgr *resources.ResourceManager, body []byte) (any, error) {
-	// retrieve logger from context
-	logger, err := util.LoggerFromContext(ctx)
-	if err != nil {
-		return jsonrpc.NewError(id, jsonrpc.INTERNAL_ERROR, err.Error(), nil), err
-	}
-	logger.DebugContext(ctx, "handling prompts/get request")
-
-	var req GetPromptRequest
-	if err := json.Unmarshal(body, &req); err != nil {
-		err = fmt.Errorf("invalid mcp prompts/get request: %w", err)
-		return jsonrpc.NewError(id, jsonrpc.INVALID_REQUEST, err.Error(), nil), err
-	}
-
-	promptName := req.Params.Name
-	logger.DebugContext(ctx, fmt.Sprintf("prompt name: %s", promptName))
-	prompt, ok := resourceMgr.GetPrompt(promptName)
-	if !ok {
-		err := fmt.Errorf("prompt with name %q does not exist", promptName)
-		return jsonrpc.NewError(id, jsonrpc.INVALID_PARAMS, err.Error(), nil), err
-	}
-
-	// Parse the arguments provided in the request.
-	argValues, err := prompt.ParseArgs(req.Params.Arguments, nil)
-	if err != nil {
-		err = fmt.Errorf("invalid arguments for prompt %q: %w", promptName, err)
-		return jsonrpc.NewError(id, jsonrpc.INVALID_PARAMS, err.Error(), nil), err
-	}
-	logger.DebugContext(ctx, fmt.Sprintf("parsed args: %v", argValues))
-
-	// Substitute the argument values into the prompt's messages.
-	substituted, err := prompt.SubstituteParams(argValues)
-	if err != nil {
-		err = fmt.Errorf("error substituting params for prompt %q: %w", promptName, err)
-		return jsonrpc.NewError(id, jsonrpc.INTERNAL_ERROR, err.Error(), nil), err
-	}
-
-	// Cast the result to the expected []prompts.Message type.
-	substitutedMessages, ok := substituted.([]prompts.Message)
-	if !ok {
-		err = fmt.Errorf("internal error: SubstituteParams returned unexpected type")
-		return jsonrpc.NewError(id, jsonrpc.INTERNAL_ERROR, err.Error(), nil), err
-	}
-	logger.DebugContext(ctx, "substituted params successfully")
-
-	// Format the response messages into the required structure.
-	promptMessages := make([]PromptMessage, len(substitutedMessages))
-	for i, msg := range substitutedMessages {
-		promptMessages[i] = PromptMessage{
-			Role: msg.Role,
-			Content: TextContent{
-				Type: "text",
-				Text: msg.Content,
-			},
-		}
-	}
-
-	result := GetPromptResult{
-		Description: prompt.Manifest().Description,
-		Messages:    promptMessages,
-	}
-
-	return jsonrpc.JSONRPCResponse{
-		Jsonrpc: jsonrpc.JSONRPC_VERSION,
-		Id:      id,
-		Result:  result,
-	}, nil
-}

internal/server/mcp/v20251125/types.go

@@ -1,219 +0,0 @@
-// Copyright 2026 Google LLC
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package v20251125
-
-import (
-	"github.com/googleapis/genai-toolbox/internal/prompts"
-	"github.com/googleapis/genai-toolbox/internal/server/mcp/jsonrpc"
-	"github.com/googleapis/genai-toolbox/internal/tools"
-)
-
-// SERVER_NAME is the server name used in Implementation.
-const SERVER_NAME = "Toolbox"
-
-// PROTOCOL_VERSION is the version of the MCP protocol in this package.
-const PROTOCOL_VERSION = "2025-11-25"
-
-// methods that are supported.
-const (
-	PING         = "ping"
-	TOOLS_LIST   = "tools/list"
-	TOOLS_CALL   = "tools/call"
-	PROMPTS_LIST = "prompts/list"
-	PROMPTS_GET  = "prompts/get"
-)
-
-/* Empty result */
-
-// EmptyResult represents a response that indicates success but carries no data.
-type EmptyResult jsonrpc.Result
-
-/* Pagination */
-
-// Cursor is an opaque token used to represent a cursor for pagination.
-type Cursor string
-
-type PaginatedRequest struct {
-	jsonrpc.Request
-	Params struct {
-		// An opaque token representing the current pagination position.
-		// If provided, the server should return results starting after this cursor.
-		Cursor Cursor `json:"cursor,omitempty"`
-	} `json:"params,omitempty"`
-}
-
-type PaginatedResult struct {
-	jsonrpc.Result
-	// An opaque token representing the pagination position after the last returned result.
-	// If present, there may be more results available.
-	NextCursor Cursor `json:"nextCursor,omitempty"`
-}
-
-/* Tools */
-
-// Sent from the client to request a list of tools the server has.
-type ListToolsRequest struct {
-	PaginatedRequest
-}
-
-// The server's response to a tools/list request from the client.
-type ListToolsResult struct {
-	PaginatedResult
-	Tools []tools.McpManifest `json:"tools"`
-}
-
-// Used by the client to invoke a tool provided by the server.
-type CallToolRequest struct {
-	jsonrpc.Request
-	Params struct {
-		Name      string         `json:"name"`
-		Arguments map[string]any `json:"arguments,omitempty"`
-	} `json:"params,omitempty"`
-}
-
-// The sender or recipient of messages and data in a conversation.
-type Role string
-
-const (
-	RoleUser      Role = "user"
-	RoleAssistant Role = "assistant"
-)
-
-// Base for objects that include optional annotations for the client.
-// The client can use annotations to inform how objects are used or displayed
-type Annotated struct {
-	Annotations *struct {
-		// Describes who the intended customer of this object or data is.
-		// It can include multiple entries to indicate content useful for multiple
-		// audiences (e.g., `["user", "assistant"]`).
-		Audience []Role `json:"audience,omitempty"`
-		// Describes how important this data is for operating the server.
-		//
-		// A value of 1 means "most important," and indicates that the data is
-		// effectively required, while 0 means "least important," and indicates that
-		// the data is entirely optional.
-		//
-		// @TJS-type number
-		// @minimum 0
-		// @maximum 1
-		Priority float64 `json:"priority,omitempty"`
-	} `json:"annotations,omitempty"`
-}
-
-// TextContent represents text provided to or from an LLM.
-type TextContent struct {
-	Annotated
-	Type string `json:"type"`
-	// The text content of the message.
-	Text string `json:"text"`
-}
-
-// The server's response to a tool call.
-//
-// Any errors that originate from the tool SHOULD be reported inside the result
-// object, with `isError` set to true, _not_ as an MCP protocol-level error
-// response. Otherwise, the LLM would not be able to see that an error occurred
-// and self-correct.
-//
-// However, any errors in _finding_ the tool, an error indicating that the
-// server does not support tool calls, or any other exceptional conditions,
-// should be reported as an MCP error response.
-type CallToolResult struct {
-	jsonrpc.Result
-	// Could be either a TextContent, ImageContent, or EmbeddedResources
-	// For Toolbox, we will only be sending TextContent
-	Content []TextContent `json:"content"`
-	// Whether the tool call ended in an error.
-	// If not set, this is assumed to be false (the call was successful).
-	//
-	// Any errors that originate from the tool SHOULD be reported inside the result
-	// object, with `isError` set to true, _not_ as an MCP protocol-level error
-	// response. Otherwise, the LLM would not be able to see that an error occurred
-	// and self-correct.
-	//
-	// However, any errors in _finding_ the tool, an error indicating that the
-	// server does not support tool calls, or any other exceptional conditions,
-	// should be reported as an MCP error response.
-	IsError bool `json:"isError,omitempty"`
-	// An optional JSON object that represents the structured result of the tool call.
-	StructuredContent map[string]any `json:"structuredContent,omitempty"`
-}
-
-// Additional properties describing a Tool to clients.
-//
-// NOTE: all properties in ToolAnnotations are **hints**.
-// They are not guaranteed to provide a faithful description of
-// tool behavior (including descriptive properties like `title`).
-//
-// Clients should never make tool use decisions based on ToolAnnotations
-// received from untrusted servers.
-type ToolAnnotations struct {
-	// A human-readable title for the tool.
-	Title string `json:"title,omitempty"`
-	// If true, the tool does not modify its environment.
-	// Default: false
-	ReadOnlyHint bool `json:"readOnlyHint,omitempty"`
-	// If true, the tool may perform destructive updates to its environment.
-	// If false, the tool performs only additive updates.
-	// (This property is meaningful only when `readOnlyHint == false`)
-	// Default: true
-	DestructiveHint bool `json:"destructiveHint,omitempty"`
-	// If true, calling the tool repeatedly with the same arguments
-	// will have no additional effect on the its environment.
-	// (This property is meaningful only when `readOnlyHint == false`)
-	// Default: false
-	IdempotentHint bool `json:"idempotentHint,omitempty"`
-	// If true, this tool may interact with an "open world" of external
-	// entities. If false, the tool's domain of interaction is closed.
-	// For example, the world of a web search tool is open, whereas that
-	// of a memory tool is not.
-	// Default: true
-	OpenWorldHint bool `json:"openWorldHint,omitempty"`
-}
-
-/* Prompts */
-
-// Sent from the client to request a list of prompts the server has.
-type ListPromptsRequest struct {
-	PaginatedRequest
-}
-
-// The server's response to a prompts/list request from the client.
-type ListPromptsResult struct {
-	PaginatedResult
-	Prompts []prompts.McpManifest `json:"prompts"`
-}
-
-// Used by the client to get a prompt provided by the server.
-type GetPromptRequest struct {
-	jsonrpc.Request
-	Params struct {
-		Name      string         `json:"name"`
-		Arguments map[string]any `json:"arguments,omitempty"`
-	} `json:"params"`
-}
-
-// The server's response to a prompts/get request from the client.
-type GetPromptResult struct {
-	jsonrpc.Result
-	Description string          `json:"description,omitempty"`
-	Messages    []PromptMessage `json:"messages"`
-}
-
-// Describes a message returned as part of a prompt.
-type PromptMessage struct {
-	Role    string      `json:"role"`
-	Content TextContent `json:"content"`
-}

