ClawHub

OpenClaw Gemini Web

v0.1.2

Use when the user wants OpenClaw to operate Gemini Web for general browser-based Gemini work, including sign-in, continue or branch Gemini threads, upload fi...

0· 20·0 current·0 all-time
byWu Bo Yu@etherstrings
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The skill's name and description match what the files do: automate a browser-based Gemini Web workflow and provide a small local TOTP generator. Required binary (python3) is reasonable for the included scripts. There are no unrelated cloud credentials, binaries, or install steps.
Instruction Scope
SKILL.md instructs the agent to reuse managed browser profiles, perform best-effort automated login when credentials are available, upload local files, and run the included scripts. These actions are within scope for a browser automation skill. One small inconsistency: the registry metadata lists no required env vars, but SKILL.md documents optional environment variables (GEMINI_WEB_EMAIL, GEMINI_WEB_PASSWORD, GEMINI_WEB_TOTP_SECRET/URI) as credential sources — this is reasonable (they are optional), but you should be aware the agent will use those values if present in the task context or environment.
Install Mechanism
No install spec (instruction-only), and the only bundled code is a small Python TOTP script that does not download external code or write installers. Required binary python3 is declared and expected.
Credentials
The skill may use account credentials and TOTP secrets to log into Gemini Web; these environment variables are appropriate for the task but grant access to a Google account when present. The number and type of secrets requested are proportional to the login automation feature, but users should only provide them when they trust the environment and accept automatic login behavior. The TOTP script can also read from arbitrary JSON files given by path, which is normal but means it may read local files you point it to.
Persistence & Privilege
The skill does not request always: true, does not modify other skills, and does not declare system-wide configuration changes. Autonomous invocation is enabled (platform default) but is not combined with other high-privilege indicators.
Assessment
This skill appears to do what it says: automate Gemini Web via OpenClaw's browser and generate TOTP codes locally. Before installing, consider whether you want the agent to attempt automated logins using account secrets: if you set GEMINI_WEB_EMAIL, GEMINI_WEB_PASSWORD, or a TOTP secret/URI in your environment or task context the skill will try a best-effort login. If you prefer manual sign-in, do not provide those secrets. The bundled scripts are local, contain no network calls, and simply generate TOTP codes, but they can read JSON files you point them to — avoid pointing them at files containing unrelated secrets. If you have low tolerance for an agent using stored account credentials, do not enable or populate those environment variables. If you want higher assurance, review the SKILL.md login policy and the scripts/totp.py file yourself before use.

Like a lobster shell, security has layers — review code before you run it.

latestvk973930wdrg05qa92wskesh0ch84ayjk

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🖼️ Clawdis
Binspython3

Comments