Gemini Ops

The skill is suspicious due to a critical path hijacking vulnerability. Its core functionalities, including 'Turn Gemini ON', 'Turn Gemini OFF', and 'Check status', are not implemented within the bundled scripts. Instead, `scripts/gemini-on.sh`, `scripts/gemini-off.sh`, and `scripts/gemini-status.sh` immediately call external scripts located at fixed, absolute paths (e.g., `/home/moltuser/clawd/scripts/gemini-on.sh`). This design makes the skill's behavior dependent on unbundled, unverified external code, creating a severe vulnerability where an attacker controlling those external paths could achieve arbitrary code execution.