internal/server/mcp_test.go

@@ -37,7 +37,6 @@ const jsonrpcVersion = "2.0"
 const protocolVersion20241105 = "2024-11-05"
 const protocolVersion20250326 = "2025-03-26"
 const protocolVersion20250618 = "2025-06-18"
-const protocolVersion20251125 = "2025-11-25"
 const serverName = "Toolbox"
 
 var basicInputSchema = map[string]any{
@@ -486,23 +485,6 @@ func TestMcpEndpoint(t *testing.T) {
 				},
 			},
 		},
-		{
-			name:     "version 2025-11-25",
-			protocol: protocolVersion20251125,
-			idHeader: false,
-			initWant: map[string]any{
-				"jsonrpc": "2.0",
-				"id":      "mcp-initialize",
-				"result": map[string]any{
-					"protocolVersion": "2025-11-25",
-					"capabilities": map[string]any{
-						"tools":   map[string]any{"listChanged": false},
-						"prompts": map[string]any{"listChanged": false},
-					},
-					"serverInfo": map[string]any{"name": serverName, "version": fakeVersionString},
-				},
-			},
-		},
 	}
 	for _, vtc := range versTestCases {
 		t.Run(vtc.name, func(t *testing.T) {
@@ -512,7 +494,8 @@ func TestMcpEndpoint(t *testing.T) {
 			if sessionId != "" {
 				header["Mcp-Session-Id"] = sessionId
 			}
-			if vtc.protocol != protocolVersion20241105 && vtc.protocol != protocolVersion20250326 {
+
+			if vtc.protocol == protocolVersion20250618 {
 				header["MCP-Protocol-Version"] = vtc.protocol
 			}
 

internal/sources/cloudsqladmin/cloud_sql_admin.go

@@ -352,6 +352,28 @@ func (s *Source) GetWaitForOperations(ctx context.Context, service *sqladmin.Ser
 	return nil, nil
 }
 
