← 返回 Skills 市场
2761
总下载
0
收藏
3
当前安装
3
版本数
在 OpenClaw 中安装
/install ez-google
功能描述
Use when asked to send email, check inbox, read emails, check calendar, schedule meetings, create events, search Google Drive, create Google Docs, read or write spreadsheets, find contacts, or any task involving Gmail, Google Calendar, Drive, Docs, Sheets, Slides, or Contacts. Agent-friendly with hosted OAuth - no API keys needed.
使用说明 (SKILL.md)
ez-google
Agent-friendly Google Workspace tools. Simple CLI scripts with hosted OAuth - users just click a link and paste back a token. No API keys or credentials needed.
Run all commands with: uv run scripts/\x3Cscript>.py \x3Ccommand> [args]
Auth (do this first)
auth.py status # Check: AUTHENTICATED or NOT_AUTHENTICATED
auth.py login # Get URL → send to user
auth.py save '\x3CTOKEN>' # Save token from hosted OAuth
Auth flow: status → if not authenticated → login → user clicks link, copies token → save '\x3CTOKEN>'
Gmail
gmail.py list [-n 10] [-q "query"] # List emails
gmail.py search "query" # Search emails
gmail.py get MESSAGE_ID # Read email
gmail.py send "to" "subject" "body" # Send email
gmail.py draft "to" "subject" "body" # Create draft
gmail.py labels # List labels
# Bulk operations (up to 1000 messages per API call)
gmail.py bulk-label "query" --add LABEL --remove LABEL # Add/remove labels
gmail.py bulk-trash "query" [-y] # Move to trash (use -y to skip confirmation)
Bulk examples:
gmail.py bulk-label "from:[email protected]" --add ARCHIVE --remove INBOX
gmail.py bulk-trash "subject:alert older_than:30d" -y
gmail.py bulk-label "category:promotions" --add Label_3 # Use label IDs from `labels`
Calendar
gcal.py list [DATE] # List events (DATE: YYYY-MM-DD or "today")
gcal.py create "title" "START" "END" # Create event (START/END: YYYY-MM-DDTHH:MM)
gcal.py get EVENT_ID # Event details
gcal.py delete EVENT_ID # Delete event
gcal.py calendars # List calendars
Drive
drive.py list [-n 20] # List files
drive.py search "query" # Search by name
drive.py get FILE_ID # File metadata
drive.py download FILE_ID # File content
drive.py create-folder "name" # Create folder
Docs
docs.py create "title" # Create doc
docs.py get DOC_ID # Read content
docs.py find "query" # Find by title
docs.py append DOC_ID "text" # Append text
docs.py insert DOC_ID "text" # Insert at start
docs.py replace DOC_ID "old" "new" # Replace text
Sheets
sheets.py create "title" # Create spreadsheet
sheets.py get ID "Sheet!A1:D10" # Read data
sheets.py info ID # Sheet metadata
sheets.py find "query" # Find by name
sheets.py write ID "Sheet!A1" "a,b;c,d" # Write (rows separated by ;)
sheets.py append ID "Sheet!A:B" "a,b;c,d" # Append rows
Slides
slides.py find "query" # Find presentations
slides.py get PRESENTATION_ID # Get slides info
slides.py text PRESENTATION_ID # Extract all text
slides.py create "title" # Create presentation
People/Contacts
people.py me # Current user profile
people.py contacts [-n 100] # List contacts
people.py search "name" # Search contacts
people.py get CONTACT_ID # Contact details
Chat (Workspace only)
chat.py spaces # List spaces
chat.py messages SPACE_ID [-n 20] # List messages
chat.py send SPACE_ID "text" # Send message
chat.py get SPACE_ID # Space details
Note: After adding new services, run auth.py logout then login again to grant new permissions.
安全使用建议
This package implements a legitimate-appearing Google Workspace CLI, but its default auth flow uses a hosted OAuth worker (https://ezagentauth.com). That service will be involved in issuing or relaying the OAuth token you paste into auth.py save — and the saved token contains refresh tokens and client_secret values granting broad access (Gmail modify, Drive, Docs, Sheets, Chat messages, Contacts, etc.). Before installing or using:
- Do not use your primary or high‑privilege Google account with this flow. Prefer a throwaway or limited-scope account for testing.
- Prefer the local OAuth path (uv run auth.py login --local) by creating your own OAuth client (set CLIENT_SECRETS_FILE or GOOGLE_CLIENT_ID/GOOGLE_CLIENT_SECRET) so the token is issued directly by Google to your app and the third party does not mediate credentials.
- Inspect any token string you paste (auth.save expects a base64 JSON) before saving; it should only contain fields you expect. Be skeptical if the hosted service asks you to paste credentials from other sites.
