feat!: validate resource naming

2026-01-15 02:18:10 -05:00 · 2026-01-13 15:09:40 -08:00
28 changed files with 508 additions and 982 deletions
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -59,13 +59,6 @@ You can manually trigger the bot by commenting on your Pull Request:
 *   `/gemini summary`: Posts a summary of the changes in the pull request.
 *   `/gemini help`: Overview of the available commands

-## Guidelines for Pull Requests
-
-1. Please keep your PR small for more thorough review and easier updates. In case of regression, it also allows us to roll back a single feature instead of multiple ones.
-1. For non-trivial changes, consider opening an issue and discussing it with the code owners first.
-1. Provide a good PR description as a record of what change is being made and why it was made. Link to a GitHub issue if it exists.
-1. Make sure your code is thoroughly tested with unit tests and integration tests. Remember to clean up the test instances properly in your code to avoid memory leaks.
-
 ## Adding a New Database Source or Tool

 Please create an
@@ -117,8 +110,6 @@ implementation](https://github.com/googleapis/genai-toolbox/blob/main/internal/s
 We recommend looking at an [example tool
 implementation](https://github.com/googleapis/genai-toolbox/tree/main/internal/tools/postgres/postgressql).

-Remember to keep your PRs small. For example, if you are contributing a new Source, only include one or two core Tools within the same PR, the rest of the Tools can come in subsequent PRs. 
-
 * **Create a new directory** under `internal/tools` for your tool type (e.g., `internal/tools/newdb/newdbtool`).
 * **Define a configuration struct** for your tool in a file named `newdbtool.go`.
 Create a `Config` struct and a `Tool` struct to store necessary parameters for
@@ -172,8 +163,6 @@ tools.
            parameters][temp-param-doc]. Only run this test if template
            parameters apply to your tool.

-* **Add additional tests** for the tools that are not covered by the predefined tests. Every tool must be tested!
-
 * **Add the new database to the integration test workflow** in
  [integration.cloudbuild.yaml](.ci/integration.cloudbuild.yaml).

@@ -255,4 +244,4 @@ resources.
 * **PR Description:** PR description should **always** be included. It should
  include a concise description of the changes, it's impact, along with a
  summary of the solution. If the PR is related to a specific issue, the issue
-  number should be mentioned in the PR description (e.g. `Fixes #1`).
+  number should be mentioned in the PR description (e.g. `Fixes #1`).
--- a/cmd/root.go
+++ b/cmd/root.go
@@ -92,7 +92,6 @@ import (
 	_ "github.com/googleapis/genai-toolbox/internal/tools/cloudhealthcare/cloudhealthcaresearchdicomstudies"
 	_ "github.com/googleapis/genai-toolbox/internal/tools/cloudmonitoring"
 	_ "github.com/googleapis/genai-toolbox/internal/tools/cloudsql/cloudsqlcloneinstance"
-	_ "github.com/googleapis/genai-toolbox/internal/tools/cloudsql/cloudsqlcreatebackup"
 	_ "github.com/googleapis/genai-toolbox/internal/tools/cloudsql/cloudsqlcreatedatabase"
 	_ "github.com/googleapis/genai-toolbox/internal/tools/cloudsql/cloudsqlcreateusers"
 	_ "github.com/googleapis/genai-toolbox/internal/tools/cloudsql/cloudsqlgetinstances"
--- a/cmd/root_test.go
+++ b/cmd/root_test.go
@@ -1493,7 +1493,7 @@ func TestPrebuiltTools(t *testing.T) {
 			wantToolset: server.ToolsetConfigs{
 				"cloud_sql_postgres_admin_tools": tools.ToolsetConfig{
 					Name:      "cloud_sql_postgres_admin_tools",
-					ToolNames: []string{"create_instance", "get_instance", "list_instances", "create_database", "list_databases", "create_user", "wait_for_operation", "postgres_upgrade_precheck", "clone_instance", "create_backup"},
+					ToolNames: []string{"create_instance", "get_instance", "list_instances", "create_database", "list_databases", "create_user", "wait_for_operation", "postgres_upgrade_precheck", "clone_instance"},
 				},
 			},
 		},
@@ -1503,7 +1503,7 @@ func TestPrebuiltTools(t *testing.T) {
 			wantToolset: server.ToolsetConfigs{
 				"cloud_sql_mysql_admin_tools": tools.ToolsetConfig{
 					Name:      "cloud_sql_mysql_admin_tools",
-					ToolNames: []string{"create_instance", "get_instance", "list_instances", "create_database", "list_databases", "create_user", "wait_for_operation", "clone_instance", "create_backup"},
+					ToolNames: []string{"create_instance", "get_instance", "list_instances", "create_database", "list_databases", "create_user", "wait_for_operation", "clone_instance"},
 				},
 			},
 		},
@@ -1513,7 +1513,7 @@ func TestPrebuiltTools(t *testing.T) {
 			wantToolset: server.ToolsetConfigs{
 				"cloud_sql_mssql_admin_tools": tools.ToolsetConfig{
 					Name:      "cloud_sql_mssql_admin_tools",
-					ToolNames: []string{"create_instance", "get_instance", "list_instances", "create_database", "list_databases", "create_user", "wait_for_operation", "clone_instance", "create_backup"},
+					ToolNames: []string{"create_instance", "get_instance", "list_instances", "create_database", "list_databases", "create_user", "wait_for_operation", "clone_instance"},
 				},
 			},
 		},
--- a/docs/en/how-to/connect-ide/cloud_sql_mssql_admin_mcp.md
+++ b/docs/en/how-to/connect-ide/cloud_sql_mssql_admin_mcp.md
@@ -48,7 +48,6 @@ instance, database and users:
    * `roles/cloudsql.editor`: Provides permissions to manage existing resources.
        * All `viewer` tools
        * `create_database`
-        * `create_backup`
    * `roles/cloudsql.admin`: Provides full control over all resources.
        * All `editor` and `viewer` tools
        * `create_instance`
@@ -300,7 +299,6 @@ instances and interacting with your database:
 * **create_user**: Creates a new user in a Cloud SQL instance.
 * **wait_for_operation**: Waits for a Cloud SQL operation to complete.
 * **clone_instance**: Creates a clone of an existing Cloud SQL for SQL Server instance.
-* **create_backup**: Creates a backup on a Cloud SQL instance.

 {{< notice note >}}
 Prebuilt tools are pre-1.0, so expect some tool changes between versions. LLMs
--- a/docs/en/how-to/connect-ide/cloud_sql_mysql_admin_mcp.md
+++ b/docs/en/how-to/connect-ide/cloud_sql_mysql_admin_mcp.md
@@ -48,7 +48,6 @@ database and users:
    * `roles/cloudsql.editor`: Provides permissions to manage existing resources.
        * All `viewer` tools
        * `create_database`
-        * `create_backup`
    * `roles/cloudsql.admin`: Provides full control over all resources.
        * All `editor` and `viewer` tools
        * `create_instance`
@@ -300,7 +299,6 @@ instances and interacting with your database:
 * **create_user**: Creates a new user in a Cloud SQL instance.
 * **wait_for_operation**: Waits for a Cloud SQL operation to complete.
 * **clone_instance**: Creates a clone of an existing Cloud SQL for MySQL instance.
-* **create_backup**: Creates a backup on a Cloud SQL instance.

 {{< notice note >}}
 Prebuilt tools are pre-1.0, so expect some tool changes between versions. LLMs
--- a/docs/en/how-to/connect-ide/cloud_sql_pg_admin_mcp.md
+++ b/docs/en/how-to/connect-ide/cloud_sql_pg_admin_mcp.md
@@ -48,7 +48,6 @@ instance, database and users:
    * `roles/cloudsql.editor`: Provides permissions to manage existing resources.
        * All `viewer` tools
        * `create_database`
-        * `create_backup`
    * `roles/cloudsql.admin`: Provides full control over all resources.
        * All `editor` and `viewer` tools
        * `create_instance`
@@ -300,7 +299,6 @@ instances and interacting with your database:
 * **create_user**: Creates a new user in a Cloud SQL instance.
 * **wait_for_operation**: Waits for a Cloud SQL operation to complete.
 * **clone_instance**: Creates a clone of an existing Cloud SQL for PostgreSQL instance.
-* **create_backup**: Creates a backup on a Cloud SQL instance.

 {{< notice note >}}
 Prebuilt tools are pre-1.0, so expect some tool changes between versions. LLMs
--- a/docs/en/reference/prebuilt-tools.md
+++ b/docs/en/reference/prebuilt-tools.md
@@ -187,7 +187,6 @@ See [Usage Examples](../reference/cli.md#examples).
        manage existing resources.
        * All `viewer` tools
        * `create_database`
-        * `create_backup`
    *   **Cloud SQL Admin** (`roles/cloudsql.admin`): Provides full control over
        all resources.
        * All `editor` and `viewer` tools
@@ -204,7 +203,6 @@ See [Usage Examples](../reference/cli.md#examples).
    *   `create_user`: Creates a new user in a Cloud SQL instance.
    *   `wait_for_operation`: Waits for a Cloud SQL operation to complete.
    *   `clone_instance`: Creates a clone for an existing Cloud SQL for MySQL instance.
-    *   `create_backup`: Creates a backup on a Cloud SQL instance.

 ## Cloud SQL for PostgreSQL

@@ -277,7 +275,6 @@ See [Usage Examples](../reference/cli.md#examples).
        manage existing resources.
        * All `viewer` tools
        * `create_database`
-        * `create_backup`
    *   **Cloud SQL Admin** (`roles/cloudsql.admin`): Provides full control over
        all resources.
        * All `editor` and `viewer` tools
@@ -293,7 +290,6 @@ See [Usage Examples](../reference/cli.md#examples).
    *   `create_user`: Creates a new user in a Cloud SQL instance.
    *   `wait_for_operation`: Waits for a Cloud SQL operation to complete.
    *   `clone_instance`: Creates a clone for an existing Cloud SQL for PostgreSQL instance.
-    *   `create_backup`: Creates a backup on a Cloud SQL instance.

 ## Cloud SQL for SQL Server

@@ -340,7 +336,6 @@ See [Usage Examples](../reference/cli.md#examples).
        manage existing resources.
        * All `viewer` tools
        * `create_database`
-        * `create_backup`
    *   **Cloud SQL Admin** (`roles/cloudsql.admin`): Provides full control over
        all resources.
        * All `editor` and `viewer` tools
@@ -356,7 +351,6 @@ See [Usage Examples](../reference/cli.md#examples).
    *   `create_user`: Creates a new user in a Cloud SQL instance.
    *   `wait_for_operation`: Waits for a Cloud SQL operation to complete.
    *   `clone_instance`: Creates a clone for an existing Cloud SQL for SQL Server instance.
-    *   `create_backup`: Creates a backup on a Cloud SQL instance.