+func (s *Source) InsertBackupRun(ctx context.Context, project, instance, location, backupDescription, accessToken string) (any, error) {
+	backupRun := &sqladmin.BackupRun{}
+	if location != "" {
+		backupRun.Location = location
+	}
+	if backupDescription != "" {
+		backupRun.Description = backupDescription
+	}
+
+	service, err := s.GetService(ctx, string(accessToken))
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := service.BackupRuns.Insert(project, instance, backupRun).Do()
+	if err != nil {
+		return nil, fmt.Errorf("error creating backup: %w", err)
+	}
+
+	return resp, nil
+}
+
 func generateCloudSQLConnectionMessage(ctx context.Context, source *Source, logger log.Logger, opResponse map[string]any, connectionMessageTemplate string) (string, bool) {
 	operationType, ok := opResponse["operationType"].(string)
 	if !ok || operationType != "CREATE_DATABASE" {

internal/tools/cloudsql/cloudsqlcreatebackup/cloudsqlcreatebackup.go

@@ -0,0 +1,180 @@
+// Copyright 2026 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package cloudsqlcreatebackup
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/goccy/go-yaml"
+	"github.com/googleapis/genai-toolbox/internal/embeddingmodels"
+	"github.com/googleapis/genai-toolbox/internal/sources"
+	"github.com/googleapis/genai-toolbox/internal/tools"
+	"github.com/googleapis/genai-toolbox/internal/util/parameters"
+	"google.golang.org/api/sqladmin/v1"
+)
+
+const kind string = "cloud-sql-create-backup"
+
+var _ tools.ToolConfig = Config{}
+
+type compatibleSource interface {
+	GetDefaultProject() string
+	GetService(context.Context, string) (*sqladmin.Service, error)
+	UseClientAuthorization() bool
+	InsertBackupRun(ctx context.Context, project, instance, location, backupDescription, accessToken string) (any, error)
+}
+
+// Config defines the configuration for the create-backup tool.
+type Config struct {
+	Name         string   `yaml:"name" validate:"required"`
+	Kind         string   `yaml:"kind" validate:"required"`
+	Description  string   `yaml:"description"`
+	Source       string   `yaml:"source" validate:"required"`
+	AuthRequired []string `yaml:"authRequired"`
+}
+
+func init() {
+	if !tools.Register(kind, newConfig) {
+		panic(fmt.Sprintf("tool kind %q already registered", kind))
+	}
+}
+
+func newConfig(ctx context.Context, name string, decoder *yaml.Decoder) (tools.ToolConfig, error) {
+	actual := Config{Name: name}
+	if err := decoder.DecodeContext(ctx, &actual); err != nil {
+		return nil, err
+	}
+	return actual, nil
+}
+
+// ToolConfigKind returns the kind of the tool.
+func (cfg Config) ToolConfigKind() string {
+	return kind
+}
+
+// Initialize initializes the tool from the configuration.
+func (cfg Config) Initialize(srcs map[string]sources.Source) (tools.Tool, error) {
+	rawS, ok := srcs[cfg.Source]
+	if !ok {
+		return nil, fmt.Errorf("no source named %q configured", cfg.Source)
+	}
+	s, ok := rawS.(compatibleSource)
+	if !ok {
+		return nil, fmt.Errorf("invalid source for %q tool: source %q not compatible", kind, cfg.Source)
+	}
+
+	project := s.GetDefaultProject()
+	var projectParam parameters.Parameter
+	if project != "" {
+		projectParam = parameters.NewStringParameterWithDefault("project", project, "The GCP project ID. This is pre-configured; do not ask for it unless the user explicitly provides a different one.")
+	} else {
+		projectParam = parameters.NewStringParameter("project", "The project ID")
+	}
+
+	allParameters := parameters.Parameters{
+		projectParam,
+		parameters.NewStringParameter("instance", "Cloud SQL instance ID. This does not include the project ID."),
+		// Location and backup_description are optional.
+		parameters.NewStringParameterWithRequired("location", "Location of the backup run.", false),
+		parameters.NewStringParameterWithRequired("backup_description", "The description of this backup run.", false),
+	}
+	paramManifest := allParameters.Manifest()
+
+	description := cfg.Description
+	if description == "" {
+		description = "Creates a backup on a Cloud SQL instance."
+	}
+
+	mcpManifest := tools.GetMcpManifest(cfg.Name, description, cfg.AuthRequired, allParameters, nil)
+
+	return Tool{
+		Config:      cfg,
+		AllParams:   allParameters,
+		manifest:    tools.Manifest{Description: description, Parameters: paramManifest, AuthRequired: cfg.AuthRequired},
+		mcpManifest: mcpManifest,
+	}, nil
+}
+
+// Tool represents the create-backup tool.
+type Tool struct {
+	Config
+	AllParams   parameters.Parameters `yaml:"allParams"`
+	manifest    tools.Manifest
+	mcpManifest tools.McpManifest
+}
+
+func (t Tool) ToConfig() tools.ToolConfig {
+	return t.Config
+}
+
+func (t Tool) Invoke(ctx context.Context, resourceMgr tools.SourceProvider, params parameters.ParamValues, accessToken tools.AccessToken) (any, error) {
+	source, err := tools.GetCompatibleSource[compatibleSource](resourceMgr, t.Source, t.Name, t.Kind)
+	if err != nil {
+		return nil, err
+	}
+	paramsMap := params.AsMap()
+
+	project, ok := paramsMap["project"].(string)
+	if !ok {
+		return nil, fmt.Errorf("error casting 'project' parameter: %v", paramsMap["project"])
+	}
+	instance, ok := paramsMap["instance"].(string)
+	if !ok {
+		return nil, fmt.Errorf("error casting 'instance' parameter: %v", paramsMap["instance"])
+	}
+
+	location, _ := paramsMap["location"].(string)
+	description, _ := paramsMap["backup_description"].(string)
+
+	return source.InsertBackupRun(ctx, project, instance, location, description, string(accessToken))
+}
+
+// ParseParams parses the parameters for the tool.
+func (t Tool) ParseParams(data map[string]any, claims map[string]map[string]any) (parameters.ParamValues, error) {
+	return parameters.ParseParams(t.AllParams, data, claims)
+}
+
+func (t Tool) EmbedParams(ctx context.Context, paramValues parameters.ParamValues, embeddingModelsMap map[string]embeddingmodels.EmbeddingModel) (parameters.ParamValues, error) {
+	return parameters.EmbedParams(ctx, t.AllParams, paramValues, embeddingModelsMap, nil)
+}
+
+// Manifest returns the tool's manifest.
+func (t Tool) Manifest() tools.Manifest {
+	return t.manifest
+}
+
+// McpManifest returns the tool's MCP manifest.
+func (t Tool) McpManifest() tools.McpManifest {
+	return t.mcpManifest
+}
+
+// Authorized checks if the tool is authorized.
+func (t Tool) Authorized(verifiedAuthServices []string) bool {
+	return true
+}
+
+func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (bool, error) {
+	source, err := tools.GetCompatibleSource[compatibleSource](resourceMgr, t.Source, t.Name, t.Kind)
+	if err != nil {
+		return false, err
+	}
+
+	return source.UseClientAuthorization(), nil
+}
+
+func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
+	return "Authorization", nil
+}

