ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Gws Events Subscribe

v1.0.12

Google Workspace Events: Subscribe to Workspace events and stream them as NDJSON.

0· 406·13 current·13 all-time
by@googleworkspace-bot
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (subscribe to Workspace events and stream NDJSON) aligns with the required binary (gws) and the documented CLI flags. Requiring a gws CLI to subscribe to Google Workspace events is reasonable.
Instruction Scope
SKILL.md only documents the gws events +subscribe command and flags. However it explicitly instructs the agent to read ../gws-shared/SKILL.md for auth, global flags, and security rules — that external dependency is not included in the package, so the agent may attempt to access or create files and follow instructions outside this skill. The skill otherwise doesn't instruct reading unrelated system files or sending data to unexpected endpoints.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest install risk. It assumes an existing 'gws' binary is present on PATH.
!
Credentials
The skill declares no required environment variables or primary credential, yet subscribing to Workspace events and creating/using Pub/Sub resources requires GCP/Workspace auth and permissions. The lack of explicit credential/env declarations (and deferral to a missing ../gws-shared file) makes it unclear what secrets or accounts will be used, where they are sourced from, and whether the agent will access additional credentials.
Persistence & Privilege
always is false and the skill does not request persistent presence or modify other skills. It may create cloud resources (Pub/Sub) when run, which is expected for its purpose; SKILL.md includes a CAUTION to confirm write actions.
What to consider before installing
This skill appears to be a thin wrapper around the 'gws events +subscribe' CLI and is generally coherent — but it defers authentication and global flags to a referenced ../gws-shared/SKILL.md that is not included. Before installing or running: (1) inspect the gws-shared SKILL.md the skill references (or the output of `gws generate-skills`) to see exactly how credentials are obtained and stored; (2) verify which account/credentials the gws binary will use (ADC, gcloud user account, or a service account) and ensure least privilege; (3) confirm the origin and integrity of the 'gws' binary on your system; (4) be cautious when running commands that create Pub/Sub resources — use --cleanup or a sandbox GCP project for testing; (5) avoid providing broad service-account keys unless necessary. If you cannot locate the referenced gws-shared documentation or confirm auth flows, do not run this skill with high-privilege credentials.

Like a lobster shell, security has layers — review code before you run it.

Plugin bundle (nix)
Skill pack · CLI binary · Config
SKILL.mdCLIConfig
CLI help (from plugin)
gws events +subscribe --help

Runtime requirements

Binsgws
latestvk975s6wj3mdrrczn3h6v9cfz3183zmft
406downloads
0stars
13versions
Updated 7h ago
v1.0.12
MIT-0
@googleworkspace-bot
latest
Download

events +subscribe

PREREQUISITE: Read ../gws-shared/SKILL.md for auth, global flags, and security rules. If missing, run gws generate-skills to create it.

Subscribe to Workspace events and stream them as NDJSON

Usage

gws events +subscribe

Flags

FlagRequiredDefaultDescription
--targetWorkspace resource URI (e.g., //chat.googleapis.com/spaces/SPACE_ID)
--event-typesComma-separated CloudEvents types to subscribe to
--projectGCP project ID for Pub/Sub resources
--subscriptionExisting Pub/Sub subscription name (skip setup)
--max-messages10Max messages per pull batch (default: 10)
--poll-interval5Seconds between pulls (default: 5)
--oncePull once and exit
--cleanupDelete created Pub/Sub resources on exit
--no-ackDon't auto-acknowledge messages
--output-dirWrite each event to a separate JSON file in this directory

Examples

gws events +subscribe --target '//chat.googleapis.com/spaces/SPACE' --event-types 'google.workspace.chat.message.v1.created' --project my-project
gws events +subscribe --subscription projects/p/subscriptions/my-sub --once
gws events +subscribe ... --cleanup --output-dir ./events

Tips

  • Without --cleanup, Pub/Sub resources persist for reconnection.
  • Press Ctrl-C to stop gracefully.

[!CAUTION] This is a write command — confirm with the user before executing.

See Also

  • gws-shared — Global flags and auth
  • gws-events — All subscribe to google workspace events commands

Comments

Loading comments...