 ## Dataplex

--- a/docs/en/resources/tools/cloudgda/cloud-gda-query.md
+++ b/docs/en/resources/tools/cloudgda/cloud-gda-query.md
@@ -41,13 +41,13 @@ tools:

 ### Usage Flow

-When using this tool, a `query` parameter containing a natural language query is provided to the tool (typically by an agent). The tool then interacts with the Gemini Data Analytics API using the context defined in your configuration.
+When using this tool, a `prompt` parameter containing a natural language query is provided to the tool (typically by an agent). The tool then interacts with the Gemini Data Analytics API using the context defined in your configuration.

 The structure of the response depends on the `generationOptions` configured in your tool definition (e.g., enabling `generateQueryResult` will include the SQL query results).

 See [Data Analytics API REST documentation](https://clouddocs.devsite.corp.google.com/gemini/docs/conversational-analytics-api/reference/rest/v1alpha/projects.locations/queryData?rep_location=global) for details.

-**Example Input Query:**
+**Example Input Prompt:**

 ```text
 How many accounts who have region in Prague are eligible for loans? A3 contains the data of region.
--- a/docs/en/resources/tools/cloudsql/cloudsqlcreatebackup.md
+++ b/docs/en/resources/tools/cloudsql/cloudsqlcreatebackup.md
@@ -1,45 +0,0 @@
---
-title: cloud-sql-create-backup
-type: docs
-weight: 10
-description: "Creates a backup on a Cloud SQL instance."
---
-
-The `cloud-sql-create-backup` tool creates an on-demand backup on a Cloud SQL instance using the Cloud SQL Admin API.
-
-{{< notice info dd>}}
-This tool uses a `source` of kind `cloud-sql-admin`.
-{{< /notice >}}
-
-## Examples
-
-Basic backup creation (current state)
-
-```yaml
-tools:
-  backup-creation-basic:
-    kind: cloud-sql-create-backup
-    source: cloud-sql-admin-source
-    description: "Creates a backup on the given Cloud SQL instance."
-```
-## Reference
-### Tool Configuration
-| **field**      | **type** | **required** | **description**                                               |
-| -------------- | :------: | :----------: | ------------------------------------------------------------- |
-| kind           | string   | true         | Must be "cloud-sql-create-backup".                            |
-| source         | string   | true         | The name of the `cloud-sql-admin` source to use.              |
-| description    | string   | false        | A description of the tool.                                    |
-
-### Tool Inputs
-
-| **parameter**              | **type** | **required** | **description**                                                                 |
-| -------------------------- | :------: | :----------: | ------------------------------------------------------------------------------- |
-| project                    | string   | true         | The project ID.                                                                 |
-| instance                   | string   | true         | The name of the instance to take a backup on. Does not include the project ID.  |
-| location                   | string   | false        | (Optional) Location of the backup run.                                          |
-| backup_description         | string   | false        | (Optional) The description of this backup run.                                  |
-
-## See Also
- [Cloud SQL Admin API documentation](https://cloud.google.com/sql/docs/mysql/admin-api)
- [Toolbox Cloud SQL tools documentation](../cloudsql)
- [Cloud SQL Backup API documentation](https://cloud.google.com/sql/docs/mysql/backup-recovery/backups)
--- a/docs/en/samples/neo4j/_index.md
+++ b/docs/en/samples/neo4j/_index.md
@@ -1,7 +0,0 @@
---
-title: "Neo4j"
-type: docs
-weight: 1
-description: >
-  How to get started with Toolbox using Neo4j.
---
--- a/docs/en/samples/neo4j/mcp_quickstart.md
+++ b/docs/en/samples/neo4j/mcp_quickstart.md
@@ -1,141 +0,0 @@
---
-title: "Quickstart (MCP with Neo4j)"
-type: docs
-weight: 1
-description: >
-  How to get started running Toolbox with MCP Inspector and Neo4j as the source.
---
-
-## Overview
-
-[Model Context Protocol](https://modelcontextprotocol.io) is an open protocol that standardizes how applications provide context to LLMs. Check out this page on how to [connect to Toolbox via MCP](../../how-to/connect_via_mcp.md).
-
-
-## Step 1: Set up your Neo4j Database and Data
-
-In this section, you'll set up a database and populate it with sample data for a movies-related agent. This guide assumes you have a running Neo4j instance, either locally or in the cloud.
-
-. **Populate the database with data.**
-To make this quickstart straightforward, we'll use the built-in Movies dataset available in Neo4j.
-
-. In your Neo4j Browser, run the following command to create and populate the database:
-+
-```cypher
-:play movies
-````
-
-. Follow the instructions to load the data. This will create a graph with `Movie`, `Person`, and `Actor` nodes and their relationships.
-
-
-## Step 2: Install and configure Toolbox
-
-In this section, we will install the MCP Toolbox, configure our tools in a `tools.yaml` file, and then run the Toolbox server.
-
-. **Install the Toolbox binary.**
-The simplest way to get started is to download the latest binary for your operating system.
-
-. Download the latest version of Toolbox as a binary:
-\+
-
-```bash
-export OS="linux/amd64" # one of linux/amd64, darwin/arm64, darwin/amd64, or windows/amd64
-curl -O [https://storage.googleapis.com/genai-toolbox/v0.16.0/$OS/toolbox](https://storage.googleapis.com/genai-toolbox/v0.16.0/$OS/toolbox)
-```
-
-  + 
-. Make the binary executable:
-\+
-
-```bash
-chmod +x toolbox
-```
-
-. **Create the `tools.yaml` file.**
-This file defines your Neo4j source and the specific tools that will be exposed to your AI agent.
-\+
-{{\< notice tip \>}}
-Authentication for the Neo4j source uses standard username and password fields. For production use, it is highly recommended to use environment variables for sensitive information like passwords.
-{{\< /notice \>}}
-\+
-Write the following into a `tools.yaml` file:
-\+
-
-```yaml
-sources:
-  my-neo4j-source:
-    kind: neo4j
-    uri: bolt://localhost:7687
-    user: neo4j
-    password: my-password # Replace with your actual password
-
-tools:
-  search-movies-by-actor:
-    kind: neo4j-cypher
-    source: my-neo4j-source
-    description: "Searches for movies an actor has appeared in based on their name. Useful for questions like 'What movies has Tom Hanks been in?'"
-    parameters:
-      - name: actor_name
-        type: string
-        description: The full name of the actor to search for.
-    statement: |
-      MATCH (p:Person {name: $actor_name}) -[:ACTED_IN]-> (m:Movie)
-      RETURN m.title AS title, m.year AS year, m.genre AS genre
-  
-  get-actor-for-movie:
-    kind: neo4j-cypher
-    source: my-neo4j-source
-    description: "Finds the actors who starred in a specific movie. Useful for questions like 'Who acted in Inception?'"
-    parameters:
-      - name: movie_title
-        type: string
-        description: The exact title of the movie.
-    statement: |
-      MATCH (p:Person) -[:ACTED_IN]-> (m:Movie {title: $movie_title})
-      RETURN p.name AS actor
-```
-
-. **Start the Toolbox server.**
-Run the Toolbox server, pointing to the `tools.yaml` file you created earlier.
-\+
-
-```bash
-./toolbox --tools-file "tools.yaml"
-```
-
-## Step 3: Connect to MCP Inspector
-
-. **Run the MCP Inspector:**
-\+
-
-```bash
-npx @modelcontextprotocol/inspector
-```
-
-. Type `y` when it asks to install the inspector package.
-. It should show the following when the MCP Inspector is up and running (please take note of `<YOUR_SESSION_TOKEN>`):
-\+
-
-```bash
-Starting MCP inspector...
-⚙️ Proxy server listening on localhost:6277
-🔑 Session token: <YOUR_SESSION_TOKEN>
-    Use this token to authenticate requests or set DANGEROUSLY_OMIT_AUTH=true to disable auth
-
-🚀 MCP Inspector is up and running at:
-    http://localhost:6274/?MCP_PROXY_AUTH_TOKEN=<YOUR_SESSION_TOKEN>
-```
-
-1. Open the above link in your browser.
-
-1. For `Transport Type`, select `Streamable HTTP`.
-
-1. For `URL`, type in `http://127.0.0.1:5000/mcp`.
-
-1. For `Configuration` -\> `Proxy Session Token`, make sure `<YOUR_SESSION_TOKEN>` is present.
-
-1. Click `Connect`.
-
-1. Select `List Tools`, you will see a list of tools configured in `tools.yaml`.
-
-1. Test out your tools here\!
-
--- a/go.mod
+++ b/go.mod
@@ -12,7 +12,7 @@ require (
 	cloud.google.com/go/dataplex v1.28.0
 	cloud.google.com/go/dataproc/v2 v2.15.0
 	cloud.google.com/go/firestore v1.20.0
-	cloud.google.com/go/geminidataanalytics v0.5.0
+	cloud.google.com/go/geminidataanalytics v0.3.0
 	cloud.google.com/go/longrunning v0.7.0
 	cloud.google.com/go/spanner v1.86.1
 	github.com/ClickHouse/clickhouse-go/v2 v2.40.3
--- a/go.sum
+++ b/go.sum
@@ -311,8 +311,8 @@ cloud.google.com/go/gaming v1.6.0/go.mod h1:YMU1GEvA39Qt3zWGyAVA9bpYz/yAhTvaQ1t2
 cloud.google.com/go/gaming v1.7.0/go.mod h1:LrB8U7MHdGgFG851iHAfqUdLcKBdQ55hzXy9xBJz0+w=
 cloud.google.com/go/gaming v1.8.0/go.mod h1:xAqjS8b7jAVW0KFYeRUxngo9My3f33kFmua++Pi+ggM=
 cloud.google.com/go/gaming v1.9.0/go.mod h1:Fc7kEmCObylSWLO334NcO+O9QMDyz+TKC4v1D7X+Bc0=
-cloud.google.com/go/geminidataanalytics v0.5.0 h1:+1usY81Cb+hE8BokpqCM7EgJtRCKzUKx7FvrHbT5hCA=
-cloud.google.com/go/geminidataanalytics v0.5.0/go.mod h1:QRc0b6ywyc3Z7S3etFgslz7hippkW/jRvtops5rKqIg=
+cloud.google.com/go/geminidataanalytics v0.3.0 h1:2Wi/kqFb5OLuEGH7q+/miE19VTqK1MYHjBEHENap9HI=
+cloud.google.com/go/geminidataanalytics v0.3.0/go.mod h1:QRc0b6ywyc3Z7S3etFgslz7hippkW/jRvtops5rKqIg=