internal/tools/cloudsql/cloudsqlcreatebackup/cloudsqlcreatebackup_test.go

@@ -0,0 +1,72 @@
+// Copyright 2026 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package cloudsqlcreatebackup_test
+
+import (
+	"testing"
+
+	yaml "github.com/goccy/go-yaml"
+	"github.com/google/go-cmp/cmp"
+	"github.com/googleapis/genai-toolbox/internal/server"
+	"github.com/googleapis/genai-toolbox/internal/testutils"
+	"github.com/googleapis/genai-toolbox/internal/tools/cloudsql/cloudsqlcreatebackup"
+)
+
+func TestParseFromYaml(t *testing.T) {
+	ctx, err := testutils.ContextWithNewLogger()
+	if err != nil {
+		t.Fatalf("unexpected error: %s", err)
+	}
+	tcs := []struct {
+		desc string
+		in   string
+		want server.ToolConfigs
+	}{
+		{
+			desc: "basic example",
+			in: `
+			tools:
+			  create-backup-tool:
+			    kind: cloud-sql-create-backup
+			    description: a test description
+			    source: a-source
+			`,
+			want: server.ToolConfigs{
+				"create-backup-tool": cloudsqlcreatebackup.Config{
+					Name:         "create-backup-tool",
+					Kind:         "cloud-sql-create-backup",
+					Description:  "a test description",
+					Source:       "a-source",
+					AuthRequired: []string{},
+				},
+			},
+		},
+	}
+	for _, tc := range tcs {
+		t.Run(tc.desc, func(t *testing.T) {
+			got := struct {
+				Tools server.ToolConfigs `yaml:"tools"`
+			}{}
+			// Parse contents
+			err := yaml.UnmarshalContext(ctx, testutils.FormatYaml(tc.in), &got)
+			if err != nil {
+				t.Fatalf("unable to unmarshal: %s", err)
+			}
+			if diff := cmp.Diff(tc.want, got.Tools); diff != "" {
+				t.Fatalf("incorrect parse: diff %v", diff)
+			}
+		})
+	}
+}

