Civic Google

Name: Civic Google
Author: civictechuser

Description

Use gog (Google CLI) without manual OAuth setup — Civic handles token management automatically

README (SKILL.md)

This skill describes the @civic/openclaw-google plugin, which lets agents use gog (the Google Workspace CLI) without the user having to create a Google Cloud project, configure OAuth credentials, or manage tokens. Civic acts as an OAuth proxy — it provides the OAuth client, stores tokens encrypted server-side, refreshes them automatically, and the plugin requests only the scope each command actually needs.

Privacy and security

What is sent to Civic: The plugin sends the gog command prefix (e.g. gog gmail send) over HTTPS to app.civic.com for scope resolution. The proxy reads only the command prefix to determine which OAuth scope is needed — command arguments (email addresses, search queries, file names) are not logged, stored, or used by the proxy.
CIVIC_TOKEN: This is the user's own API key from their Civic account at app.civic.com. It authenticates the user to their own account and is never shared. It is sent as a Bearer token over HTTPS.
Token handling: OAuth access tokens are short-lived (~1 hour), stored encrypted (AES-256) on Civic's servers, and refreshed automatically. The agent never sees OAuth client secrets or refresh tokens.
Source code: The plugin is open source at https://github.com/civicteam/openclaw-google and published on npm as @civic/openclaw-google.

Setup

Install the plugin:

openclaw plugins install @civic/openclaw-google

Install gog (the Google CLI):
```
brew install gog
```
Set your Civic API token in the gateway environment:
```
CIVIC_TOKEN=\x3Cyour-token-from-app.civic.com>
```
Get your token from app.civic.com -> Settings -> API Keys.
Restart the gateway.

How it works

Agent calls gog gmail search newer_than:1d
Plugin intercepts the exec tool call via a before_tool_call hook
Plugin sends the command prefix to the Civic proxy for scope resolution
Proxy matches gog gmail -> gmail.readonly scope
If authorized: returns a short-lived access token, plugin sets GOG_ACCESS_TOKEN env var, gog runs
If not yet authorized: blocks the tool call and surfaces an auth URL for the user to consent
After first consent per scope, all future calls work automatically

Supported services and scope mapping

The plugin maps each gog subcommand to the narrowest OAuth scope required. Write operations get specific scopes; unrecognized subcommands fall back to read-only.

Gmail

gog gmail send — gmail.send
gog gmail draft, gog gmail drafts — gmail.compose
gog gmail trash, archive, read, unread, batch — gmail.modify
gog gmail (catch-all) — gmail.readonly

Calendar

gog calendar create, update, delete, respond, subscribe — calendar.events
gog calendar (catch-all) — calendar.readonly

Drive

gog drive upload, create, update, delete, move, rename, share, copy, import — drive.file
gog drive transfer — drive (full access, required for ownership transfer)
gog drive (catch-all) — drive.readonly

Docs

gog docs create, edit, append — documents
gog docs copy, delete, import — documents + drive.file
gog docs export — documents.readonly + drive.file
gog docs (catch-all) — documents.readonly + drive.readonly

Sheets

gog sheets write, append, delete, insert, format, merge, freeze, resize — spreadsheets
gog sheets create — spreadsheets + drive.file
gog sheets (catch-all) — spreadsheets.readonly + drive.readonly

Slides

gog slides create, copy — presentations + drive.file
gog slides edit, update, duplicate, delete — presentations
gog slides (catch-all) — presentations.readonly + drive.readonly

Tasks

gog tasks add, done, delete, move, update — tasks
gog tasks (catch-all) — tasks.readonly

Contacts

gog contacts create, update, delete, merge, batch — contacts
gog contacts (catch-all) — contacts.readonly

Chat

gog chat send — chat.messages.create
gog chat create — chat.spaces
gog chat delete — chat.messages
gog chat (catch-all) — chat.spaces.readonly + chat.messages.readonly

Forms

gog forms create, update, delete — forms.body
gog forms (catch-all) — forms.body.readonly + forms.responses.readonly

Apps Script

gog appscript run — script.projects
gog appscript deploy — script.deployments
gog appscript (catch-all) — script.projects.readonly + drive.readonly

Troubleshooting

"No CIVIC_TOKEN configured" — Set CIVIC_TOKEN in your gateway environment. Get it from app.civic.com -> Settings -> API Keys.
Auth URL keeps appearing — The user needs to click the authorization link and complete the Google consent screen. Each scope requires separate consent.
Token errors after working previously — The user may have revoked access in their Google account settings. Re-authorize by triggering any gog command.

Custom proxy URL

For local development, set OPENCLAW_PROXY_URL in the gateway environment:

OPENCLAW_PROXY_URL=http://localhost:3013/openclaw

Usage Guidance

This skill appears internally consistent: it asks only for the gog binary and a CIVIC_TOKEN and the instructions match its stated proxying behavior. Before installing, verify the Civic service and the claimed open-source repo (https://github.com/civicteam/openclaw-google and the npm package) so you can inspect how tokens are handled. Understand that Civic will learn which gog subcommands you run (the SKILL.md says arguments are not logged, but subcommand prefixes are), and that CIVIC_TOKEN grants Civic the ability to hold and refresh your Google OAuth tokens on your behalf — only proceed if you trust Civic. If you test locally, be cautious with OPENCLAW_PROXY_URL (don’t point it to untrusted remote endpoints) and store CIVIC_TOKEN securely; know how to revoke or rotate it via app.civic.com if you stop using the skill.

Capability Analysis

Type: OpenClaw Skill Name: civic-google Version: 0.1.1 The skill documentation in SKILL.md describes an architecture where a third-party service (app.civic.com) acts as an OAuth proxy, intercepting tool calls to the Google CLI (gog). While the documentation claims only command prefixes are sent for scope resolution, this design introduces significant supply-chain risk and potential data exposure by routing authentication and command metadata through an external intermediary. The reliance on a remote plugin (@civic/openclaw-google) to inject environment variables (GOG_ACCESS_TOKEN) and handle sensitive credentials (CIVIC_TOKEN) constitutes a high-risk capability.

Capability Assessment

✓ Purpose & Capability

The skill claims to let agents run the gog CLI without manual OAuth setup and only requires the gog binary and a CIVIC_TOKEN. Those requirements and the described plugin behavior are coherent with that purpose.

ℹ Instruction Scope

The SKILL.md instructs the plugin to send the gog command prefix to app.civic.com for scope resolution and says arguments aren't logged. This is within the plugin's stated purpose, but it does transmit which subcommands/services you use to Civic. The doc also exposes an OPENCLAW_PROXY_URL override (example uses plain http://localhost:3013) — changing this could redirect scope resolution to another endpoint, so users should be careful where they point it.

✓ Install Mechanism

This is an instruction-only skill (no install spec or code files). The SKILL.md tells users to install the OpenClaw plugin and brew-install gog; those are standard OS-level instructions and low-risk from this static review.

ℹ Credentials

The only required environment variable is CIVIC_TOKEN, which is appropriate for an OAuth-proxy service. However, CIVIC_TOKEN grants Civic account-level API access and therefore authorizes Civic to manage stored OAuth tokens on your behalf — you must trust Civic with that responsibility. The plugin does not request Google credentials, which is consistent.

✓ Persistence & Privilege

always is false and the skill does not request system-wide configuration or other skills' credentials. Nothing in the SKILL.md indicates it modifies other skills or requires permanent elevated presence.

Version History

v0.1.1

- Updated documentation to include privacy and security details, clarifying what user data is sent and how tokens are handled. - Revised plugin description and setup steps for clarity and conciseness. - Confirmed that all supported gog command scope mappings remain unchanged. - No code or implementation changes in this release—documentation update only.

v0.1.0

Initial release: Seamless Google Workspace CLI access via Civic OAuth. - Adds a plugin that injects OAuth tokens for Google Workspace access using Civic, requiring no Google Cloud project or local credentials. - Maps each `gog` subcommand to the minimum required OAuth scope for higher security and least privilege. - Handles user consent flows automatically, surfacing authorization URLs on first use and refreshing tokens as needed. - Supports fine-grained access for Gmail, Calendar, Drive, Docs, Sheets, Slides, Tasks, Contacts, Chat, Forms, and Apps Script. - Provides straightforward setup instructions and detailed troubleshooting guidance.

Metadata

Slug civic-google

Version 0.1.1

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 2

Frequently Asked Questions

What is Civic Google?

Use gog (Google CLI) without manual OAuth setup — Civic handles token management automatically. It is an AI Agent Skill for Claude Code / OpenClaw, with 218 downloads so far.

How do I install Civic Google?

Run "/install civic-google" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Civic Google free?

Yes, Civic Google is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Civic Google support?

Civic Google is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Civic Google?

It is built and maintained by civictechuser (@civictechuser); the current version is v0.1.1.

More Skills