 cloud.google.com/go/gkebackup v0.2.0/go.mod h1:XKvv/4LfG829/B8B7xRkk8zRrOEbKtEam6yNfuQNH60=
 cloud.google.com/go/gkebackup v0.3.0/go.mod h1:n/E671i1aOQvUxT541aTkCwExO/bTer2HDlj4TsBRAo=
 cloud.google.com/go/gkebackup v0.4.0/go.mod h1:byAyBGUwYGEEww7xsbnUTBHIYcOPy/PgUWUtOeRm9Vg=
--- a/internal/prebuiltconfigs/tools/cloud-sql-mssql-admin.yaml
+++ b/internal/prebuiltconfigs/tools/cloud-sql-mssql-admin.yaml
@@ -43,9 +43,6 @@ tools:
  clone_instance:
    kind: cloud-sql-clone-instance
    source: cloud-sql-admin-source
-  create_backup:
-    kind: cloud-sql-create-backup
-    source: cloud-sql-admin-source

 toolsets:
  cloud_sql_mssql_admin_tools:
@@ -57,4 +54,3 @@ toolsets:
    - create_user
    - wait_for_operation
    - clone_instance
-    - create_backup
--- a/internal/prebuiltconfigs/tools/cloud-sql-mysql-admin.yaml
+++ b/internal/prebuiltconfigs/tools/cloud-sql-mysql-admin.yaml
@@ -43,9 +43,6 @@ tools:
  clone_instance:
    kind: cloud-sql-clone-instance
    source: cloud-sql-admin-source
-  create_backup:
-    kind: cloud-sql-create-backup
-    source: cloud-sql-admin-source

 toolsets:
  cloud_sql_mysql_admin_tools:
@@ -57,4 +54,3 @@ toolsets:
    - create_user
    - wait_for_operation
    - clone_instance
-    - create_backup
--- a/internal/prebuiltconfigs/tools/cloud-sql-postgres-admin.yaml
+++ b/internal/prebuiltconfigs/tools/cloud-sql-postgres-admin.yaml
@@ -46,9 +46,6 @@ tools:
  postgres_upgrade_precheck:
    kind: postgres-upgrade-precheck
    source: cloud-sql-admin-source
-  create_backup:
-    kind: cloud-sql-create-backup
-    source: cloud-sql-admin-source

 toolsets:
  cloud_sql_postgres_admin_tools:
@@ -61,4 +58,3 @@ toolsets:
    - wait_for_operation
    - postgres_upgrade_precheck
    - clone_instance
-    - create_backup
--- a/internal/server/config.go
+++ b/internal/server/config.go
@@ -16,6 +16,7 @@ package server
 import (
 	"context"
 	"fmt"
+	"regexp"
 	"strings"

 	yaml "github.com/goccy/go-yaml"
@@ -139,6 +140,10 @@ func (c *SourceConfigs) UnmarshalYAML(ctx context.Context, unmarshal func(interf
 	}

 	for name, u := range raw {
+		err := NameValidation(name)
+		if err != nil {
+			return err
+		}
 		// Unmarshal to a general type that ensure it capture all fields
 		var v map[string]any
 		if err := u.Unmarshal(&v); err != nil {
@@ -183,6 +188,10 @@ func (c *AuthServiceConfigs) UnmarshalYAML(ctx context.Context, unmarshal func(i
 	}

 	for name, u := range raw {
+		err := NameValidation(name)
+		if err != nil {
+			return err
+		}
 		var v map[string]any
 		if err := u.Unmarshal(&v); err != nil {
 			return fmt.Errorf("unable to unmarshal %q: %w", name, err)
@@ -226,6 +235,10 @@ func (c *EmbeddingModelConfigs) UnmarshalYAML(ctx context.Context, unmarshal fun
 	}

 	for name, u := range raw {
+		err := NameValidation(name)
+		if err != nil {
+			return err
+		}
 		// Unmarshal to a general type that ensure it capture all fields
 		var v map[string]any
 		if err := u.Unmarshal(&v); err != nil {
@@ -270,6 +283,10 @@ func (c *ToolConfigs) UnmarshalYAML(ctx context.Context, unmarshal func(interfac
 	}

 	for name, u := range raw {
+		err := NameValidation(name)
+		if err != nil {
+			return err
+		}
 		var v map[string]any
 		if err := u.Unmarshal(&v); err != nil {
 			return fmt.Errorf("unable to unmarshal %q: %w", name, err)
@@ -323,6 +340,10 @@ func (c *ToolsetConfigs) UnmarshalYAML(ctx context.Context, unmarshal func(inter
 	}

 	for name, toolList := range raw {
+		err := NameValidation(name)
+		if err != nil {
+			return err
+		}
 		(*c)[name] = tools.ToolsetConfig{Name: name, ToolNames: toolList}
 	}
 	return nil
@@ -342,6 +363,10 @@ func (c *PromptConfigs) UnmarshalYAML(ctx context.Context, unmarshal func(interf
 	}

 	for name, u := range raw {
+		err := NameValidation(name)
+		if err != nil {
+			return err
+		}
 		var v map[string]any
 		if err := u.Unmarshal(&v); err != nil {
 			return fmt.Errorf("unable to unmarshal prompt %q: %w", name, err)
@@ -389,7 +414,31 @@ func (c *PromptsetConfigs) UnmarshalYAML(ctx context.Context, unmarshal func(int
 	}

 	for name, promptList := range raw {
+		err := NameValidation(name)
+		if err != nil {
+			return err
+		}
 		(*c)[name] = prompts.PromptsetConfig{Name: name, PromptNames: promptList}
 	}
 	return nil
 }
+
+// Tools naming validation is added in the MCP v2025-11-25, but we'll be
+// implementing it across Toolbox
+// Tool names SHOULD be between 1 and 128 characters in length (inclusive).
+// Tool names SHOULD be considered case-sensitive.
+// The following SHOULD be the only allowed characters: uppercase and lowercase ASCII letters (A-Z, a-z), digits (0-9), underscore (_), hyphen (-), and dot (.)
+// Tool names SHOULD NOT contain spaces, commas, or other special characters.
+// Tool names SHOULD be unique within a server.
+func NameValidation(name string) error {
+	strLen := len(name)
+	if strLen < 1 || strLen > 128 {
+		return fmt.Errorf("resource name SHOULD be between 1 and 128 characters in length (inclusive)")
+	}
+	validChars := regexp.MustCompile("^[a-zA-Z0-9_.-]+$")
+	isValid := validChars.MatchString(name)
+	if !isValid {
+		return fmt.Errorf("invalid character for resource name; only uppercase and lowercase ASCII letters (A-Z, a-z), digits (0-9), underscore (_), hyphen (-), and dot (.) is allowed")
+	}
+	return nil
+}
--- a/internal/server/server_test.go
+++ b/internal/server/server_test.go
@@ -200,3 +200,62 @@ func TestUpdateServer(t *testing.T) {
 		t.Errorf("error updating server, promptset (-want +got):\n%s", diff)
 	}
 }
+
+func TestNameValidation(t *testing.T) {
+	testCases := []struct {
+		desc         string
+		resourceName string
+		errStr       string
+	}{
+		{
+			desc:         "names with 0 length",
+			resourceName: "",
+			errStr:       "resource name SHOULD be between 1 and 128 characters in length (inclusive)",
+		},
+		{
+			desc:         "names with allowed length",
+			resourceName: "foo",
+		},
+		{
+			desc:         "names with 128 length",
+			resourceName: strings.Repeat("a", 128),
+		},
+		{
+			desc:         "names with more than 128 length",
+			resourceName: strings.Repeat("a", 129),
+			errStr:       "resource name SHOULD be between 1 and 128 characters in length (inclusive)",
+		},
+		{
+			desc:         "names with space",
+			resourceName: "foo bar",
+			errStr:       "invalid character for resource name; only uppercase and lowercase ASCII letters (A-Z, a-z), digits (0-9), underscore (_), hyphen (-), and dot (.) is allowed",
+		},
+		{
+			desc:         "names with commas",
+			resourceName: "foo,bar",
+			errStr:       "invalid character for resource name; only uppercase and lowercase ASCII letters (A-Z, a-z), digits (0-9), underscore (_), hyphen (-), and dot (.) is allowed",
+		},
+		{
+			desc:         "names with other special character",
+			resourceName: "foo!",
+			errStr:       "invalid character for resource name; only uppercase and lowercase ASCII letters (A-Z, a-z), digits (0-9), underscore (_), hyphen (-), and dot (.) is allowed",
+		},
+		{
+			desc:         "names with allowed special character",
+			resourceName: "foo_.-bar6",
+		},
+	}
+	for _, tc := range testCases {
+		t.Run(tc.desc, func(t *testing.T) {
+			err := server.NameValidation(tc.resourceName)
+			if err != nil {
+				if tc.errStr != err.Error() {
+					t.Fatalf("unexpected error: %s", err)
+				}
+			}
+			if err == nil && tc.errStr != "" {
+				t.Fatalf("expect error: %s", tc.errStr)
+			}
+		})
+	}
+}
--- a/internal/sources/cloudgda/cloud_gda.go
+++ b/internal/sources/cloudgda/cloud_gda.go
@@ -14,20 +14,23 @@
 package cloudgda

 import (
+	"bytes"
 	"context"
+	"encoding/json"
 	"fmt"
+	"io"
+	"net/http"

-	geminidataanalytics "cloud.google.com/go/geminidataanalytics/apiv1beta"
-	"cloud.google.com/go/geminidataanalytics/apiv1beta/geminidataanalyticspb"
 	"github.com/goccy/go-yaml"
 	"github.com/googleapis/genai-toolbox/internal/sources"
 	"github.com/googleapis/genai-toolbox/internal/util"
 	"go.opentelemetry.io/otel/trace"
 	"golang.org/x/oauth2"
-	"google.golang.org/api/option"
+	"golang.org/x/oauth2/google"
 )

 const SourceKind string = "cloud-gemini-data-analytics"
+const Endpoint string = "https://geminidataanalytics.googleapis.com"

 // validate interface
 var _ sources.SourceConfig = Config{}
@@ -64,19 +67,29 @@ func (r Config) Initialize(ctx context.Context, tracer trace.Tracer) (sources.So
 		return nil, fmt.Errorf("error in User Agent retrieval: %s", err)
 	}

+	var client *http.Client
+	if r.UseClientOAuth {
+		client = &http.Client{
+			Transport: util.NewUserAgentRoundTripper(ua, http.DefaultTransport),
+		}
+	} else {
+		// Use Application Default Credentials
+		// Scope: "https://www.googleapis.com/auth/cloud-platform" is generally sufficient for GDA
+		creds, err := google.FindDefaultCredentials(ctx, "https://www.googleapis.com/auth/cloud-platform")
+		if err != nil {
+			return nil, fmt.Errorf("failed to find default credentials: %w", err)
+		}
+		baseClient := oauth2.NewClient(ctx, creds.TokenSource)
+		baseClient.Transport = util.NewUserAgentRoundTripper(ua, baseClient.Transport)
+		client = baseClient
+	}
+
 	s := &Source{
 		Config:    r,
+		Client:    client,
+		BaseURL:   Endpoint,
 		userAgent: ua,
 	}
-
-	if !r.UseClientOAuth {
-		client, err := geminidataanalytics.NewDataChatClient(ctx, option.WithUserAgent(ua))
-		if err != nil {
-			return nil, fmt.Errorf("failed to create DataChatClient: %w", err)
-		}
-		s.Client = client
-	}
-
 	return s, nil
 }

@@ -84,7 +97,8 @@ var _ sources.Source = &Source{}

 type Source struct {
 	Config
-	Client    *geminidataanalytics.DataChatClient
+	Client    *http.Client
+	BaseURL   string
 	userAgent string
 }

@@ -100,34 +114,63 @@ func (s *Source) GetProjectID() string {
