Google Chat

v1.0.0

Send messages to Google Chat spaces and users via webhooks or OAuth. Use when you need to send notifications, alerts, or messages to Google Chat channels (spaces) or direct messages to specific users. Supports both incoming webhooks (for predefined channels) and OAuth 2.0 (for dynamic messaging to any space or user).

⭐ 1· 2.2k·4 current·4 all-time

by@darconada

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name/description match what the files and SKILL.md implement: webhook sends and OAuth-based messaging using the Google Chat API. No unrelated credentials, binaries, or platform services are requested.

✓

Instruction Scope

SKILL.md only instructs running the included Python scripts, storing webhook URLs and OAuth credentials/tokens on disk, and installing Google auth libraries. The OAuth flow opens a browser and the token is persisted to the specified token file — this is expected for OAuth clients and is documented in the README and SKILL.md.

✓

Install Mechanism

There is no automated install spec; the skill is instruction-only and recommends installing well-known Python libraries (google-auth-oauthlib, google-api-python-client). No downloads from untrusted URLs or archive extraction are present.

✓

Credentials

The skill does not request environment variables or unrelated secrets. It requires user-provided OAuth credentials (client_id/client_secret JSON), token file path, or webhook URLs — all are proportional and necessary for the described functionality. These files/URLs are sensitive and should be protected by the user.

✓

Persistence & Privilege

always is false and the skill does not request permanent system presence or modify other skills. It writes only its own token file when you run the OAuth flow, which is normal for OAuth clients.

Assessment

This skill appears to do what it says: send messages to Google Chat via incoming webhooks or OAuth. Before installing or running it: (1) review the two Python scripts yourself — they are short and readable; (2) protect any credential files and token files you create (google-chat-oauth-credentials.json, google-chat-token.json) and your webhook URLs (they contain keys/tokens); (3) be aware the OAuth flow opens a browser and will persist a token file on disk; (4) installing the recommended Python packages (pip) carries typical dependency risk — consider using a virtual environment; (5) because the skill can send messages, only grant it credentials you trust and avoid giving it access to high-privilege service accounts or reuse secrets shared elsewhere.

Like a lobster shell, security has layers — review code before you run it.

latestvk9760pvjh3ntfcsy8kgkc28exn7zxk1b

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Google Chat

License

Comments