Baoyu Danger Gemini Web

Generates images and text via reverse-engineered Gemini Web API. Supports text generation, image generation from prompts, reference images for vision input,...

MIT-0 · Free to use, modify, and redistribute. No attribution required.

⭐ 0 · 12 · 0 current installs · 0 all-time installs

by@nengnengZ

MIT-0

Security Scan

VirusTotal

Pending

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

Name/description claim a reverse‑engineered Gemini Web client for text/image generation; included scripts implement that and call only Google/Gemini endpoints. Requiring browser session cookies and a Chrome debugging/CDP helper is coherent with the stated purpose (the client needs valid __Secure-1PSID / __Secure-1PSIDTS to authenticate).

!

Instruction Scope

SKILL.md and the shipped code instruct the agent to read/write consent and cookie files in user data directories, optionally load cookies from the local Chrome profile (using a bundled Chrome CDP module), launch or connect to Chrome debug ports, and write cached cookie files. These actions access sensitive local browser state (authentication cookies) and user config files beyond a simple API key — the SKILL.md does include an explicit consent flow, but the runtime instructions will read local browser cookies and may launch/manipulate Chrome sessions.

✓

Install Mechanism

This is an instruction‑only skill (no external downloads at install time). Code is bundled in the skill (TypeScript + a vendored baoyu‑chrome‑cdp). It requires running the local scripts (bun or npx) but does not fetch arbitrary remote code during installation. No suspicious remote install URLs were found.

!

Credentials

Registry metadata declares no required env vars, but the code reads several environment variables (e.g., GEMINI_WEB_LOGIN, GEMINI_WEB_FORCE_LOGIN, GEMINI_WEB_CHROME_PROFILE_DIR, GEMINI_WEB_CHROME_PATH, BAOYU_CHROME_PROFILE_DIR and others) and will access local browser cookies and profile directories. Accessing browser cookies is equivalent to accessing authentication credentials — appropriate for this reverse‑engineered approach, but high‑sensitivity and not reflected in the required‑env metadata.

ℹ

Persistence & Privilege

Skill does not request always:true and does not modify other skills. It will create/read/write cookie and consent files under user data dirs (e.g., ~/.local/share or %APPDATA%). It may launch or connect to Chrome via CDP, which is a privileged local action; this is powerful but consistent with its authentication strategy.

What to consider before installing

This skill implements a reverse‑engineered Gemini Web client that needs real Google session cookies to work. It will attempt to load cookies from your browser (via a bundled Chrome CDP helper), may launch or attach to Chrome, and will write cookie and consent files to your user data directories. Before installing: (1) Be sure you accept the SKILL.md consent flow; (2) prefer using a dedicated or disposable Chrome profile rather than your main browser profile if you proceed; (3) inspect the bundled code yourself (it’s included) or run it in an isolated environment; (4) be aware the skill can access sensitive cookies (equivalent to authentication credentials) and network to Google endpoints — revoke or rotate cookies if you later uninstall; (5) consider disabling autonomous invocation (or only invoke this skill manually) if you are uncomfortable with it accessing local browser state without an explicit prompt.

✗

scripts/gemini-webapi/utils/paths.ts:38

Shell command execution detected (child_process).

✗

scripts/vendor/baoyu-chrome-cdp/src/index.test.ts:89

Shell command execution detected (child_process).

✗

scripts/vendor/baoyu-chrome-cdp/src/index.ts:220

Shell command execution detected (child_process).

✗

scripts/vendor/baoyu-chrome-cdp/src/index.ts:97

Environment variable access combined with network send.

!

scripts/gemini-webapi/utils/upload-file.ts:3

File read combined with network send (possible exfiltration).

!

scripts/vendor/baoyu-chrome-cdp/src/index.ts:202

File read combined with network send (possible exfiltration).

Patterns worth reviewing

These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

Current versionv0.1.1

Download zip

latestvk9768xjdtwmjjjbjeccn2jz5bh839r7r

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Any binbun, npx

SKILL.md

Gemini Web Client

Text/image generation via Gemini Web API. Supports reference images and multi-turn conversations.

Script Directory

Important: All scripts are located in the scripts/ subdirectory of this skill.

Agent Execution Instructions:

Determine this SKILL.md file's directory path as {baseDir}
Script path = {baseDir}/scripts/<script-name>.ts
Resolve ${BUN_X} runtime: if bun installed → bun; if npx available → npx -y bun; else suggest installing bun
Replace all {baseDir} and ${BUN_X} in this document with actual values

Script Reference:

Script	Purpose
`scripts/main.ts`	CLI entry point for text/image generation
`scripts/gemini-webapi/*`	TypeScript port of `gemini_webapi` (GeminiClient, types, utils)

Consent Check (REQUIRED)

Before first use, verify user consent for reverse-engineered API usage.