 	return s.ProjectID
 }

+func (s *Source) GetBaseURL() string {
+	return s.BaseURL
+}
+
+func (s *Source) GetClient(ctx context.Context, accessToken string) (*http.Client, error) {
+	if s.UseClientOAuth {
+		if accessToken == "" {
+			return nil, fmt.Errorf("client-side OAuth is enabled but no access token was provided")
+		}
+		token := &oauth2.Token{AccessToken: accessToken}
+		baseClient := oauth2.NewClient(ctx, oauth2.StaticTokenSource(token))
+		baseClient.Transport = util.NewUserAgentRoundTripper(s.userAgent, baseClient.Transport)
+		return baseClient, nil
+	}
+	return s.Client, nil
+}
+
 func (s *Source) UseClientAuthorization() bool {
 	return s.UseClientOAuth
 }

-func (s *Source) RunQuery(ctx context.Context, tokenStr string, req *geminidataanalyticspb.QueryDataRequest) (*geminidataanalyticspb.QueryDataResponse, error) {
-	client, cleanup, err := s.GetClient(ctx, tokenStr)
+func (s *Source) RunQuery(ctx context.Context, tokenStr string, bodyBytes []byte) (any, error) {
+	// The API endpoint itself always uses the "global" location.
+	apiLocation := "global"
+	apiParent := fmt.Sprintf("projects/%s/locations/%s", s.GetProjectID(), apiLocation)
+	apiURL := fmt.Sprintf("%s/v1beta/%s:queryData", s.GetBaseURL(), apiParent)
+
+	client, err := s.GetClient(ctx, tokenStr)
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("failed to get HTTP client: %w", err)
 	}
-	defer cleanup()

-	return client.QueryData(ctx, req)
-}
-
-func (s *Source) GetClient(ctx context.Context, tokenStr string) (*geminidataanalytics.DataChatClient, func(), error) {
-	if s.UseClientOAuth {
-		if tokenStr == "" {
-			return nil, nil, fmt.Errorf("client-side OAuth is enabled but no access token was provided")
-		}
-		token := &oauth2.Token{AccessToken: tokenStr}
-		client, err := geminidataanalytics.NewDataChatClient(ctx,
-			option.WithUserAgent(s.userAgent),
-			option.WithTokenSource(oauth2.StaticTokenSource(token)),
-		)
-		if err != nil {
-			return nil, nil, fmt.Errorf("failed to create per-request DataChatClient: %w", err)
-		}
-		return client, func() { client.Close() }, nil
+	req, err := http.NewRequestWithContext(ctx, http.MethodPost, apiURL, bytes.NewBuffer(bodyBytes))
+	if err != nil {
+		return nil, fmt.Errorf("failed to create request: %w", err)
 	}
-	return s.Client, func() {}, nil
+	req.Header.Set("Content-Type", "application/json")
+
+	resp, err := client.Do(req)
+	if err != nil {
+		return nil, fmt.Errorf("failed to execute request: %w", err)
+	}
+	defer resp.Body.Close()
+
+	respBody, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return nil, fmt.Errorf("failed to read response body: %w", err)
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		return nil, fmt.Errorf("API request failed with status %d: %s", resp.StatusCode, string(respBody))
+	}
+
+	var result map[string]any
+	if err := json.Unmarshal(respBody, &result); err != nil {
+		return nil, fmt.Errorf("failed to unmarshal response: %w", err)
+	}
+
+	return result, nil
 }
--- a/internal/sources/cloudgda/cloud_gda_test.go
+++ b/internal/sources/cloudgda/cloud_gda_test.go
@@ -181,9 +181,11 @@ func TestInitialize(t *testing.T) {
 			if gdaSrc.Client == nil && !tc.wantClientOAuth {
 				t.Fatal("expected non-nil HTTP client for ADC, got nil")
 			}
-			// When client OAuth is true, the source's client should be nil.
-			if gdaSrc.Client != nil && tc.wantClientOAuth {
-				t.Fatal("expected nil HTTP client for client OAuth config, got non-nil")
+			// When client OAuth is true, the source's client should be initialized with a base HTTP client
+			// that includes the user agent round tripper, but not the OAuth token. The token-aware
+			// client is created by GetClient.
+			if gdaSrc.Client == nil && tc.wantClientOAuth {
+				t.Fatal("expected non-nil HTTP client for client OAuth config, got nil")
 			}

 			// Test UseClientAuthorization method
@@ -193,16 +195,15 @@ func TestInitialize(t *testing.T) {

 			// Test GetClient with accessToken for client OAuth scenarios
 			if tc.wantClientOAuth {
-				client, cleanup, err := gdaSrc.GetClient(ctx, "dummy-token")
+				client, err := gdaSrc.GetClient(ctx, "dummy-token")
 				if err != nil {
 					t.Fatalf("GetClient with token failed: %v", err)
 				}
-				defer cleanup()
 				if client == nil {
 					t.Fatal("expected non-nil HTTP client from GetClient with token, got nil")
 				}
 				// Ensure passing empty token with UseClientOAuth enabled returns error
-				_, _, err = gdaSrc.GetClient(ctx, "")
+				_, err = gdaSrc.GetClient(ctx, "")
 				if err == nil || err.Error() != "client-side OAuth is enabled but no access token was provided" {
 					t.Errorf("expected 'client-side OAuth is enabled but no access token was provided' error, got: %v", err)
 				}
--- a/internal/sources/cloudsqladmin/cloud_sql_admin.go
+++ b/internal/sources/cloudsqladmin/cloud_sql_admin.go
@@ -352,28 +352,6 @@ func (s *Source) GetWaitForOperations(ctx context.Context, service *sqladmin.Ser
 	return nil, nil
 }

-func (s *Source) InsertBackupRun(ctx context.Context, project, instance, location, backupDescription, accessToken string) (any, error) {
-	backupRun := &sqladmin.BackupRun{}
-	if location != "" {
-		backupRun.Location = location
-	}
-	if backupDescription != "" {
-		backupRun.Description = backupDescription
-	}
-
-	service, err := s.GetService(ctx, string(accessToken))
-	if err != nil {
-		return nil, err
-	}
-
-	resp, err := service.BackupRuns.Insert(project, instance, backupRun).Do()
-	if err != nil {
-		return nil, fmt.Errorf("error creating backup: %w", err)
-	}
-
-	return resp, nil
-}
-
 func generateCloudSQLConnectionMessage(ctx context.Context, source *Source, logger log.Logger, opResponse map[string]any, connectionMessageTemplate string) (string, bool) {
 	operationType, ok := opResponse["operationType"].(string)
 	if !ok || operationType != "CREATE_DATABASE" {
--- a/internal/tools/cloudgda/cloudgda.go
+++ b/internal/tools/cloudgda/cloudgda.go
@@ -19,32 +19,15 @@ import (
 	"encoding/json"
 	"fmt"

-	"cloud.google.com/go/geminidataanalytics/apiv1beta/geminidataanalyticspb"
 	"github.com/goccy/go-yaml"
 	"github.com/googleapis/genai-toolbox/internal/embeddingmodels"
 	"github.com/googleapis/genai-toolbox/internal/sources"
 	"github.com/googleapis/genai-toolbox/internal/tools"
 	"github.com/googleapis/genai-toolbox/internal/util/parameters"
-	"google.golang.org/protobuf/encoding/protojson"
 )

 const kind string = "cloud-gemini-data-analytics-query"

-// Guidance is the tool guidance string.
-const Guidance = `Tool guidance:
-  Inputs:
-    1. query: A natural language formulation of a database query.
-  Outputs: (all optional)
-    1. disambiguation_question: Clarification questions or comments where the tool needs the users' input.
-    2. generated_query: The generated query for the user query.
-    3. intent_explanation: An explanation for why the tool produced ` + "`generated_query`" + `.
-    4. query_result: The result of executing ` + "`generated_query`" + `.
-    5. natural_language_answer: The natural language answer that summarizes the ` + "`query`" + ` and ` + "`query_result`" + `.
-
-Usage guidance:
-  1. If ` + "`disambiguation_question`" + ` is produced, then solicit the needed inputs from the user and try the tool with a new ` + "`query`" + ` that has the needed clarification.
-  2. If ` + "`natural_language_answer`" + ` is produced, use ` + "`intent_explanation`" + ` and ` + "`generated_query`" + ` to see if you need to clarify any assumptions for the user.`
-
 func init() {
 	if !tools.Register(kind, newConfig) {
 		panic(fmt.Sprintf("tool kind %q already registered", kind))
@@ -62,49 +45,7 @@ func newConfig(ctx context.Context, name string, decoder *yaml.Decoder) (tools.T
 type compatibleSource interface {
 	GetProjectID() string
 	UseClientAuthorization() bool
-	RunQuery(context.Context, string, *geminidataanalyticspb.QueryDataRequest) (*geminidataanalyticspb.QueryDataResponse, error)
-}
-
-// QueryDataContext wraps geminidataanalyticspb.QueryDataContext to support YAML decoding via protojson.
-type QueryDataContext struct {
-	*geminidataanalyticspb.QueryDataContext
-}
-
-func (q *QueryDataContext) UnmarshalYAML(b []byte) error {
-	var raw map[string]any
-	if err := yaml.Unmarshal(b, &raw); err != nil {
-		return err
-	}
-	jsonBytes, err := json.Marshal(raw)
-	if err != nil {
-		return fmt.Errorf("failed to marshal context map: %w", err)
-	}
-	q.QueryDataContext = &geminidataanalyticspb.QueryDataContext{}
-	if err := protojson.Unmarshal(jsonBytes, q.QueryDataContext); err != nil {
-		return fmt.Errorf("failed to unmarshal context to proto: %w", err)
-	}
-	return nil
-}
-
-// GenerationOptions wraps geminidataanalyticspb.GenerationOptions to support YAML decoding via protojson.
-type GenerationOptions struct {
-	*geminidataanalyticspb.GenerationOptions
-}
-
-func (g *GenerationOptions) UnmarshalYAML(b []byte) error {
-	var raw map[string]any
-	if err := yaml.Unmarshal(b, &raw); err != nil {
-		return err
-	}
-	jsonBytes, err := json.Marshal(raw)
-	if err != nil {
-		return fmt.Errorf("failed to marshal generation options map: %w", err)
-	}
-	g.GenerationOptions = &geminidataanalyticspb.GenerationOptions{}
-	if err := protojson.Unmarshal(jsonBytes, g.GenerationOptions); err != nil {
-		return fmt.Errorf("failed to unmarshal generation options to proto: %w", err)
-	}
-	return nil
+	RunQuery(context.Context, string, []byte) (any, error)
 }

 type Config struct {
@@ -127,28 +68,19 @@ func (cfg Config) ToolConfigKind() string {

 func (cfg Config) Initialize(srcs map[string]sources.Source) (tools.Tool, error) {
 	// Define the parameters for the Gemini Data Analytics Query API