tests/cloudsql/cloud_sql_create_backup_test.go

@@ -0,0 +1,232 @@
+// Copyright 2026 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package cloudsql
+
+import (
+	"bytes"
+	"context"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"net/http/httptest"
+	"net/url"
+	"reflect"
+	"regexp"
+	"strings"
+	"testing"
+	"time"
+
+	"github.com/google/go-cmp/cmp"
+	"github.com/googleapis/genai-toolbox/internal/testutils"
+	"github.com/googleapis/genai-toolbox/tests"
+	"google.golang.org/api/sqladmin/v1"
+)
+
+var (
+	createBackupToolKind = "cloud-sql-create-backup"
+)
+
+type createBackupTransport struct {
+	transport http.RoundTripper
+	url       *url.URL
+}
+
+func (t *createBackupTransport) RoundTrip(req *http.Request) (*http.Response, error) {
+	if strings.HasPrefix(req.URL.String(), "https://sqladmin.googleapis.com") {
+		req.URL.Scheme = t.url.Scheme
+		req.URL.Host = t.url.Host
+	}
+	return t.transport.RoundTrip(req)
+}
+
+type mastercreateBackupHandler struct {
+	t *testing.T
+}
+
+func (h *mastercreateBackupHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+	if !strings.Contains(r.UserAgent(), "genai-toolbox/") {
+		h.t.Errorf("User-Agent header not found")
+	}
+	var backupRun sqladmin.BackupRun
+	if err := json.NewDecoder(r.Body).Decode(&backupRun); err != nil {
+		h.t.Fatalf("failed to decode request body: %v", err)
+	} else {
+		h.t.Logf("Received request body: %+v", backupRun)
+	}
+
+	var expectedBackupRun sqladmin.BackupRun
+	var response any
+	var statusCode int
+
+	switch backupRun.Description {
+	case "":
+		expectedBackupRun = sqladmin.BackupRun{}
+		response = map[string]any{"name": "op1", "status": "PENDING"}
+		statusCode = http.StatusOK
+	case "test desc":
+		expectedBackupRun = sqladmin.BackupRun{Location: "us-central1", Description: "test desc"}
+		response = map[string]any{"name": "op1", "status": "PENDING"}
+		statusCode = http.StatusOK
+	default:
+		http.Error(w, fmt.Sprintf("unhandled instance name: %s", backupRun.Instance), http.StatusInternalServerError)
+		return
+	}
+
+	if diff := cmp.Diff(expectedBackupRun, backupRun); diff != "" {
+		h.t.Errorf("unexpected request body (-want +got):\n%s", diff)
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(statusCode)
+	if err := json.NewEncoder(w).Encode(response); err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+	}
+}
+
+func TestCreateBackupToolEndpoints(t *testing.T) {
+	ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
+	defer cancel()
+
+	handler := &mastercreateBackupHandler{t: t}
+	server := httptest.NewServer(handler)
+	defer server.Close()
+
+	serverURL, err := url.Parse(server.URL)
+	if err != nil {
+		t.Fatalf("failed to parse server URL: %v", err)
+	}
+
+	originalTransport := http.DefaultClient.Transport
+	if originalTransport == nil {
+		originalTransport = http.DefaultTransport
+	}
+	http.DefaultClient.Transport = &createBackupTransport{
+		transport: originalTransport,
+		url:       serverURL,
+	}
+	t.Cleanup(func() {
+		http.DefaultClient.Transport = originalTransport
+	})
+
+	var args []string
+	toolsFile := getCreateBackupToolsConfig()
+	cmd, cleanup, err := tests.StartCmd(ctx, toolsFile, args...)
+	if err != nil {
