Cloudbase
Route Tencent CloudBase work to the right scenario docs—Web auth, WeChat mini program wx.cloud, or native HTTP API—before generating wrong SDK code.
Overview
Cloudbase is an agent skill most often used in Build (also Validate) that maps Tencent CloudBase requests to web-auth, miniapp-cloudbase, or native-http-api scenarios so agents read the right skills before coding.
Install
npx skills add https://github.com/tencentcloudbase/cloudbase-skills --skill cloudbaseWhat is this skill?
- Scenario IDs: web-auth, miniapp-cloudbase, native-http-api with priority and signal matching
- Web login path: queryAppAuth / manageAppAuth, publishable key, auth-tool then auth-web—avoid cloud-functions for Web aut
- Mini program path: wx.cloud, OPENID, miniprogram-development—explicit doNotUse for auth-web and Web SDK
- Native mobile: http-api first when SDK unavailable; relational-database-tool and auth-tool follow-ons
- beforeAction and commonMistakes blocks to stop mixing Web SDK with 小程序 SDK
- Three primary routed scenarios: web-auth, miniapp-cloudbase, native-http-api
- web-auth and native-http-api scenarios carry priority 100 in the scenario table
Adoption & trust: 5k installs on skills.sh; 17 GitHub stars; 2/3 security scanners passed (skills.sh audits).
What problem does it solve?
Your agent keeps generating the wrong CloudBase auth or SDK layer—Web pages for mini programs or cloud functions where Web publishable-key login belongs.
Who is it for?
Indie builders shipping Web, WeChat mini program, or native apps on Tencent CloudBase who need explicit SDK versus HTTP API boundaries.
Skip if: Projects on AWS or Firebase only, pure static sites with no CloudBase backend, or teams already standardized on one SDK doc outside this skills pack.
When should I use this skill?
Invoke when the user’s task signals CloudBase Web login, 小程序云开发, wx.cloud, OPENID, or native App CloudBase HTTP access.
What do I get? / Deliverables
You follow a prioritized scenario checklist with correct firstRead chain, provider checks, and doNotUse guardrails before any CloudBase implementation.
- Selected scenario ID with ordered firstRead / thenRead skill chain
- Pre-flight checklist outcome (providers, publishable key, wx.cloud confirmation)
- Implementation plan that respects doNotUse SDK boundaries
Recommended Skills
Journey fit
Spans multiple journey phases - primary shelf plus alternate fits below.
CloudBase is integrated during product construction; scenario routing prevents costly auth and SDK mismatches before you ship. Integrations fits because the skill is a platform router across auth, databases, cloud functions, and HTTP APIs—not a single UI component recipe.
Where it fits
Confirm CloudBase is in scope and choose miniapp-cloudbase versus web-auth before writing a throwaway demo.
Run beforeAction checks for publishable key and enabled login providers, then chain auth-tool and auth-web for a registration UI.
Route native-http-api scenario to http-api and relational-database-tool when the mobile client cannot load CloudBase SDK.
Verify provider status and avoid storing auth secrets in front-end paths called out under mustCheckBeforeAction.
How it compares
Use as a CloudBase scenario router and prerequisite checker—not a generic serverless tutorial unrelated to Tencent’s auth and wx.cloud model.
Common Questions / FAQ
Who is cloudbase for?
Solo developers building on Tencent CloudBase across Web, WeChat mini programs, or native mobile clients who need the agent to pick auth-tool, auth-web, http-api, or miniprogram-development in the right order.
When should I use cloudbase?
During Validate when scoping a CloudBase prototype; during Build for integrations and backend wiring; whenever signals mention CloudBase Web 登录, wx.cloud, or Android/iOS CloudBase HTTP API.
Is cloudbase safe to install?
It guides cloud auth and database setup; review the Security Audits panel on this page and treat publishable keys and provider config as secrets in your repo.
