Skip to content

TencentCloudBase/CloudBase-AI-ToolKit

v2.19.0 Breaking

This release includes 1 breaking change for platform teams planning a safe upgrade.

Published 21d MCP Developer Tools
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

ai aicoding cloudbase cursor mcp miniprogram
+5 more
serverless supabase tencent vibe-coding web

Affected surfaces

auth breaking_upgrade

ReleasePort's take

Light signal
editorial:auto 13d

CloudBase-AI-ToolKit v2.19.0 requires custom AI model GroupNames to start with 'custom-' prefix. This release introduces pre-check validation to prevent invalid model invocations and clarifies SDK contracts.

Why it matters: Custom model GroupNames must start with 'custom-' prefix. Update custom model configurations before upgrading to v2.19.0; pre-check validation prevents invalid invocations.

Summary

AI summary

Custom AI model GroupName must start with "custom-".

Changes in this release

Feature Medium

Support STS temporary credentials for all MCP tools.

Support STS temporary credentials for all MCP tools.

Source: llm_adapter@2026-05-21

Confidence: high
Feature Medium

Inject version information into tool error responses.

Inject version information into tool error responses.

Source: llm_adapter@2026-05-21

Confidence: high
Feature Medium

Unify static hosting of MCP tools, optimizing user experience.

Unify static hosting of MCP tools, optimizing user experience.

Source: llm_adapter@2026-05-21

Confidence: high
Feature Medium

Add NoSQL REST API and AI Model API support via HTTP API.

Add NoSQL REST API and AI Model API support via HTTP API.

Source: llm_adapter@2026-05-21

Confidence: high
Feature Medium

Introduce pre-check for AI model calls to avoid invalid invocations.

Introduce pre-check for AI model calls to avoid invalid invocations.

Source: llm_adapter@2026-05-21

Confidence: high
Feature Medium

Clarify AI model SDK contracts across Web, Node.js, and WeChat Mini Program endpoints.

Clarify AI model SDK contracts across Web, Node.js, and WeChat Mini Program endpoints.

Source: llm_adapter@2026-05-21

Confidence: high
Feature Medium

Require custom AI model GroupName to start with 'custom-' prefix.

Require custom AI model GroupName to start with 'custom-' prefix.

Source: llm_adapter@2026-05-21

Confidence: high
Feature Medium

Extend primary Skill description to cover AI call keywords, boosting activation rate.

Extend primary Skill description to cover AI call keywords, boosting activation rate.

Source: llm_adapter@2026-05-21

Confidence: high
Feature Medium

Rewrite primary CloudBase description for optimized activation coverage.

Rewrite primary CloudBase description for optimized activation coverage.

Source: llm_adapter@2026-05-21

Confidence: high
Feature Medium

Inject activation trigger words and backtick skill ID into generation routing table.

Inject activation trigger words and backtick skill ID into generation routing table.

Source: llm_adapter@2026-05-21

Confidence: high
Feature Medium

Trim SKILL.md and unify truth source for route tables.

Trim SKILL.md and unify truth source for route tables.

Source: llm_adapter@2026-05-21

Confidence: low
Feature Medium

Add engineering constitution to main guideline, synchronizing project specifications.

Add engineering constitution to main guideline, synchronizing project specifications.

Source: llm_adapter@2026-05-21

Confidence: low
Bugfix Medium

Fix Cloud Function creation task not executed due to tool naming and discoverability issues.

Fix Cloud Function creation task not executed due to tool naming and discoverability issues.

Source: llm_adapter@2026-05-21

Confidence: high
Bugfix Medium

Resolve unclear MCP tool parameter design causing 400 errors in multiple locations.

Resolve unclear MCP tool parameter design causing 400 errors in multiple locations.

Source: llm_adapter@2026-05-21

Confidence: high
Bugfix Medium

Fix Cloud Function log query tool parameters and error prompts being unclear.

Fix Cloud Function log query tool parameters and error prompts being unclear.

Source: llm_adapter@2026-05-21

Confidence: high
Bugfix Medium

Correct manageStorage tool inability to retrieve permanent public access address, causing Agent misuse of temporary URL.

Correct manageStorage tool inability to retrieve permanent public access address, causing Agent misuse of temporary URL.