- If you must use the hosted OAuth worker, verify the operator (ezagentauth.com): hosting, privacy policy, source, and whether the worker stores or can reuse client secrets/refresh tokens.
- Consider restricting scopes using a custom OAuth client (so you only grant necessary scopes) and periodically revoking saved refresh tokens in your Google account security settings.
Given the external token broker and very broad scopes, treat this skill as risky unless you control the OAuth client or fully trust the hosted worker.
功能分析
Type: OpenClaw Skill
Name: ez-google
Version: 1.0.2
This skill bundle is classified as suspicious primarily due to its reliance on an external hosted OAuth service, `https://ezagentauth.com`, as defined in `scripts/auth.py`. This service provides the full OAuth credential set (including client_id and client_secret) to the user's local `token.json` file, creating a significant trust dependency on this third-party. While the skill's code itself does not exhibit clear malicious intent (e.g., no unauthorized data exfiltration to external endpoints, no persistence mechanisms, no obfuscation), it requests broad permissions across Google Workspace (e.g., `gmail.modify`, `drive`, `chat.messages`). These permissions, combined with the ability to read sensitive data (emails, Drive files) and print them to stdout, represent risky capabilities that could be abused if the agent or the external OAuth service were compromised.
能力评估
Purpose & Capability
Name/description match the included scripts: the code implements Gmail, Calendar, Drive, Docs, Sheets, Slides, People, and Chat operations. The OAuth flow (hosted or local) is needed for these APIs, so requiring credentials is expected. The only notable divergence is the use of a hosted OAuth worker (ezagentauth.com) instead of guiding users to create/use their own OAuth client; that is a design choice rather than outright incoherence.
Instruction Scope
Runtime instructions ask the user to 'click a link and paste back a token' from a hosted OAuth service. The scripts then save that token (including refresh_token, client_id, client_secret) to ~/.simple-google-workspace/token.json and use it to call Google APIs with broad scopes (gmail.modify, drive, docs, spreadsheets, chat.messages, contacts.readonly, etc.). The instruction set does not request unrelated system files, but it explicitly directs credentials from an external service into a local token file — a high-risk data flow because the external service could capture or mint credentials.
Install Mechanism
There is no automatic install/download step or external archive; the skill is instruction + local Python scripts. Dependencies are declared in script headers only; nothing is fetched from an untrusted URL by the installer. This minimizes install-time risk.
Credentials
The skill declares no required environment variables but offers a hosted OAuth worker that yields a token JSON containing token, refresh_token, client_id, and client_secret — and the SCOPES list requests wide permissions (read/write/send email, modify Drive/Docs/Sheets, send Chat messages, etc.). Requesting and storing a full OAuth client secret and refresh token is proportionate to multi-service access, but centralizing credential issuance through an external host is excessive for many users and creates a single point that can exfiltrate or misuse credentials.
Persistence & Privilege
The skill stores credentials in ~/.simple-google-workspace/token.json and flow state in the same directory. It does not request platform-wide privileges or set always:true. Storing tokens locally is expected for OAuth CLI tools; there is no evidence the skill modifies other skills or system settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install ez-google - 安装完成后,直接呼叫该 Skill 的名称或使用
/ez-google触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.2
- Added bulk Gmail operations: bulk-label and bulk-trash commands for batch labeling and deleting emails.
- Updated Gmail documentation with usage examples for new bulk features.
- No other changes detected.-
v1.0.1
- batch gmail operations
v1.0.0
Initial public release of ez-google
- Provides command-line tools for Gmail, Calendar, Drive, Docs, Sheets, Slides, Contacts, and Chat.
- Includes simple authentication flow for Google Workspace access.
- Offers commands for listing, searching, reading, creating, and editing across supported Google services.
- Supports user, contact, and chat management (Workspace accounts).
- Requires re-authentication when new Google services are added.
元数据
常见问题
ez-google 是什么?
Use when asked to send email, check inbox, read emails, check calendar, schedule meetings, create events, search Google Drive, create Google Docs, read or write spreadsheets, find contacts, or any task involving Gmail, Google Calendar, Drive, Docs, Sheets, Slides, or Contacts. Agent-friendly with hosted OAuth - no API keys needed. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 2761 次。
如何安装 ez-google?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install ez-google」即可一键安装,无需额外配置。
ez-google 是免费的吗?
是的,ez-google 完全免费(开源免费),可自由下载、安装和使用。
ez-google 支持哪些平台?
ez-google 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 ez-google?
由 araa47(@araa47)开发并维护,当前版本 v1.0.2。
推荐 Skills