← Back to Skills Marketplace
tedo0626

Gemini Sub-Agent

by tedo0626 · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
462
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install gemini-sub-agent
Description
Use Google Gemini as a free sub-agent via a Google One / Gemini Advanced subscription (no API key or API credits needed). Use when: (1) delegating tasks that...
README (SKILL.md)

gemini-sub-agent

Use Google Gemini (via subscription, $0 API cost) as a sub-agent inside OpenClaw workflows.

Setup

Run once on a fresh machine:

bash skills/gemini-sub-agent/scripts/setup.sh

Then authenticate (headless VPS flow):

  1. On VPS: gcloud auth application-default login --no-browser → copy the --remote-bootstrap URL
  2. On laptop: gcloud auth application-default login --remote-bootstrap="\x3CURL>" → copy the localhost:8085 output
  3. Paste localhost:8085 output back into VPS prompt
  4. Complete Gemini CLI OAuth: GOOGLE_GENAI_USE_GCA=true gemini -p "hello" → paste auth code

Credentials are cached indefinitely and auto-refresh.

Available Models

Model Use for
gemini-3.1-pro-preview Default — latest flagship, best reasoning
gemini-2.5-pro Stable coding tasks, multi-file edits
gemini-3-flash-preview Fast summaries, quick Q&A
gemini-3-pro-preview Previous gen Pro, reliable fallback
gemini-2.5-flash Lightweight fallback

Usage Patterns

1. Simple text task (exec)

ask-gemini "your prompt here"
ask-gemini -m gemini-2.5-pro "your prompt"

2. Pipe large content (long-context)

cat large_file.txt | ask-gemini "summarize this in 5 bullets"
cat report.md | ask-gemini "extract all action items"

3. Agentic coding (replaces Swift/Sonnet for 30-200 line tasks)

cd /path/to/project
GOOGLE_GENAI_USE_GCA=true gemini -m gemini-2.5-pro -y -p "write a script that..."

-y = yolo mode (auto-approves all file writes and shell commands). Gemini reads/writes files autonomously.

4. Pipe files directly into agentic session

cat existing_script.py | GOOGLE_GENAI_USE_GCA=true gemini -m gemini-2.5-pro -y -p "refactor this to add error handling"

Routing Rules (when to use Gemini vs others)

Task Use
Text, analysis, summarization ask-gemini
Medium coding (30–200 lines) Gemini agentic (-y) instead of Swift/Sonnet
Large file / long-context ask-gemini (1M token window)
Web search / research Research agent (Grok) — Gemini has no web access
Multi-agent orchestration OpenClaw native (sessions_spawn)
Complex architecture / debugging Codex (Opus) — escalate if Gemini fails twice

Escalation

If Gemini returns wrong output twice on the same task → escalate to Swift (Sonnet) or Codex (Opus). Log the failure in failures/hot_antipatterns.md with the task type.

Scripts

  • scripts/setup.sh — Full install: gemini-cli + gcloud + ask-gemini wrapper
  • scripts/ask-gemini — The wrapper script itself (copy to /usr/local/bin/)
Usage Guidance
Before installing: (1) Expect to need Node.js 18+ and root privileges — the manifest does not declare these but setup.sh requires them. (2) The script adds Google's apt repo and globally installs the gemini CLI via npm and writes /usr/local/bin/ask-gemini — run it only on a throwaway VM or container, not on a production server. (3) The authentication flow creates long-lived ADC tokens at $HOME/.config/gcloud/application_default_credentials.json; consider using a dedicated Google account with minimal scopes, and inspect the scopes granted during the OAuth flow. (4) Be cautious with agentic usage: gemini -y auto-approves file writes and commands — this can modify arbitrary files. If you need the capability, prefer sandboxing (container/VM), review the wrapper script, and do not run it where secrets or sensitive data reside. (5) If uncertain, ask the skill author for: an updated manifest declaring required binaries/privileges, the exact OAuth scopes used, and guidance for least-privilege installation (containerized option).
Capability Analysis
Type: OpenClaw Skill Name: gemini-sub-agent Version: 1.0.0 The skill bundle is classified as suspicious due to instructions in `SKILL.md` that direct the OpenClaw agent to use the Google Gemini sub-agent in 'yolo mode' (`-y`). This mode explicitly 'auto-approves all file writes and shell commands,' granting the Gemini sub-agent autonomous and unconstrained execution capabilities on the host system. While the skill bundle itself does not contain malicious code, this design choice introduces a critical remote code execution (RCE) vulnerability. If the Gemini sub-agent is subsequently given a malicious prompt, it could lead to arbitrary command execution or file manipulation, making the system highly susceptible to prompt injection attacks against the sub-agent. The `scripts/setup.sh` file performs standard installations and creates a benign wrapper script, but the core issue lies in the delegated, unconstrained execution instruction.
Capability Assessment
Purpose & Capability
The skill's description matches its behavior (wrapping Gemini CLI as a sub-agent). However the declared metadata lists no required binaries or env vars while the included setup.sh requires Node.js 18+, the gemini CLI (npm @google/gemini-cli) and gcloud — a clear mismatch between claimed requirements and actual needs.
Instruction Scope
SKILL.md explicitly instructs installing system-level packages and performing OAuth flows that create long-lived ADC credentials. It also recommends agentic coding with gemini -y (auto-approves file writes and shell commands), which grants the CLI permission to read/write arbitrary files — this is coherent with 'agentic coding' but expands the skill's authority to the host filesystem and can be unsafe if run on sensitive systems.
Install Mechanism
Installation is via the provided scripts: global npm install of @google/gemini-cli and adding Google's APT repo + apt-get install google-cloud-cli. Sources used (npm package and packages.cloud.google.com) are official, not arbitrary URLs, but the script writes to system paths (/usr/local/bin, /etc/apt/...) and will require elevated privileges to succeed. The manifest had no separate install spec despite shipping a setup script.
Credentials
No unrelated credentials are requested in metadata. The skill relies on Google Application Default Credentials (ADC) created by gcloud auth flows; credentials are stored in $HOME/.config/gcloud/application_default_credentials.json and are described as 'cached indefinitely'. This is expected for using a Google-subscribed CLI but is high-impact: those tokens may grant broad access to the authenticated Google account/project if scopes are not limited.
Persistence & Privilege
always is false and the skill is user-invocable (normal). The setup script installs a wrapper to /usr/local/bin and configures system apt sources; it therefore requests system-level persistence and requires root to install globally. It does not modify other skills' configs. The combination of global install + long-lived credentials increases blast radius if run on shared/production hosts.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install gemini-sub-agent
  3. After installation, invoke the skill by name or use /gemini-sub-agent
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
First release — use Gemini 3.1 Pro via Google subscription as a free OpenClaw sub-agent. Zero API cost, 1M context, agentic coding support.
Metadata
Slug gemini-sub-agent
Version 1.0.0
License
All-time Installs 1
Active Installs 1
Total Versions 1
Frequently Asked Questions

What is Gemini Sub-Agent?

Use Google Gemini as a free sub-agent via a Google One / Gemini Advanced subscription (no API key or API credits needed). Use when: (1) delegating tasks that... It is an AI Agent Skill for Claude Code / OpenClaw, with 462 downloads so far.

How do I install Gemini Sub-Agent?

Run "/install gemini-sub-agent" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Gemini Sub-Agent free?

Yes, Gemini Sub-Agent is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Gemini Sub-Agent support?

Gemini Sub-Agent is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Gemini Sub-Agent?

It is built and maintained by tedo0626 (@tedo0626); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments