ClawHub

Gemini

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This is a coherent instruction-only wrapper for the Gemini CLI, with expected notes around installing the CLI, using Gemini authentication, and sending prompts to an external provider.

This skill appears benign for its stated purpose. Before installing, make sure you trust the Homebrew Gemini CLI package, authenticate with the correct account, avoid sending sensitive data unless approved, and follow the skill’s advice to avoid `--yolo`.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#
ASI04: Agentic Supply Chain Vulnerabilities
Info
What this means

Installing and using the skill means installing and running the external Gemini CLI from Homebrew.

Why it was flagged

The skill depends on an external Homebrew package rather than bundled reviewed code. This is expected for a CLI wrapper, but the user must trust the installed Gemini CLI package.

Skill content
brew | formula: gemini-cli | creates binaries: gemini
Recommendation

Install the Gemini CLI from trusted Homebrew sources and review any Gemini CLI extensions before enabling them.

#
ASI03: Identity and Privilege Abuse
Low
What this means

Prompts and usage may be associated with the account used to authenticate the Gemini CLI.

Why it was flagged

The skill may use an authenticated Gemini or Google account session. This is expected for the integration, but users should notice that account access may be involved.

Skill content
If auth is required, run `gemini` once interactively and follow the login flow.
Recommendation

Authenticate only with the account you intend to use, and follow your organization’s policy for Gemini or Google AI access.

#
ASI07: Insecure Inter-Agent Communication
Low
What this means

Information included in prompts, summaries, or generation requests may be sent to Gemini rather than staying entirely local.

Why it was flagged

The core workflow sends prompt text to the Gemini CLI and external Gemini service. This is disclosed and purpose-aligned, but prompt content may include user or project data.

Skill content
Use Gemini in one-shot mode with a positional prompt ... `gemini "Answer this question..."`
Recommendation

Avoid sending confidential or regulated data unless Gemini use is approved for that data.