-	// The query is the only input parameter.
+	// The prompt is the only input parameter.
 	allParameters := parameters.Parameters{
-		parameters.NewStringParameterWithRequired("query", "A natural language formulation of a database query.", true),
+		parameters.NewStringParameterWithRequired("prompt", "The natural language question to ask.", true),
 	}
-	// The input and outputs are for tool guidance, usage guidance is for multi-turn interaction.
-	guidance := Guidance

-	if cfg.Description != "" {
-		cfg.Description += "\n\n" + guidance
-	} else {
-		cfg.Description = guidance
-	}
 	mcpManifest := tools.GetMcpManifest(cfg.Name, cfg.Description, cfg.AuthRequired, allParameters, nil)

-	t := Tool{
+	return Tool{
 		Config:      cfg,
 		AllParams:   allParameters,
 		manifest:    tools.Manifest{Description: cfg.Description, Parameters: allParameters.Manifest(), AuthRequired: cfg.AuthRequired},
 		mcpManifest: mcpManifest,
-	}
-
-	return t, nil
+	}, nil
 }

 // validate interface
@@ -173,9 +105,9 @@ func (t Tool) Invoke(ctx context.Context, resourceMgr tools.SourceProvider, para
 	}

 	paramsMap := params.AsMap()
-	query, ok := paramsMap["query"].(string)
+	prompt, ok := paramsMap["prompt"].(string)
 	if !ok {
-		return nil, fmt.Errorf("query parameter not found or not a string")
+		return nil, fmt.Errorf("prompt parameter not found or not a string")
 	}

 	// Parse the access token if provided
@@ -191,20 +123,18 @@ func (t Tool) Invoke(ctx context.Context, resourceMgr tools.SourceProvider, para
 	// The parent in the request payload uses the tool's configured location.
 	payloadParent := fmt.Sprintf("projects/%s/locations/%s", source.GetProjectID(), t.Location)

-	req := &geminidataanalyticspb.QueryDataRequest{
-		Parent: payloadParent,
-		Prompt: query,
+	payload := &QueryDataRequest{
+		Parent:            payloadParent,
+		Prompt:            prompt,
+		Context:           t.Context,
+		GenerationOptions: t.GenerationOptions,
 	}

-	if t.Context != nil {
-		req.Context = t.Context.QueryDataContext
+	bodyBytes, err := json.Marshal(payload)
+	if err != nil {
+		return nil, fmt.Errorf("failed to marshal request payload: %w", err)
 	}
-
-	if t.GenerationOptions != nil {
-		req.GenerationOptions = t.GenerationOptions.GenerationOptions
-	}
-
-	return source.RunQuery(ctx, tokenStr, req)
+	return source.RunQuery(ctx, tokenStr, bodyBytes)
 }

 func (t Tool) ParseParams(data map[string]any, claims map[string]map[string]any) (parameters.ParamValues, error) {
--- a/internal/tools/cloudgda/cloudgda_test.go
+++ b/internal/tools/cloudgda/cloudgda_test.go
@@ -16,16 +16,19 @@ package cloudgda_test

 import (
 	"context"
+	"encoding/json"
 	"fmt"
+	"io"
+	"net/http"
+	"net/http/httptest"
 	"testing"

-	"cloud.google.com/go/geminidataanalytics/apiv1beta/geminidataanalyticspb"
 	yaml "github.com/goccy/go-yaml"
 	"github.com/google/go-cmp/cmp"
-	"github.com/google/go-cmp/cmp/cmpopts"
 	"github.com/googleapis/genai-toolbox/internal/server"
 	"github.com/googleapis/genai-toolbox/internal/server/resources"
 	"github.com/googleapis/genai-toolbox/internal/sources"
+	cloudgdasrc "github.com/googleapis/genai-toolbox/internal/sources/cloudgda"
 	"github.com/googleapis/genai-toolbox/internal/testutils"
 	"github.com/googleapis/genai-toolbox/internal/tools"
 	cloudgdatool "github.com/googleapis/genai-toolbox/internal/tools/cloudgda"
@@ -71,29 +74,23 @@ func TestParseFromYaml(t *testing.T) {
 					Location:     "us-central1",
 					AuthRequired: []string{},
 					Context: &cloudgdatool.QueryDataContext{
-						QueryDataContext: &geminidataanalyticspb.QueryDataContext{
-							DatasourceReferences: &geminidataanalyticspb.DatasourceReferences{
-								References: &geminidataanalyticspb.DatasourceReferences_SpannerReference{
-									SpannerReference: &geminidataanalyticspb.SpannerReference{
-										DatabaseReference: &geminidataanalyticspb.SpannerDatabaseReference{
-											ProjectId:  "cloud-db-nl2sql",
-											Region:     "us-central1",
-											InstanceId: "evalbench",
-											DatabaseId: "financial",
-											Engine:     geminidataanalyticspb.SpannerDatabaseReference_GOOGLE_SQL,
-										},
-										AgentContextReference: &geminidataanalyticspb.AgentContextReference{
-											ContextSetId: "projects/cloud-db-nl2sql/locations/us-east1/contextSets/bdf_gsql_gemini_all_templates",
-										},
-									},
+						DatasourceReferences: &cloudgdatool.DatasourceReferences{
+							SpannerReference: &cloudgdatool.SpannerReference{
+								DatabaseReference: &cloudgdatool.SpannerDatabaseReference{
+									ProjectID:  "cloud-db-nl2sql",
+									Region:     "us-central1",
+									InstanceID: "evalbench",
+									DatabaseID: "financial",
+									Engine:     cloudgdatool.SpannerEngineGoogleSQL,
+								},
+								AgentContextReference: &cloudgdatool.AgentContextReference{
+									ContextSetID: "projects/cloud-db-nl2sql/locations/us-east1/contextSets/bdf_gsql_gemini_all_templates",
 								},
 							},
 						},
 					},
 					GenerationOptions: &cloudgdatool.GenerationOptions{
-						GenerationOptions: &geminidataanalyticspb.GenerationOptions{
-							GenerateQueryResult: true,
-						},
+						GenerateQueryResult: true,
 					},
 				},
 			},
@@ -111,63 +108,68 @@ func TestParseFromYaml(t *testing.T) {
 			if err != nil {
 				t.Fatalf("unable to unmarshal: %s", err)
 			}
-			if !cmp.Equal(tc.want, got.Tools, cmpopts.IgnoreUnexported(geminidataanalyticspb.QueryDataContext{}, geminidataanalyticspb.DatasourceReferences{}, geminidataanalyticspb.SpannerReference{}, geminidataanalyticspb.SpannerDatabaseReference{}, geminidataanalyticspb.AgentContextReference{}, geminidataanalyticspb.GenerationOptions{}, geminidataanalyticspb.DatasourceReferences_SpannerReference{})) {
-				t.Errorf("incorrect parse: want %v, got %v", tc.want, got.Tools)
+			if !cmp.Equal(tc.want, got.Tools) {
+				t.Fatalf("incorrect parse: want %v, got %v", tc.want, got.Tools)
 			}
 		})
 	}
 }

-// fakeSource implements the compatibleSource interface for testing.
-type fakeSource struct {
-	projectID      string
-	useClientOAuth bool
-	expectedQuery  string
-	expectedParent string
-	response       *geminidataanalyticspb.QueryDataResponse
+// authRoundTripper is a mock http.RoundTripper that adds a dummy Authorization header.
+type authRoundTripper struct {
+	Token string
+	Next  http.RoundTripper
 }

-func (f *fakeSource) GetProjectID() string {
-	return f.projectID
-}
-
-func (f *fakeSource) UseClientAuthorization() bool {
-	return f.useClientOAuth
-}
-
-func (f *fakeSource) SourceKind() string {
-	return "fake-gda-source"
-}
-
-func (f *fakeSource) ToConfig() sources.SourceConfig {
-	return nil
-}
-
-func (f *fakeSource) Initialize(ctx context.Context, tracer interface{}) (sources.Source, error) {
-	return f, nil
-}
-
-func (f *fakeSource) RunQuery(ctx context.Context, token string, req *geminidataanalyticspb.QueryDataRequest) (*geminidataanalyticspb.QueryDataResponse, error) {
-	if req.Prompt != f.expectedQuery {
-		return nil, fmt.Errorf("unexpected query: got %q, want %q", req.Prompt, f.expectedQuery)
+func (rt *authRoundTripper) RoundTrip(req *http.Request) (*http.Response, error) {
+	newReq := *req
+	newReq.Header = make(http.Header)
+	for k, v := range req.Header {
+		newReq.Header[k] = v
 	}
-	if req.Parent != f.expectedParent {
-		return nil, fmt.Errorf("unexpected parent: got %q, want %q", req.Parent, f.expectedParent)
+	newReq.Header.Set("Authorization", rt.Token)
+	if rt.Next == nil {
+		return http.DefaultTransport.RoundTrip(&newReq)
 	}
-	// Basic validation of context/options could be added here if needed,
-	// but the test case mainly checks if they are passed correctly via successful invocation.
-
-	return f.response, nil
+	return rt.Next.RoundTrip(&newReq)
 }

+type mockSource struct {
+	kind    string
+	client  *http.Client       // Can be used to inject a specific client
+	baseURL string             // BaseURL is needed to implement sources.Source.BaseURL
+	config  cloudgdasrc.Config // to return from ToConfig
+}
+
+func (m *mockSource) SourceKind() string             { return m.kind }
+func (m *mockSource) ToConfig() sources.SourceConfig { return m.config }
+func (m *mockSource) GetClient(ctx context.Context, token string) (*http.Client, error) {
+	if m.client != nil {
+		return m.client, nil
+	}
+	// Default client for testing if not explicitly set
+	transport := &http.Transport{}
+	authTransport := &authRoundTripper{
+		Token: "Bearer test-access-token", // Dummy token
+		Next:  transport,
+	}
+	return &http.Client{Transport: authTransport}, nil
+}
+func (m *mockSource) UseClientAuthorization() bool { return false }
+func (m *mockSource) Initialize(ctx context.Context, tracer interface{}) (sources.Source, error) {
+	return m, nil
+}
+func (m *mockSource) BaseURL() string { return m.baseURL }
+
 func TestInitialize(t *testing.T) {
 	t.Parallel()

-	// Minimal fake source
-	fake := &fakeSource{projectID: "test-project"}
-
 	srcs := map[string]sources.Source{
-		"gda-api-source": fake,
+		"gda-api-source": &cloudgdasrc.Source{
+			Config:  cloudgdasrc.Config{Name: "gda-api-source", Kind: cloudgdasrc.SourceKind, ProjectID: "test-project"},
+			Client:  &http.Client{},
+			BaseURL: cloudgdasrc.Endpoint,
+		},
 	}

 	tcs := []struct {
@@ -186,6 +188,9 @@ func TestInitialize(t *testing.T) {
 		},
 	}

+	// Add an incompatible source for testing
+	srcs["incompatible-source"] = &mockSource{kind: "another-kind"}
+
 	for _, tc := range tcs {
 		tc := tc
 		t.Run(tc.desc, func(t *testing.T) {
@@ -202,27 +207,92 @@ func TestInitialize(t *testing.T) {

 func TestInvoke(t *testing.T) {
 	t.Parallel()
