ClawHub

Google Workspace CLI (gog)

v1.0.1

Google Workspace CLI for Gmail, Calendar, Drive, Contacts, Sheets, and Docs.

4· 3.7k·6 current·7 all-time
byjjx@jx-76·duplicate of @jacobo-create/backup-gog-20260213-121122·canonical: @steipete/gog
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the runtime instructions: all commands are standard gog CLI usage for Gmail/Calendar/Drive/Contacts/Sheets/Docs. The only required binary is 'gog', which is appropriate for a CLI integration.
Instruction Scope
SKILL.md asks the user to run gog auth commands and to supply a client_secret.json (OAuth client credentials) and optionally set GOG_ACCOUNT. These are expected for a Google Workspace CLI. The SKILL.md does reference an env var (GOG_ACCOUNT) that is not listed in the skill's declared requires.env, but this is harmless informational guidance rather than unexpected data collection.
Install Mechanism
The registry contains no formal install spec (instruction-only), which is low-risk. SKILL.md metadata suggests a brew formula (steipete/tap/gogcli). A third-party brew tap is a plausible install path but merits verification of the tap/source before installing.
Credentials
The skill declares no required environment variables or credentials. It does require OAuth client credentials (client_secret.json) for Google APIs — this is proportionate and expected for access to Gmail/Drive/etc. No unrelated secrets or unrelated services are requested.
Persistence & Privilege
Skill is not always-enabled and does not request elevated or persistent platform privileges. It does not instruct modifying other skills or system-wide agent settings.
Assessment
This skill appears to do what it says: it expects the 'gog' binary and Google OAuth credentials to operate on Gmail, Calendar, Drive, Contacts, Sheets, and Docs. Before installing or using it, verify the gog binary's provenance (check the upstream project or GitHub repo linked from https://gogcli.sh), and be cautious when adding OAuth client credentials — treat client_secret.json as sensitive and restrict scopes to the minimum needed. If you install via the suggested brew tap (steipete/tap/gogcli), inspect that tap's source first (third‑party taps can install arbitrary code). Finally, be mindful that using the CLI can read and send email and access files — confirm before any send/create actions and limit access where possible.

Like a lobster shell, security has layers — review code before you run it.

calendarvk976ey1apk0fyamrhtsnzkwd45833h6xdocsvk976ey1apk0fyamrhtsnzkwd45833h6xdrivevk976ey1apk0fyamrhtsnzkwd45833h6xgmailvk976ey1apk0fyamrhtsnzkwd45833h6xgooglevk976ey1apk0fyamrhtsnzkwd45833h6xlatestvk976ey1apk0fyamrhtsnzkwd45833h6xproductivityvk976ey1apk0fyamrhtsnzkwd45833h6xsheetsvk976ey1apk0fyamrhtsnzkwd45833h6xworkspacevk976ey1apk0fyamrhtsnzkwd45833h6x

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎮 Clawdis
Binsgog

Comments