Source: llm_adapter@2026-05-21

Confidence: high
Bugfix Medium

Add missing nested object partial update instructions for writeNoSqlDatabaseContent, preventing full replacements.

Add missing nested object partial update instructions for writeNoSqlDatabaseContent, preventing full replacements.

Source: llm_adapter@2026-05-21

Confidence: high
Bugfix Medium

Fix envQuery tool returning incomplete domains list.

Fix envQuery tool returning incomplete domains list.

Source: llm_adapter@2026-05-21

Confidence: high
Bugfix Medium

Clarify distinction between MCP tools and JS SDK encoding scenarios.

Clarify distinction between MCP tools and JS SDK encoding scenarios.

Source: llm_adapter@2026-05-21

Confidence: high
Bugfix Medium

Enhance CloudBase Skill JS SDK data operation examples.

Enhance CloudBase Skill JS SDK data operation examples.

Source: llm_adapter@2026-05-21

Confidence: high
Bugfix Medium

Differentiate all-in-one skill for CLI and MCP usage scenarios.

Differentiate all-in-one skill for CLI and MCP usage scenarios.

Source: llm_adapter@2026-05-21

Confidence: high
Bugfix Medium

Improve discoverability of MCP role management tool, clarifying CLI and MCP capability mapping.

Improve discoverability of MCP role management tool, clarifying CLI and MCP capability mapping.

Source: llm_adapter@2026-05-21

Confidence: high
Bugfix Medium

Clarify delete Cloud Function tool parameter design.

Clarify delete Cloud Function tool parameter design.

Source: llm_adapter@2026-05-21

Confidence: high
Bugfix Medium

Improve 400 parameter error prompt clarity for MCP tools.

Improve 400 parameter error prompt clarity for MCP tools.

Source: llm_adapter@2026-05-21

Confidence: high
Bugfix Medium

Resolve queryFunctions return structure nesting causing AI parsing difficulties and unexplained pagination parameters.

Resolve queryFunctions return structure nesting causing AI parsing difficulties and unexplained pagination parameters.

Source: llm_adapter@2026-05-21

Confidence: high
Bugfix Medium

Fix Cloud Application deployment tool parameter design leading to invocation failures.

Fix Cloud Application deployment tool parameter design leading to invocation failures.

Source: llm_adapter@2026-05-21

Confidence: high
Bugfix Medium

Add guidance for file write class tasks in MCP domain management tool, clarifying parameter conventions.

Add guidance for file write class tasks in MCP domain management tool, clarifying parameter conventions.

Source: llm_adapter@2026-05-21

Confidence: high
Bugfix Medium

Correct anonymous login session handling: align getSession behavior with getLoginState.

Correct anonymous login session handling: align getSession behavior with getLoginState.

Source: llm_adapter@2026-05-21

Confidence: high
Bugfix Medium

Fix Codex SKILL.md loading failure due to YAML security issue and 1024 character limit.

Fix Codex SKILL.md loading failure due to YAML security issue and 1024 character limit.

Source: llm_adapter@2026-05-21

Confidence: low
Bugfix Medium

Clarify description for auto-creating anonymous sessions with accessKey.

Clarify description for auto-creating anonymous sessions with accessKey.

Source: llm_adapter@2026-05-21

Confidence: low
Full changelog

CloudBase MCP v2.19.0

🎉 新功能

MCP 工具增强

  • 支持 STS 临时凭证,所有 MCP 工具均可使用临时密钥调用
  • 工具错误响应中注入版本信息,便于排查问题
  • 统一静态托管 MCP 工具,优化使用体验
  • 新增 NoSQL REST API + AI Model API 支持(HTTP API 方式)

AI 模型调用

  • 新增 AI 模型调用前置检查,避免无效调用
  • 明确 AI 模型 SDK 契约,修正 Web/Node.js/微信小程序各端差异
  • 要求自定义 AI 模型 GroupName 必须带 custom- 前缀

Skill 优化

  • 扩展主 Skill 描述,覆盖 AI 调用关键词,提升激活率
  • 重写主 CloudBase 描述,优化激活覆盖
  • 注入激活触发词和 backtick skill ID 到生成路由表
  • 精简 SKILL.md 并统一路由表真相源