+	// Mock the HTTP client and server for Invoke testing
+	serverMux := http.NewServeMux()
+	// Update expected URL path to include the location "us-central1"
+	serverMux.HandleFunc("/v1beta/projects/test-project/locations/global:queryData", func(w http.ResponseWriter, r *http.Request) {
+		if r.Method != http.MethodPost {
+			t.Errorf("expected POST method, got %s", r.Method)
+			http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
+			return
+		}
+		if r.Header.Get("Content-Type") != "application/json" {
+			t.Errorf("expected Content-Type application/json, got %s", r.Header.Get("Content-Type"))
+			http.Error(w, "Bad request", http.StatusBadRequest)
+			return
+		}

-	projectID := "test-project"
-	location := "us-central1"
-	query := "How many accounts who have region in Prague are eligible for loans?"
-	expectedParent := fmt.Sprintf("projects/%s/locations/%s", projectID, location)
+		// Read and unmarshal the request body
+		bodyBytes, err := io.ReadAll(r.Body)
+		if err != nil {
+			t.Errorf("failed to read request body: %v", err)
+			http.Error(w, "Internal Server Error", http.StatusInternalServerError)
+			return
+		}
+		var reqPayload cloudgdatool.QueryDataRequest
+		if err := json.Unmarshal(bodyBytes, &reqPayload); err != nil {
+			t.Errorf("failed to unmarshal request payload: %v", err)
+			http.Error(w, "Bad request", http.StatusBadRequest)
+			return
+		}

-	// Prepare expected response
-	expectedResp := &geminidataanalyticspb.QueryDataResponse{
-		GeneratedQuery:        "SELECT count(*) FROM accounts WHERE region = 'Prague' AND eligible_for_loans = true;",
-		NaturalLanguageAnswer: "There are 5 accounts in Prague eligible for loans.",
+		// Verify expected fields
+		if r.Header.Get("Authorization") == "" {
+			t.Errorf("expected Authorization header, got empty")
+			http.Error(w, "Unauthorized", http.StatusUnauthorized)
+			return
+		}
+		if reqPayload.Prompt != "How many accounts who have region in Prague are eligible for loans?" {
+			t.Errorf("unexpected prompt: %s", reqPayload.Prompt)
+		}
+
+		// Verify payload's parent uses the tool's configured location
+		if reqPayload.Parent != fmt.Sprintf("projects/%s/locations/%s", "test-project", "us-central1") {
+			t.Errorf("unexpected payload parent: got %q, want %q", reqPayload.Parent, fmt.Sprintf("projects/%s/locations/%s", "test-project", "us-central1"))
+		}
+
+		// Verify context from config
+		if reqPayload.Context == nil ||
+			reqPayload.Context.DatasourceReferences == nil ||
+			reqPayload.Context.DatasourceReferences.SpannerReference == nil ||
+			reqPayload.Context.DatasourceReferences.SpannerReference.DatabaseReference == nil ||
+			reqPayload.Context.DatasourceReferences.SpannerReference.DatabaseReference.ProjectID != "cloud-db-nl2sql" {
+			t.Errorf("unexpected context: %v", reqPayload.Context)
+		}
+
+		// Verify generation options from config
+		if reqPayload.GenerationOptions == nil || !reqPayload.GenerationOptions.GenerateQueryResult {
+			t.Errorf("unexpected generation options: %v", reqPayload.GenerationOptions)
+		}
+
+		// Simulate a successful response
+		resp := map[string]any{
+			"queryResult":           "SELECT count(*) FROM accounts WHERE region = 'Prague' AND eligible_for_loans = true;",
+			"naturalLanguageAnswer": "There are 5 accounts in Prague eligible for loans.",
+		}
+		_ = json.NewEncoder(w).Encode(resp)
+	})
+
+	mockServer := httptest.NewServer(serverMux)
+	defer mockServer.Close()
+
+	ctx := testutils.ContextWithUserAgent(context.Background(), "test-user-agent")
+
+	// Create an authenticated client that uses the mock server
+	authTransport := &authRoundTripper{
+		Token: "Bearer test-access-token",
+		Next:  mockServer.Client().Transport,
 	}
+	authClient := &http.Client{Transport: authTransport}

-	fake := &fakeSource{
-		projectID:      projectID,
-		expectedQuery:  query,
-		expectedParent: expectedParent,
-		response:       expectedResp,
+	// Create a real cloudgdasrc.Source but inject the authenticated client
+	mockGdaSource := &cloudgdasrc.Source{
+		Config:  cloudgdasrc.Config{Name: "mock-gda-source", Kind: cloudgdasrc.SourceKind, ProjectID: "test-project"},
+		Client:  authClient,
+		BaseURL: mockServer.URL,
 	}
-
 	srcs := map[string]sources.Source{
-		"mock-gda-source": fake,
+		"mock-gda-source": mockGdaSource,
 	}

 	// Initialize the tool config with context
@@ -231,31 +301,25 @@ func TestInvoke(t *testing.T) {
 		Kind:        "cloud-gemini-data-analytics-query",
 		Source:      "mock-gda-source",
 		Description: "Query Gemini Data Analytics",
-		Location:    location,
+		Location:    "us-central1", // Set location for the test
 		Context: &cloudgdatool.QueryDataContext{
-			QueryDataContext: &geminidataanalyticspb.QueryDataContext{
-				DatasourceReferences: &geminidataanalyticspb.DatasourceReferences{
-					References: &geminidataanalyticspb.DatasourceReferences_SpannerReference{
-						SpannerReference: &geminidataanalyticspb.SpannerReference{
-							DatabaseReference: &geminidataanalyticspb.SpannerDatabaseReference{
-								ProjectId:  "cloud-db-nl2sql",
-								Region:     "us-central1",
-								InstanceId: "evalbench",
-								DatabaseId: "financial",
-								Engine:     geminidataanalyticspb.SpannerDatabaseReference_GOOGLE_SQL,
-							},
-							AgentContextReference: &geminidataanalyticspb.AgentContextReference{
-								ContextSetId: "projects/cloud-db-nl2sql/locations/us-east1/contextSets/bdf_gsql_gemini_all_templates",
-							},
-						},
+			DatasourceReferences: &cloudgdatool.DatasourceReferences{
+				SpannerReference: &cloudgdatool.SpannerReference{
+					DatabaseReference: &cloudgdatool.SpannerDatabaseReference{
+						ProjectID:  "cloud-db-nl2sql",
+						Region:     "us-central1",
+						InstanceID: "evalbench",
+						DatabaseID: "financial",
+						Engine:     cloudgdatool.SpannerEngineGoogleSQL,
+					},
+					AgentContextReference: &cloudgdatool.AgentContextReference{
+						ContextSetID: "projects/cloud-db-nl2sql/locations/us-east1/contextSets/bdf_gsql_gemini_all_templates",
 					},
 				},
 			},
 		},
 		GenerationOptions: &cloudgdatool.GenerationOptions{
-			GenerationOptions: &geminidataanalyticspb.GenerationOptions{
-				GenerateQueryResult: true,
-			},
+			GenerateQueryResult: true,
 		},
 	}

@@ -264,27 +328,26 @@ func TestInvoke(t *testing.T) {
 		t.Fatalf("failed to initialize tool: %v", err)
 	}

-	// Prepare parameters for invocation - ONLY query
+	// Prepare parameters for invocation - ONLY prompt
 	params := parameters.ParamValues{
-		{Name: "query", Value: query},
+		{Name: "prompt", Value: "How many accounts who have region in Prague are eligible for loans?"},
 	}

 	resourceMgr := resources.NewResourceManager(srcs, nil, nil, nil, nil, nil, nil)

-	ctx := testutils.ContextWithUserAgent(context.Background(), "test-user-agent")
-
 	// Invoke the tool
-	result, err := tool.Invoke(ctx, resourceMgr, params, "")
+	result, err := tool.Invoke(ctx, resourceMgr, params, "") // No accessToken needed for ADC client
 	if err != nil {
 		t.Fatalf("tool invocation failed: %v", err)
 	}

-	gotResp, ok := result.(*geminidataanalyticspb.QueryDataResponse)
-	if !ok {
-		t.Fatalf("expected result type *geminidataanalyticspb.QueryDataResponse, got %T", result)
+	// Validate the result
+	expectedResult := map[string]any{
+		"queryResult":           "SELECT count(*) FROM accounts WHERE region = 'Prague' AND eligible_for_loans = true;",
+		"naturalLanguageAnswer": "There are 5 accounts in Prague eligible for loans.",
 	}

-	if diff := cmp.Diff(expectedResp, gotResp, cmpopts.IgnoreUnexported(geminidataanalyticspb.QueryDataResponse{})); diff != "" {
-		t.Errorf("unexpected result mismatch (-want +got):\n%s", diff)
+	if !cmp.Equal(expectedResult, result) {
+		t.Errorf("unexpected result: got %v, want %v", result, expectedResult)
 	}
 }
--- a/internal/tools/cloudgda/types.go
+++ b/internal/tools/cloudgda/types.go
@@ -0,0 +1,116 @@
+// Copyright 2025 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//	http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package cloudgda
+
+// See full service definition at: https://github.com/googleapis/googleapis/blob/master/google/cloud/geminidataanalytics/v1beta/data_chat_service.proto
+
+// QueryDataRequest represents the JSON body for the queryData API
+type QueryDataRequest struct {
+	Parent            string             `json:"parent"`
+	Prompt            string             `json:"prompt"`
+	Context           *QueryDataContext  `json:"context,omitempty"`
+	GenerationOptions *GenerationOptions `json:"generationOptions,omitempty"`
+}
+
+// QueryDataContext reflects the proto definition for the query context.
+type QueryDataContext struct {
+	DatasourceReferences *DatasourceReferences `json:"datasourceReferences,omitempty" yaml:"datasourceReferences,omitempty"`
+}
+
+// DatasourceReferences reflects the proto definition for datasource references, using a oneof.
+type DatasourceReferences struct {
+	SpannerReference  *SpannerReference  `json:"spannerReference,omitempty" yaml:"spannerReference,omitempty"`
+	AlloyDBReference  *AlloyDBReference  `json:"alloydb,omitempty" yaml:"alloydb,omitempty"`
+	CloudSQLReference *CloudSQLReference `json:"cloudSqlReference,omitempty" yaml:"cloudSqlReference,omitempty"`
+}
+
+// SpannerReference reflects the proto definition for Spanner database reference.
+type SpannerReference struct {
+	DatabaseReference     *SpannerDatabaseReference `json:"databaseReference,omitempty" yaml:"databaseReference,omitempty"`
+	AgentContextReference *AgentContextReference    `json:"agentContextReference,omitempty" yaml:"agentContextReference,omitempty"`
+}
+
+// SpannerDatabaseReference reflects the proto definition for a Spanner database reference.
