ClawHub

Gemini

Gemini CLI for one-shot Q&A, summaries, and generation.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
46 · 23.9k · 1.1k current installs · 1.2k all-time installs
byPeter Steinberger@steipete
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (Gemini CLI for Q&A/summaries/generation) match the SKILL.md instructions which invoke a local 'gemini' binary. However the top-level registry metadata claims no required binaries or install spec, while SKILL.md's embedded metadata lists requires: ['gemini'] and a brew install for 'gemini-cli' — this mismatch is disproportionate and should be resolved.
Instruction Scope
Runtime instructions are narrowly scoped: they show example gemini commands, mention a login flow if auth is required, and warn against an unsafe flag (--yolo). The instructions do not request reading unrelated files, environment variables, or sending data to unexpected endpoints.
Install Mechanism
SKILL.md embeds a brew install (formula 'gemini-cli') which is a low-risk, common install method. The registry-level metadata, however, reported 'No install spec' — this inconsistency is notable. If you plan to install, verify the brew formula/tap and upstream project (check maintainers, tap URL, and release page) before installing.
Credentials
No environment variables, credentials, or config paths are requested, which is proportionate for a CLI wrapper that delegates auth to the CLI's interactive login flow.
Persistence & Privilege
Skill does not request always:true or any elevated persistence. It is user-invocable and can be invoked autonomously (platform default), which is expected for a functional skill.
What to consider before installing
This skill appears to be an instruction-only wrapper for a local 'gemini' CLI and is otherwise narrow in scope — but double-check before proceeding: - Confirm the discrepancy: the SKILL.md claims it needs the 'gemini' binary and offers a brew install ('gemini-cli'), yet the registry metadata lists no requirements. Ask the publisher to clarify or update metadata. - Only install the CLI from a trusted source. Inspect the brew formula (tap URL, maintainers, and source tarball) or install from an official release page (e.g., Google-backed project) and verify checksums. - If the CLI prompts you to authenticate, verify what account/provider is used and what tokens/permissions are granted. Prefer interactive auth flows over pasting secrets into a skill. - If you cannot verify the origin of the 'gemini' binary or brew formula, avoid installing it system-wide; consider running in an isolated environment (container or VM) first. If you want, I can: (a) summarize the metadata mismatch to share with the skill publisher, (b) help locate the official gemini-cli brew formula/source for verification, or (c) suggest safer alternatives if you prefer not to install additional software.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk97bzrf509nny5wnpzk3jxhmvs7yjywm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

♊️ Clawdis
Binsgemini

Install

Install Gemini CLI (brew)
Bins: gemini
brew install gemini-cli

SKILL.md

Gemini CLI

Use Gemini in one-shot mode with a positional prompt (avoid interactive mode).

Quick start

  • gemini "Answer this question..."
  • gemini --model <name> "Prompt..."
  • gemini --output-format json "Return JSON"

Extensions

  • List: gemini --list-extensions
  • Manage: gemini extensions <command>

Notes

  • If auth is required, run gemini once interactively and follow the login flow.
  • Avoid --yolo for safety.

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…