ClawHub

Gog 1.0.0

v1.0.0

Google Workspace CLI for Gmail, Calendar, Drive, Contacts, Sheets, and Docs.

0· 564·38 current·44 all-time
by@sieyer·duplicate of @jacobo-create/backup-gog-20260213-121122·canonical: @steipete/gog
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the declared requirements: the skill is instruction-only and requires the 'gog' binary (provided by the steipete/tap/gogcli Homebrew formula). Commands shown (gmail, calendar, drive, sheets, docs) align with a Google Workspace CLI.
Instruction Scope
SKILL.md instructs the agent to run the gog binary and to perform OAuth setup using a client_secret.json and to add accounts/services. These instructions are within scope. They do ask the user/agent to read a local client_secret.json file (expected for OAuth) and to run commands that can send email and read/write Workspace data — so only run if you trust the binary and have given it appropriate OAuth scopes.
Install Mechanism
Install uses a third‑party Homebrew tap (steipete/tap/gogcli) which is a common distribution path but comes from an external maintainer rather than the main Homebrew/core. This is moderate risk: the formula will install a binary to your system. Verify the tap/formula and upstream repository before installing.
Credentials
No environment variables or secrets are required by the skill itself. SKILL.md mentions optional GOG_ACCOUNT and instructs use of a client_secret.json for OAuth — both are reasonable and proportional for a Workspace CLI. There are no unexpected credential requests in the metadata.
Persistence & Privilege
always is false and the skill does not request system-wide config changes or persistent elevation. The binary installed by Homebrew is typical for CLI tools and the skill does not ask to modify other skills or global agent settings.
Scan Findings in Context
[no_regex_findings] expected: This is an instruction-only skill with no code files for the scanner to analyze. No regex matches were found; absence of findings is not proof of safety — the brew-installed binary is the component that will run and was not scanned here.
Assessment
This skill appears coherent with its stated purpose, but take these precautions before installing: 1) Verify the Homebrew tap (steipete/tap/gogcli) and review the formula and upstream project (check the GitHub repo and release artifacts) to ensure you trust the maintainer. 2) Understand that you will supply an OAuth client_secret.json and grant the installed 'gog' binary access to Gmail/Drive/Sheets/etc.; treat those credentials as sensitive and prefer least-privilege scopes. 3) Be aware the CLI can send email and modify calendar/sheets — if you do not want the agent to perform actions autonomously, restrict the skill's use or agent permissions. 4) If you need higher confidence, inspect the binary source or build from source yourself rather than installing a prebuilt binary from an external tap.

Like a lobster shell, security has layers — review code before you run it.

latestvk976fm799j7850kkttbpjhsta1824wpx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎮 Clawdis
Binsgog

Install

Install gog (brew)
Bins: gog
brew install steipete/tap/gogcli

Comments