+type SpannerDatabaseReference struct {
+	Engine     SpannerEngine `json:"engine,omitempty" yaml:"engine,omitempty"`
+	ProjectID  string        `json:"projectId,omitempty" yaml:"projectId,omitempty"`
+	Region     string        `json:"region,omitempty" yaml:"region,omitempty"`
+	InstanceID string        `json:"instanceId,omitempty" yaml:"instanceId,omitempty"`
+	DatabaseID string        `json:"databaseId,omitempty" yaml:"databaseId,omitempty"`
+	TableIDs   []string      `json:"tableIds,omitempty" yaml:"tableIds,omitempty"`
+}
+
+// SpannerEngine represents the engine of the Spanner instance.
+type SpannerEngine string
+
+const (
+	SpannerEngineUnspecified SpannerEngine = "ENGINE_UNSPECIFIED"
+	SpannerEngineGoogleSQL   SpannerEngine = "GOOGLE_SQL"
+	SpannerEnginePostgreSQL  SpannerEngine = "POSTGRESQL"
+)
+
+// AlloyDBReference reflects the proto definition for an AlloyDB database reference.
+type AlloyDBReference struct {
+	DatabaseReference     *AlloyDBDatabaseReference `json:"databaseReference,omitempty" yaml:"databaseReference,omitempty"`
+	AgentContextReference *AgentContextReference    `json:"agentContextReference,omitempty" yaml:"agentContextReference,omitempty"`
+}
+
+// AlloyDBDatabaseReference reflects the proto definition for an AlloyDB database reference.
+type AlloyDBDatabaseReference struct {
+	ProjectID  string   `json:"projectId,omitempty" yaml:"projectId,omitempty"`
+	Region     string   `json:"region,omitempty" yaml:"region,omitempty"`
+	ClusterID  string   `json:"clusterId,omitempty" yaml:"clusterId,omitempty"`
+	InstanceID string   `json:"instanceId,omitempty" yaml:"instanceId,omitempty"`
+	DatabaseID string   `json:"databaseId,omitempty" yaml:"databaseId,omitempty"`
+	TableIDs   []string `json:"tableIds,omitempty" yaml:"tableIds,omitempty"`
+}
+
+// CloudSQLReference reflects the proto definition for a Cloud SQL database reference.
+type CloudSQLReference struct {
+	DatabaseReference     *CloudSQLDatabaseReference `json:"databaseReference,omitempty" yaml:"databaseReference,omitempty"`
+	AgentContextReference *AgentContextReference     `json:"agentContextReference,omitempty" yaml:"agentContextReference,omitempty"`
+}
+
+// CloudSQLDatabaseReference reflects the proto definition for a Cloud SQL database reference.
+type CloudSQLDatabaseReference struct {
+	Engine     CloudSQLEngine `json:"engine,omitempty" yaml:"engine,omitempty"`
+	ProjectID  string         `json:"projectId,omitempty" yaml:"projectId,omitempty"`
+	Region     string         `json:"region,omitempty" yaml:"region,omitempty"`
+	InstanceID string         `json:"instanceId,omitempty" yaml:"instanceId,omitempty"`
+	DatabaseID string         `json:"databaseId,omitempty" yaml:"databaseId,omitempty"`
+	TableIDs   []string       `json:"tableIds,omitempty" yaml:"tableIds,omitempty"`
+}
+
+// CloudSQLEngine represents the engine of the Cloud SQL instance.
+type CloudSQLEngine string
+
+const (
+	CloudSQLEngineUnspecified CloudSQLEngine = "ENGINE_UNSPECIFIED"
+	CloudSQLEnginePostgreSQL  CloudSQLEngine = "POSTGRESQL"
+	CloudSQLEngineMySQL       CloudSQLEngine = "MYSQL"
+)
+
+// AgentContextReference reflects the proto definition for agent context.
+type AgentContextReference struct {
+	ContextSetID string `json:"contextSetId,omitempty" yaml:"contextSetId,omitempty"`
+}
+
+// GenerationOptions reflects the proto definition for generation options.
+type GenerationOptions struct {
+	GenerateQueryResult            bool `json:"generateQueryResult" yaml:"generateQueryResult"`
+	GenerateNaturalLanguageAnswer  bool `json:"generateNaturalLanguageAnswer" yaml:"generateNaturalLanguageAnswer"`
+	GenerateExplanation            bool `json:"generateExplanation" yaml:"generateExplanation"`
+	GenerateDisambiguationQuestion bool `json:"generateDisambiguationQuestion" yaml:"generateDisambiguationQuestion"`
+}
--- a/internal/tools/cloudsql/cloudsqlcreatebackup/cloudsqlcreatebackup.go
+++ b/internal/tools/cloudsql/cloudsqlcreatebackup/cloudsqlcreatebackup.go
@@ -1,180 +0,0 @@
-// Copyright 2026 Google LLC
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package cloudsqlcreatebackup
-
-import (
-	"context"
-	"fmt"
-
-	"github.com/goccy/go-yaml"
-	"github.com/googleapis/genai-toolbox/internal/embeddingmodels"
-	"github.com/googleapis/genai-toolbox/internal/sources"
-	"github.com/googleapis/genai-toolbox/internal/tools"
-	"github.com/googleapis/genai-toolbox/internal/util/parameters"
-	"google.golang.org/api/sqladmin/v1"
-)
-
-const kind string = "cloud-sql-create-backup"
-
-var _ tools.ToolConfig = Config{}
-
-type compatibleSource interface {
-	GetDefaultProject() string
-	GetService(context.Context, string) (*sqladmin.Service, error)
-	UseClientAuthorization() bool
-	InsertBackupRun(ctx context.Context, project, instance, location, backupDescription, accessToken string) (any, error)
-}
-
-// Config defines the configuration for the create-backup tool.
-type Config struct {
-	Name         string   `yaml:"name" validate:"required"`
-	Kind         string   `yaml:"kind" validate:"required"`
-	Description  string   `yaml:"description"`
-	Source       string   `yaml:"source" validate:"required"`
-	AuthRequired []string `yaml:"authRequired"`
-}
-
-func init() {
-	if !tools.Register(kind, newConfig) {
-		panic(fmt.Sprintf("tool kind %q already registered", kind))
-	}
-}
-
-func newConfig(ctx context.Context, name string, decoder *yaml.Decoder) (tools.ToolConfig, error) {
-	actual := Config{Name: name}
-	if err := decoder.DecodeContext(ctx, &actual); err != nil {
-		return nil, err
-	}
-	return actual, nil
-}
-
-// ToolConfigKind returns the kind of the tool.
-func (cfg Config) ToolConfigKind() string {
-	return kind
-}
-
-// Initialize initializes the tool from the configuration.
-func (cfg Config) Initialize(srcs map[string]sources.Source) (tools.Tool, error) {
-	rawS, ok := srcs[cfg.Source]
-	if !ok {
-		return nil, fmt.Errorf("no source named %q configured", cfg.Source)
-	}
-	s, ok := rawS.(compatibleSource)
-	if !ok {
-		return nil, fmt.Errorf("invalid source for %q tool: source %q not compatible", kind, cfg.Source)
-	}
-
-	project := s.GetDefaultProject()
-	var projectParam parameters.Parameter
-	if project != "" {
-		projectParam = parameters.NewStringParameterWithDefault("project", project, "The GCP project ID. This is pre-configured; do not ask for it unless the user explicitly provides a different one.")
-	} else {
-		projectParam = parameters.NewStringParameter("project", "The project ID")
-	}
-
-	allParameters := parameters.Parameters{
-		projectParam,
-		parameters.NewStringParameter("instance", "Cloud SQL instance ID. This does not include the project ID."),
-		// Location and backup_description are optional.
-		parameters.NewStringParameterWithRequired("location", "Location of the backup run.", false),
-		parameters.NewStringParameterWithRequired("backup_description", "The description of this backup run.", false),
-	}
-	paramManifest := allParameters.Manifest()
-
-	description := cfg.Description
-	if description == "" {
-		description = "Creates a backup on a Cloud SQL instance."
-	}
-
-	mcpManifest := tools.GetMcpManifest(cfg.Name, description, cfg.AuthRequired, allParameters, nil)
-
-	return Tool{
-		Config:      cfg,
-		AllParams:   allParameters,
-		manifest:    tools.Manifest{Description: description, Parameters: paramManifest, AuthRequired: cfg.AuthRequired},
-		mcpManifest: mcpManifest,
-	}, nil
-}
-
-// Tool represents the create-backup tool.
-type Tool struct {
-	Config
-	AllParams   parameters.Parameters `yaml:"allParams"`
-	manifest    tools.Manifest
-	mcpManifest tools.McpManifest
-}
-
-func (t Tool) ToConfig() tools.ToolConfig {
-	return t.Config
-}
-
-func (t Tool) Invoke(ctx context.Context, resourceMgr tools.SourceProvider, params parameters.ParamValues, accessToken tools.AccessToken) (any, error) {
-	source, err := tools.GetCompatibleSource[compatibleSource](resourceMgr, t.Source, t.Name, t.Kind)
-	if err != nil {
-		return nil, err
-	}
-	paramsMap := params.AsMap()
-
-	project, ok := paramsMap["project"].(string)
-	if !ok {
-		return nil, fmt.Errorf("error casting 'project' parameter: %v", paramsMap["project"])
-	}
-	instance, ok := paramsMap["instance"].(string)
-	if !ok {
-		return nil, fmt.Errorf("error casting 'instance' parameter: %v", paramsMap["instance"])
-	}
-
-	location, _ := paramsMap["location"].(string)
-	description, _ := paramsMap["backup_description"].(string)
-
-	return source.InsertBackupRun(ctx, project, instance, location, description, string(accessToken))
-}
-
-// ParseParams parses the parameters for the tool.
-func (t Tool) ParseParams(data map[string]any, claims map[string]map[string]any) (parameters.ParamValues, error) {
-	return parameters.ParseParams(t.AllParams, data, claims)
-}
-
-func (t Tool) EmbedParams(ctx context.Context, paramValues parameters.ParamValues, embeddingModelsMap map[string]embeddingmodels.EmbeddingModel) (parameters.ParamValues, error) {
-	return parameters.EmbedParams(ctx, t.AllParams, paramValues, embeddingModelsMap, nil)
-}
-
-// Manifest returns the tool's manifest.
-func (t Tool) Manifest() tools.Manifest {
-	return t.manifest
-}
-
-// McpManifest returns the tool's MCP manifest.
-func (t Tool) McpManifest() tools.McpManifest {
-	return t.mcpManifest
-}
-
-// Authorized checks if the tool is authorized.
-func (t Tool) Authorized(verifiedAuthServices []string) bool {
-	return true
-}
-
-func (t Tool) RequiresClientAuthorization(resourceMgr tools.SourceProvider) (bool, error) {
-	source, err := tools.GetCompatibleSource[compatibleSource](resourceMgr, t.Source, t.Name, t.Kind)
-	if err != nil {
-		return false, err
-	}
-
-	return source.UseClientAuthorization(), nil
-}
-
