ClawHub

GoG CLI Complete

v1.0.3

Google Workspace CLI for Gmail, Calendar, Chat, Classroom, Drive, Docs, Slides, Sheets, Forms, Apps Script, Contacts, Tasks, People, Admin, Groups, and Keep.

0· 49·0 current·0 all-time
byiroaK@iiroak
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchasesRequires OAuth token
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description claim a Google Workspace CLI and the skill requires the 'gog' binary and offers a Homebrew install of steipete/tap/gogcli — this matches expectations for a CLI wrapper. No unrelated services, credentials, or binaries are requested.
Instruction Scope
SKILL.md instructs the agent to run local 'gog' commands, perform OAuth/service-account auth using a client_secret.json, and use keyring or env vars for tokens. Those actions are expected for a Workspace CLI, but they do give the agent ability to access local credential files and to call Google APIs (send mail, create events, read files). The doc sensibly instructs to confirm before destructive actions and to use --json/--no-input for automation. This is scoped to the tool's purpose but implies sensitive access to user Google data when used.
Install Mechanism
Install spec is a Homebrew formula (steipete/tap/gogcli) producing the 'gog' binary. Brew formulas are a standard mechanism; no arbitrary URL downloads or archive extraction are used. As with any third‑party tap, users should inspect the formula source before installing.
Credentials
The skill declares no required env vars or credentials (reasonable). The documentation enumerates optional env vars (GOG_ACCOUNT, GOG_ACCESS_TOKEN, GOG_KEYRING_PASSWORD, etc.) which are appropriate for a CLI that can run in CI or interactive mode. These env vars are sensitive in practice (tokens/keys) but their presence in the docs is proportional to the tool's purpose.
Persistence & Privilege
Skill is not always-enabled and is user-invocable. It does not request system-wide persistence or modify other skills. The default ability for the agent to invoke the skill autonomously (disable-model-invocation=false) is platform normal; nothing else elevates its privileges.
Assessment
This skill is a documentation wrapper for the 'gog' Google Workspace CLI and appears coherent. Before installing or using it: 1) Inspect the Homebrew formula (steipete/tap/gogcli) to verify the source and maintainers; 2) Be aware that using the CLI requires OAuth credentials or tokens (client_secret.json, access tokens, or keyring passwords) — treat those files/env vars as sensitive and don’t share them; 3) Prefer creating a least-privilege OAuth client or service account with only the scopes you need; 4) When running via an agent, use --dry-run, --no-input, and GOG_ENABLE_COMMANDS (allowlist) to limit actions, and confirm any send/delete operations as the docs advise; 5) If you need full assurance, test commands locally first (no agent/autonomous mode) to see what data is accessed or transmitted.

Like a lobster shell, security has layers — review code before you run it.

latestvk9777qv8h5ks3czd6cag1tw6pn847h16

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎮 Clawdis
Binsgog

Install

Install gog (brew)
Bins: gog
brew install steipete/tap/gogcli

Comments