Consent file locations:

macOS: ~/Library/Application Support/baoyu-skills/gemini-web/consent.json
Linux: ~/.local/share/baoyu-skills/gemini-web/consent.json
Windows: %APPDATA%\baoyu-skills\gemini-web\consent.json

Flow:

Check if consent file exists with accepted: true and disclaimerVersion: "1.0"
If valid consent exists → print warning with acceptedAt date, proceed
If no consent → show disclaimer, ask user via AskUserQuestion:
- "Yes, I accept" → create consent file with ISO timestamp, proceed
- "No, I decline" → output decline message, stop
Consent file format: {"version":1,"accepted":true,"acceptedAt":"<ISO>","disclaimerVersion":"1.0"}

Preferences (EXTEND.md)

Check EXTEND.md existence (priority order):

# macOS, Linux, WSL, Git Bash
test -f .baoyu-skills/baoyu-danger-gemini-web/EXTEND.md && echo "project"
test -f "${XDG_CONFIG_HOME:-$HOME/.config}/baoyu-skills/baoyu-danger-gemini-web/EXTEND.md" && echo "xdg"
test -f "$HOME/.baoyu-skills/baoyu-danger-gemini-web/EXTEND.md" && echo "user"

# PowerShell (Windows)
if (Test-Path .baoyu-skills/baoyu-danger-gemini-web/EXTEND.md) { "project" }
$xdg = if ($env:XDG_CONFIG_HOME) { $env:XDG_CONFIG_HOME } else { "$HOME/.config" }
if (Test-Path "$xdg/baoyu-skills/baoyu-danger-gemini-web/EXTEND.md") { "xdg" }
if (Test-Path "$HOME/.baoyu-skills/baoyu-danger-gemini-web/EXTEND.md") { "user" }

┌──────────────────────────────────────────────────────────┬───────────────────┐ │ Path │ Location │ ├──────────────────────────────────────────────────────────┼───────────────────┤ │ .baoyu-skills/baoyu-danger-gemini-web/EXTEND.md │ Project directory │ ├──────────────────────────────────────────────────────────┼───────────────────┤ │ $HOME/.baoyu-skills/baoyu-danger-gemini-web/EXTEND.md │ User home │ └──────────────────────────────────────────────────────────┴───────────────────┘

┌───────────┬───────────────────────────────────────────────────────────────────────────┐ │ Result │ Action │ ├───────────┼───────────────────────────────────────────────────────────────────────────┤ │ Found │ Read, parse, apply settings │ ├───────────┼───────────────────────────────────────────────────────────────────────────┤ │ Not found │ Use defaults │ └───────────┴───────────────────────────────────────────────────────────────────────────┘

EXTEND.md Supports: Default model | Proxy settings | Custom data directory

Usage

# Text generation
${BUN_X} {baseDir}/scripts/main.ts "Your prompt"
${BUN_X} {baseDir}/scripts/main.ts --prompt "Your prompt" --model gemini-3-flash

# Image generation
${BUN_X} {baseDir}/scripts/main.ts --prompt "A cute cat" --image cat.png
${BUN_X} {baseDir}/scripts/main.ts --promptfiles system.md content.md --image out.png

# Vision input (reference images)
${BUN_X} {baseDir}/scripts/main.ts --prompt "Describe this" --reference image.png
${BUN_X} {baseDir}/scripts/main.ts --prompt "Create variation" --reference a.png --image out.png

# Multi-turn conversation
${BUN_X} {baseDir}/scripts/main.ts "Remember: 42" --sessionId session-abc
${BUN_X} {baseDir}/scripts/main.ts "What number?" --sessionId session-abc

# JSON output
${BUN_X} {baseDir}/scripts/main.ts "Hello" --json

Options

Option	Description
`--prompt`, `-p`	Prompt text
`--promptfiles`	Read prompt from files (concatenated)
`--model`, `-m`	Model: gemini-3-pro (default), gemini-3-flash, gemini-3-flash-thinking, gemini-3.1-pro-preview
`--image [path]`	Generate image (default: generated.png)
`--reference`, `--ref`	Reference images for vision input
`--sessionId`	Session ID for multi-turn conversation
`--list-sessions`	List saved sessions
`--json`	Output as JSON
`--login`	Refresh cookies, then exit
`--cookie-path`	Custom cookie file path
`--profile-dir`	Chrome profile directory

Models

Model	Description
`gemini-3-pro`	Default, latest 3.0 Pro
`gemini-3-flash`	Fast, lightweight 3.0 Flash
`gemini-3-flash-thinking`	3.0 Flash with thinking
`gemini-3.1-pro-preview`	3.1 Pro preview (empty header, auto-routed)

Authentication

First run opens browser for Google auth. Cookies cached automatically.

When no explicit profile dir is set, cookie refresh may reuse an already-running local Chrome/Chromium debugging session tied to a standard user-data dir. Set --profile-dir or GEMINI_WEB_CHROME_PROFILE_DIR to force a dedicated profile and skip existing-session reuse. This is a best-effort CDP session reuse path, not the Chrome DevTools MCP prompt-based --autoConnect flow described in Chrome's official docs.

Supported browsers (auto-detected): Chrome, Chrome Canary/Beta, Chromium, Edge.

Force refresh: --login flag. Override browser: GEMINI_WEB_CHROME_PATH env var.

Environment Variables

Variable	Description
`GEMINI_WEB_DATA_DIR`	Data directory
`GEMINI_WEB_COOKIE_PATH`	Cookie file path
`GEMINI_WEB_CHROME_PROFILE_DIR`	Chrome profile directory
`GEMINI_WEB_CHROME_PATH`	Chrome executable path
`HTTP_PROXY`, `HTTPS_PROXY`	Proxy for Google access (set inline with command)

Sessions

Session files stored in data directory under sessions/<id>.json.

Contains: id, metadata (Gemini chat state), messages array, timestamps.

Extension Support

Custom configurations via EXTEND.md. See Preferences section for paths and supported options.

Files

29 total

Select a file

Select a file to preview.

Comments

Loading comments…