-func (t Tool) GetAuthTokenHeaderName(resourceMgr tools.SourceProvider) (string, error) {
-	return "Authorization", nil
-}
--- a/internal/tools/cloudsql/cloudsqlcreatebackup/cloudsqlcreatebackup_test.go
+++ b/internal/tools/cloudsql/cloudsqlcreatebackup/cloudsqlcreatebackup_test.go
@@ -1,72 +0,0 @@
-// Copyright 2026 Google LLC
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package cloudsqlcreatebackup_test
-
-import (
-	"testing"
-
-	yaml "github.com/goccy/go-yaml"
-	"github.com/google/go-cmp/cmp"
-	"github.com/googleapis/genai-toolbox/internal/server"
-	"github.com/googleapis/genai-toolbox/internal/testutils"
-	"github.com/googleapis/genai-toolbox/internal/tools/cloudsql/cloudsqlcreatebackup"
-)
-
-func TestParseFromYaml(t *testing.T) {
-	ctx, err := testutils.ContextWithNewLogger()
-	if err != nil {
-		t.Fatalf("unexpected error: %s", err)
-	}
-	tcs := []struct {
-		desc string
-		in   string
-		want server.ToolConfigs
-	}{
-		{
-			desc: "basic example",
-			in: `
-			tools:
-			  create-backup-tool:
-			    kind: cloud-sql-create-backup
-			    description: a test description
-			    source: a-source
-			`,
-			want: server.ToolConfigs{
-				"create-backup-tool": cloudsqlcreatebackup.Config{
-					Name:         "create-backup-tool",
-					Kind:         "cloud-sql-create-backup",
-					Description:  "a test description",
-					Source:       "a-source",
-					AuthRequired: []string{},
-				},
-			},
-		},
-	}
-	for _, tc := range tcs {
-		t.Run(tc.desc, func(t *testing.T) {
-			got := struct {
-				Tools server.ToolConfigs `yaml:"tools"`
-			}{}
-			// Parse contents
-			err := yaml.UnmarshalContext(ctx, testutils.FormatYaml(tc.in), &got)
-			if err != nil {
-				t.Fatalf("unable to unmarshal: %s", err)
-			}
-			if diff := cmp.Diff(tc.want, got.Tools); diff != "" {
-				t.Fatalf("incorrect parse: diff %v", diff)
-			}
-		})
-	}
-}
--- a/tests/cloudgda/cloud_gda_integration_test.go
+++ b/tests/cloudgda/cloud_gda_integration_test.go
@@ -139,12 +139,12 @@ func TestCloudGdaToolEndpoints(t *testing.T) {
 	// 1. RunToolGetTestByName
 	expectedManifest := map[string]any{
 		toolName: map[string]any{
-			"description": "Test GDA Tool\n\n" + cloudgda.Guidance,
+			"description": "Test GDA Tool",
 			"parameters": []any{
 				map[string]any{
-					"name":        "query",
+					"name":        "prompt",
 					"type":        "string",
-					"description": "A natural language formulation of a database query.",
+					"description": "The natural language question to ask.",
 					"required":    true,
 					"authSources": []any{},
 				},
@@ -155,7 +155,7 @@ func TestCloudGdaToolEndpoints(t *testing.T) {
 	tests.RunToolGetTestByName(t, toolName, expectedManifest)

 	// 2. RunToolInvokeParametersTest
-	params := []byte(`{"query": "test question"}`)
+	params := []byte(`{"prompt": "test question"}`)
 	tests.RunToolInvokeParametersTest(t, toolName, params, "\"queryResult\":\"SELECT * FROM table;\"")

 	// 3. Manual MCP Tool Call Test
@@ -172,7 +172,7 @@ func TestCloudGdaToolEndpoints(t *testing.T) {
 		Params: map[string]any{
 			"name": toolName,
 			"arguments": map[string]any{
-				"query": "test question",
+				"prompt": "test question",
 			},
 		},
 	}
--- a/tests/cloudsql/cloud_sql_create_backup_test.go
+++ b/tests/cloudsql/cloud_sql_create_backup_test.go
@@ -1,232 +0,0 @@
-// Copyright 2026 Google LLC
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package cloudsql
-
-import (
-	"bytes"
-	"context"
-	"encoding/json"
-	"fmt"
-	"io"
-	"net/http"
-	"net/http/httptest"
-	"net/url"
-	"reflect"
-	"regexp"
-	"strings"
-	"testing"
-	"time"
-
-	"github.com/google/go-cmp/cmp"
-	"github.com/googleapis/genai-toolbox/internal/testutils"
-	"github.com/googleapis/genai-toolbox/tests"
-	"google.golang.org/api/sqladmin/v1"
-)
-
-var (
-	createBackupToolKind = "cloud-sql-create-backup"
-)
-
-type createBackupTransport struct {
-	transport http.RoundTripper
-	url       *url.URL
-}
-
-func (t *createBackupTransport) RoundTrip(req *http.Request) (*http.Response, error) {
-	if strings.HasPrefix(req.URL.String(), "https://sqladmin.googleapis.com") {
-		req.URL.Scheme = t.url.Scheme
-		req.URL.Host = t.url.Host
-	}
-	return t.transport.RoundTrip(req)
-}
-
-type mastercreateBackupHandler struct {
-	t *testing.T
-}
-
-func (h *mastercreateBackupHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
-	if !strings.Contains(r.UserAgent(), "genai-toolbox/") {
-		h.t.Errorf("User-Agent header not found")
-	}
-	var backupRun sqladmin.BackupRun
-	if err := json.NewDecoder(r.Body).Decode(&backupRun); err != nil {
-		h.t.Fatalf("failed to decode request body: %v", err)
-	} else {
-		h.t.Logf("Received request body: %+v", backupRun)
-	}
-
-	var expectedBackupRun sqladmin.BackupRun
-	var response any
-	var statusCode int
-
-	switch backupRun.Description {
-	case "":
-		expectedBackupRun = sqladmin.BackupRun{}
-		response = map[string]any{"name": "op1", "status": "PENDING"}
-		statusCode = http.StatusOK
-	case "test desc":
-		expectedBackupRun = sqladmin.BackupRun{Location: "us-central1", Description: "test desc"}
-		response = map[string]any{"name": "op1", "status": "PENDING"}
-		statusCode = http.StatusOK
-	default:
-		http.Error(w, fmt.Sprintf("unhandled instance name: %s", backupRun.Instance), http.StatusInternalServerError)
-		return
-	}
-
-	if diff := cmp.Diff(expectedBackupRun, backupRun); diff != "" {
-		h.t.Errorf("unexpected request body (-want +got):\n%s", diff)
-	}
-
-	w.Header().Set("Content-Type", "application/json")
-	w.WriteHeader(statusCode)
-	if err := json.NewEncoder(w).Encode(response); err != nil {
-		http.Error(w, err.Error(), http.StatusInternalServerError)
-	}
-}
-
-func TestCreateBackupToolEndpoints(t *testing.T) {
-	ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
-	defer cancel()
-
-	handler := &mastercreateBackupHandler{t: t}
-	server := httptest.NewServer(handler)
-	defer server.Close()
-
-	serverURL, err := url.Parse(server.URL)
-	if err != nil {
-		t.Fatalf("failed to parse server URL: %v", err)
-	}
-
-	originalTransport := http.DefaultClient.Transport
-	if originalTransport == nil {
-		originalTransport = http.DefaultTransport
-	}
-	http.DefaultClient.Transport = &createBackupTransport{
-		transport: originalTransport,
-		url:       serverURL,
-	}
-	t.Cleanup(func() {
-		http.DefaultClient.Transport = originalTransport
-	})
-
-	var args []string
-	toolsFile := getCreateBackupToolsConfig()
-	cmd, cleanup, err := tests.StartCmd(ctx, toolsFile, args...)
-	if err != nil {
-		t.Fatalf("command initialization returned an error: %s", err)
-	}
-	defer cleanup()
-
-	waitCtx, cancel := context.WithTimeout(ctx, 30*time.Second)
-	defer cancel()
-	out, err := testutils.WaitForString(waitCtx, regexp.MustCompile(`Server ready to serve`), cmd.Out)
-	if err != nil {
-		t.Logf("toolbox command logs: \n%s", out)
-		t.Fatalf("toolbox didn't start successfully: %s", err)
-	}
-
-	tcs := []struct {
-		name        string
-		toolName    string
-		body        string
-		want        string
-		expectError bool
-		errorStatus int
-	}{
-		{
-			name:     "successful backup creation with no optional parameters",
-			toolName: "create-backup",
-			body:     `{"project": "p1", "instance": "instance-no-optional"}`,
-			want:     `{"name":"op1","status":"PENDING"}`,
-		},
-		{
-			name:     "successful backup creation with optional parameters",
-			toolName: "create-backup",
-			body:     `{"project": "p1", "instance": "instance-optional", "location": "us-central1", "backup_description": "test desc"}`,
-			want:     `{"name":"op1","status":"PENDING"}`,
-		},
-		{
-			name:        "missing instance name",
-			toolName:    "create-backup",
-			body:        `{"project": "p1", "escription": "invalid"}`,
-			expectError: true,
-			errorStatus: http.StatusBadRequest,
-		},
-	}
-
-	for _, tc := range tcs {
-		t.Run(tc.name, func(t *testing.T) {
-			api := fmt.Sprintf("http://127.0.0.1:5000/api/tool/%s/invoke", tc.toolName)
-			req, err := http.NewRequest(http.MethodPost, api, bytes.NewBufferString(tc.body))
-			if err != nil {
-				t.Fatalf("unable to create request: %s", err)
-			}
-			req.Header.Add("Content-type", "application/json")
-			resp, err := http.DefaultClient.Do(req)
-			if err != nil {
-				t.Fatalf("unable to send request: %s", err)
-			}
-			defer resp.Body.Close()
-
-			if tc.expectError {
-				if resp.StatusCode != tc.errorStatus {
-					bodyBytes, _ := io.ReadAll(resp.Body)
-					t.Fatalf("expected status %d but got %d: %s", tc.errorStatus, resp.StatusCode, string(bodyBytes))
-				}
-				return
-			}
-
-			if resp.StatusCode != http.StatusOK {
-				bodyBytes, _ := io.ReadAll(resp.Body)
-				t.Fatalf("response status code is not 200, got %d: %s", resp.StatusCode, string(bodyBytes))
-			}
-
-			var result struct {
-				Result string `json:"result"`
-			}
-			if err := json.NewDecoder(resp.Body).Decode(&result); err != nil {
-				t.Fatalf("failed to decode response: %v", err)
-			}
-
-			var got, want map[string]any
-			if err := json.Unmarshal([]byte(result.Result), &got); err != nil {
-				t.Fatalf("failed to unmarshal result: %v", err)
-			}
-			if err := json.Unmarshal([]byte(tc.want), &want); err != nil {
-				t.Fatalf("failed to unmarshal want: %v", err)
-			}
-
-			if !reflect.DeepEqual(got, want) {
-				t.Fatalf("unexpected result: got %+v, want %+v", got, want)
-			}
-		})
-	}
-}
-
-func getCreateBackupToolsConfig() map[string]any {
-	return map[string]any{
-		"sources": map[string]any{
-			"my-cloud-sql-source": map[string]any{
-				"kind": "cloud-sql-admin",
-			},
-		},
-		"tools": map[string]any{
-			"create-backup": map[string]any{
-				"kind":   createBackupToolKind,
-				"source": "my-cloud-sql-source",
-			},
-		},
-	}
-}