+		t.Fatalf("command initialization returned an error: %s", err)
+	}
+	defer cleanup()
+
+	waitCtx, cancel := context.WithTimeout(ctx, 30*time.Second)
+	defer cancel()
+	out, err := testutils.WaitForString(waitCtx, regexp.MustCompile(`Server ready to serve`), cmd.Out)
+	if err != nil {
+		t.Logf("toolbox command logs: \n%s", out)
+		t.Fatalf("toolbox didn't start successfully: %s", err)
+	}
+
+	tcs := []struct {
+		name        string
+		toolName    string
+		body        string
+		want        string
+		expectError bool
+		errorStatus int
+	}{
+		{
+			name:     "successful backup creation with no optional parameters",
+			toolName: "create-backup",
+			body:     `{"project": "p1", "instance": "instance-no-optional"}`,
+			want:     `{"name":"op1","status":"PENDING"}`,
+		},
+		{
+			name:     "successful backup creation with optional parameters",
+			toolName: "create-backup",
+			body:     `{"project": "p1", "instance": "instance-optional", "location": "us-central1", "backup_description": "test desc"}`,
+			want:     `{"name":"op1","status":"PENDING"}`,
+		},
+		{
+			name:        "missing instance name",
+			toolName:    "create-backup",
+			body:        `{"project": "p1", "escription": "invalid"}`,
+			expectError: true,
+			errorStatus: http.StatusBadRequest,
+		},
+	}
+
+	for _, tc := range tcs {
+		t.Run(tc.name, func(t *testing.T) {
+			api := fmt.Sprintf("http://127.0.0.1:5000/api/tool/%s/invoke", tc.toolName)
+			req, err := http.NewRequest(http.MethodPost, api, bytes.NewBufferString(tc.body))
+			if err != nil {
+				t.Fatalf("unable to create request: %s", err)
+			}
+			req.Header.Add("Content-type", "application/json")
+			resp, err := http.DefaultClient.Do(req)
+			if err != nil {
+				t.Fatalf("unable to send request: %s", err)
+			}
+			defer resp.Body.Close()
+
+			if tc.expectError {
+				if resp.StatusCode != tc.errorStatus {
+					bodyBytes, _ := io.ReadAll(resp.Body)
+					t.Fatalf("expected status %d but got %d: %s", tc.errorStatus, resp.StatusCode, string(bodyBytes))
+				}
+				return
+			}
+
+			if resp.StatusCode != http.StatusOK {
+				bodyBytes, _ := io.ReadAll(resp.Body)
+				t.Fatalf("response status code is not 200, got %d: %s", resp.StatusCode, string(bodyBytes))
+			}
+
+			var result struct {
+				Result string `json:"result"`
+			}
+			if err := json.NewDecoder(resp.Body).Decode(&result); err != nil {
+				t.Fatalf("failed to decode response: %v", err)
+			}
+
+			var got, want map[string]any
+			if err := json.Unmarshal([]byte(result.Result), &got); err != nil {
+				t.Fatalf("failed to unmarshal result: %v", err)
+			}
+			if err := json.Unmarshal([]byte(tc.want), &want); err != nil {
+				t.Fatalf("failed to unmarshal want: %v", err)
+			}
+
+			if !reflect.DeepEqual(got, want) {
+				t.Fatalf("unexpected result: got %+v, want %+v", got, want)
+			}
+		})
+	}
+}
+
+func getCreateBackupToolsConfig() map[string]any {
+	return map[string]any{
+		"sources": map[string]any{
+			"my-cloud-sql-source": map[string]any{
+				"kind": "cloud-sql-admin",
+			},
+		},
+		"tools": map[string]any{
+			"create-backup": map[string]any{
+				"kind":   createBackupToolKind,
+				"source": "my-cloud-sql-source",
+			},
+		},
+	}
+}