← Back to Skills Marketplace
131
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install openclaw-gemini-cli
Description
Use the local Gemini CLI for one-shot prompts, structured JSON output, shell-assisted research, and delegated AI-to-AI workflows on this Linux host. Use when...
Usage Guidance
This skill is essentially a wrapper around whatever `gemini` CLI binary is installed on the machine. Before installing or using it: 1) Verify the gemini binary's origin and what network/backend it contacts (is it truly local-only or a client that sends data to a remote model?). 2) Do not use the helper scripts on files containing secrets, credentials, or private data — the scripts embed full file content into Gemini prompts and will transmit that content if the CLI sends requests to a remote service. 3) If you need to use file-review automation, modify scripts to explicitly sanitize or redact secrets before sending, or prefer interactive/manual review. 4) If you are concerned about injection or argument issues, prefer passing file contents safely (e.g., read from stdin or use safe quoting/escaping) and audit the scripts accordingly. 5) Ensure Gemini CLI auth is completed in a controlled way and test with non-sensitive data first. These steps will reduce the main risk (data exposure) while keeping the skill's functionality.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-gemini-cli
Version: 1.0.1
The skill bundle provides a wrapper for the local Gemini CLI but contains critical shell injection vulnerabilities in its helper scripts. Specifically, `scripts/gemini_review.sh` and `scripts/gemini_json.sh` expand variables containing potentially untrusted file content or prompts directly within double-quoted strings in an `exec` call. This allows for arbitrary command execution (RCE) if the input contains shell metacharacters such as backticks or command substitutions. While `SKILL.md` includes safety guidelines for the agent, the underlying script implementations are fundamentally insecure.
Capability Assessment
Purpose & Capability
The name/description match the implementation: SKILL.md and helper scripts call the local `gemini` CLI via exec for one-shot prompts, JSON-output requests, file review, and AI-to-AI workflows. No unrelated binaries, env vars, or installs are requested.
Instruction Scope
The runtime instructions explicitly tell OpenClaw to read files and send their contents to the Gemini CLI (e.g., the provided scripts embed full file content in prompts). That behavior is coherent with the stated purpose (reviewing files with Gemini), but it creates a real risk of exposing sensitive local data to whatever backend the `gemini` CLI uses. The SKILL.md includes sensible warnings about reviewing AI-generated shell before execution, but it does not require or demonstrate sanitization/filtering of secrets before sending files. The helper script gemini_review.sh includes file content in a command-line prompt (expected for the purpose) — overall scope is as-advertised, but privacy/exfiltration risk is notable.
Install Mechanism
No install spec is included (instruction-only skill). This is low-risk from an installation perspective because nothing will be downloaded or written by the skill itself.
Credentials
The skill declares no required environment variables or credentials, which is appropriate for a thin wrapper around a local CLI. However, the `gemini` CLI typically requires authentication (handled externally), and that auth may cause network calls outside the host — the skill does not request credentials but does instruct sending local content to the CLI, so the effective data flow depends on the CLI's behavior and authentication method.
Persistence & Privilege
The skill does not request always:on execution or system-wide configuration changes. It is user-invocable and does not claim elevated persistence or privileges.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-gemini-cli - After installation, invoke the skill by name or use
/openclaw-gemini-cli - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
Add first-time auth guidance and model switching notes
v1.0.0
Initial release: local Gemini CLI skill for OpenClaw exec-based orchestration
Metadata
Frequently Asked Questions
What is OpenGemini CLI?
Use the local Gemini CLI for one-shot prompts, structured JSON output, shell-assisted research, and delegated AI-to-AI workflows on this Linux host. Use when... It is an AI Agent Skill for Claude Code / OpenClaw, with 131 downloads so far.
How do I install OpenGemini CLI?
Run "/install openclaw-gemini-cli" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is OpenGemini CLI free?
Yes, OpenGemini CLI is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does OpenGemini CLI support?
OpenGemini CLI is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created OpenGemini CLI?
It is built and maintained by hiromps (@hiromps); the current version is v1.0.1.
More Skills