SKILL.md
READMESKILL.md - Cloudbase
scenarios: - id: web-auth label: Web login / registration / auth UI priority: 100 signals: - CloudBase Web 登录 - Web 注册 - auth login page - publishable key - 短信登录 - 邮箱登录 firstRead: auth-tool thenRead: - auth-web - web-development beforeAction: - 先检查并开启所需登录方式,再写前端代码。 - 优先通过 `queryAppAuth` / `manageAppAuth` 获取 publishable key 并确认使用 Web SDK。 doNotUse: - cloud-functions - http-api mustCheckBeforeAction: - Provider status and publishable key commonMistakes: - 把 Web 登录实现成云函数认证逻辑。 - 未开启 provider 就直接生成登录 UI。 - id: miniapp-cloudbase priority: 95 signals: - 小程序 云开发 - wx.cloud - mini program cloudbase - OPENID - 小程序数据库 firstRead: miniprogram-development thenRead: - auth-wechat - no-sql-wx-mp-sdk beforeAction: - 先确认项目是否真的使用 CloudBase。 - 使用 wx.cloud 和 OPENID 路径,不要先套 Web 认证模型。 doNotUse: - auth-web - web-development commonMistakes: - 给小程序生成多余的 Web 登录页。 - 混用 Web SDK 和小程序 SDK。 label: WeChat mini program + CloudBase mustCheckBeforeAction: - Whether the project really uses CloudBase / `wx.cloud` - id: native-http-api priority: 100 signals: - Android CloudBase - iOS CloudBase - Flutter CloudBase - React Native CloudBase - 原生 App 接入 firstRead: http-api thenRead: - auth-tool - relational-database-tool beforeAction: - 先确认当前平台不支持 CloudBase SDK。 - 确认 HTTP API 鉴权方式、Base URL 和数据库能力边界;应用侧登录配置仍走 `queryAppAuth` / `manageAppAuth`。 doNotUse: - auth-web - no-sql-web-sdk - web-development commonMistakes: - 在原生 App 中误用 Web SDK。 - 未核对 OpenAPI 就猜接口。 label: Native App / Flutter / React Native mustCheckBeforeAction: - SDK boundary, OpenAPI, auth method - id: web-nosql priority: 90 signals: - Web 文档数据库 - CloudBase collection - 前端查库 - NoSQL Web SDK firstRead: web-development thenRead: - no-sql-web-sdk - auth-web beforeAction: - 先确认是 Web SDK 场景。 - 确认登录态与数据库访问权限模型。 doNotUse: - relational-database-tool - http-api commonMistakes: - 把前端查文档库误导到 MySQL 管理工具。 - 未确认登录态就直接写数据库代码。 label: Web projects + NoSQL Database mustCheckBeforeAction: - Login state and database access permission model - id: mysql-mcp priority: 88 signals: - MySQL 建表 - executeWriteSQL - security rule - CloudBase 关系型数据库管理 firstRead: relational-database-tool thenRead: - relational-database-web - http-api beforeAction: - 先区分当前是 MCP 运维管理还是应用代码接入。 - 写操作前先跑 SELECT 或先读安全规则。 doNotUse: - no-sql-web-sdk - web-development commonMistakes: - 在 MCP 管理场景里初始化 SDK。 - 未验证条件就直接执行写 SQL。 label: MySQL Database (relational) mustCheckBeforeAction: - Distinguish MCP management vs app code access - id: cloud-functions priority: 92 signals: - 创建云函数 - HTTP 云函数 - getFunctionLogs - scf_bootstrap - runtime firstRead: cloud-functions thenRead: - auth-tool - ai-model-nodejs beforeAction: - 先区分 Event Function 与 HTTP Function。 - 创建前确定 runtime,避免后续不可变限制。 doNotUse: - cloudrun-development - auth-web commonMistakes: - 把 Web 登录逻辑错误地放进云函数。 - 把 HTTP 函数误写成 `exports.main(event, context)`,或误以为 Node 原生 `http` 请求里自带 `req.body`。 - HTTP 函数遗漏 `scf_bootstrap`、9000 端口或显式响应头。 label: Cloud Functions mustCheckBeforeAction: - Event vs HTTP function, runtime, `scf_bootstrap` - id: cloudrun-backend priority: 85 signals: - CloudRun 部署 - 云托管 - container backend - Dockerfile firstRead: cloudrun-development thenRead: - auth-tool - relational-database-tool beforeAction: - 先确认这是容器服务而不是云函数。 - 检查 CORS、镜像入口和环境变量策略。 doNotUse: - cloud-functions commonMistakes: - 把 CloudRun 需求收敛成云函数模板。 label: CloudRun backend mustCheckBeforeAction: - Container boundary, Dockerfile, CORS - id: ai-agent priority: 85 signals: - AI Agent - 智能体 - 智能体开发 - AG-UI protocol - LangGraph - LangChain - CrewAI - streaming agent - agent UI firstRead: cloudbase-agent thenRead: - cloud-functions - cloudrun-development beforeAction: - 先确认是 Agent 开发而不是普通云函数。 - 确认 AG