文档与规范

  • 新增工程规范(engineering constitution)并同步到主 guideline
  • 修正 createModel 幻觉问题
  • 强化 Supabase API 兼容性说明

🐛 问题修复

MCP 工具归因修复

  • 修复云函数创建任务未执行(工具命名与发现性不足)
  • 修复 MCP 工具参数设计不清晰导致的 400 错误(多处)
  • 修复云函数日志查询工具参数设计与错误提示不清晰
  • 修复 manageStorage 工具无法获取永久公网访问地址,Agent 误用临时 URL
  • 修复 writeNoSqlDatabaseContent 缺少嵌套对象局部更新说明,易导致整块替换
  • 修复 MCP 工具 envQuery 查询 domains 返回字段不完整
  • 修复 MCP 工具与 JS SDK 编码场景区分不清晰
  • 修复 CloudBase Skill JS SDK 数据操作示例不足
  • 修复 all-in-one skill 未区分 CLI 与 MCP 使用场景
  • 修复 MCP 角色管理工具可发现性不足,CLI 与 MCP 能力映射不清晰
  • 修复 MCP 删除云函数工具参数设计不清晰
  • 修复 MCP 工具 400 参数错误提示不清晰
  • 修复 queryFunctions 返回结构嵌套导致 AI 解析困难,分页参数未说明
  • 修复云应用部署工具参数设计不清晰导致调用失败
  • 修复 MCP 域名管理工具参数约定不清晰,且缺乏文件写入类任务处理指引

Skill 文档修复

  • 修复 Codex SKILL.md 加载失败(YAML 安全问题 + 1024 字符限制)
  • 修复匿名登录 Session 处理:纠正 getSession vs getLoginState 行为
  • 修复 accessKey 自动创建匿名 Session 的描述
  • 修复 Supabase vs CloudBase OTP 验证差异说明
  • 修复匿名登录默认关闭,更新 anonymous login 策略
  • 修复只读权限语义说明
  • 修复 auth-web 登录态守卫示例
  • 修复 signInWithPassword 返回格式说明
  • 修复 HTTP 云函数代码编写规范未清晰说明(多处归因)
  • 修复 Write 工具错误提示缺乏引导性,导致模型无法正确转换数据类型
  • 修复 queryStorage MCP 工具缺少文件内容读取能力
  • 修复 Skill 未说明云数据库集合需预先创建
  • 修复 MCP 域名管理工具缺少轮询指引和异步状态反馈

其他修复

  • 修复 pre-commit 中 mcp/ 依赖未安装导致 webpack build 失败
  • 修复 CI 中 allinone-skill sync workflows 缺少 js-yaml 依赖
  • 修复 generate-prompts 测试中 acorn parse error(MDX 中花括号未转义)
  • 修复 mcp-tools-doc 锚点链接和 ParameterTable 嵌套问题
  • 修复 SKILL.md 在页面底部嵌入时的 backtick fencing 问题

📚 文档更新

  • 同步 README 中英文版本至最新变更
  • 优化文档清晰度和工具描述
  • 新增 MCP 入门引导流程说明
  • 修正 ai-model-web skill 中不再默认推荐托管登录页
  • 统一 MCP 工具描述使用 CloudBase 产品命名

🔧 维护与工程改进

  • 重写 MCP 工具文档生成,使用 ParameterTable + 插件分组
  • 统一 tool descriptions 到 CloudBase 产品命名
  • 新增 post-push PR 状态检查规则
  • 强化 attribution evaluation guardrails
  • 新增 cloudbase-cli skill,支持 tcb CLI 资源管理

Breaking Changes

  • Custom AI model GroupName must include the "custom-" prefix
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track TencentCloudBase/CloudBase-AI-ToolKit

Get notified when new releases ship.

Sign up free

About TencentCloudBase/CloudBase-AI-ToolKit

One-stop backend services for WeChat Mini-Programs and full-stack apps. Provides specialized MCP tools for serverless cloud functions, databases, and one-click deployment to production with China market access through WeChat ecosystem.

All releases →

Related context

Earlier breaking changes

  • v2.20.0 Removes Tag parameter from deleteCollection, retaining only EnvId
  • v2.20.0 Blocks start_auth and logout operations when using API Key authentication mode

Beta — feedback welcome: [email protected]