← 返回 Skills 市场
🔌

Google Cloud STS

作者 OOMOL · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
29
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install oo-gcloud-sts
功能描述
Google Cloud STS (cloud.google.com). Use this skill for ANY Google Cloud STS request — searching and reading data. Whenever a task involves Google Cloud STS,...
使用说明 (SKILL.md)

Google Cloud STS

Operate Google Cloud STS through your OOMOL-connected account. This skill calls the gcloud_sts connector with the oo CLI; OOMOL injects credentials server-side, so you never handle raw tokens.

Category: Security & Identity, Developer Tools. Exposes 1 action(s).

Running an action

Assume the user has already installed the oo CLI, signed in, and connected Google Cloud STS. Do not run oo auth login or open the connection URL proactively — just run the action. Fall back to First-time setup only when a command actually fails with an auth or connection error.

1. Inspect the contract to get the authoritative input/output schema before building a payload:

oo connector schema "gcloud_sts" --action "\x3Caction_name>"

2. Run the action with a JSON payload that matches the input schema:

oo connector run "gcloud_sts" --action "\x3Caction_name>" --data '\x3Cjson>' --json
  • --data takes a JSON object string or @path/to/file.json; omit it to send {}.
  • The response is { "data": ..., "meta": { "executionId": "..." } }; the execution id lives under meta.executionId.

Each action below links to a reference file with its purpose and exact commands. Read the linked file, then fetch the live schema with oo connector schema before constructing --data.

Available actions

  • get_federated_access_token — Exchange the connected OOMOL OIDC token with Google Cloud Workload Identity Federation and return a Google Cloud access token.

Safety

  • Read actions (get / list / search) are safe to run directly.
  • Create, update, send, or post actions change Google Cloud STS state — confirm the exact payload and effect with the user before running.
  • Delete or remove actions are destructive — always confirm the target and get explicit approval first.

First-time setup

These are one-time steps — do not repeat them on every call. Run a step only when a command fails for the matching reason.

  • oo: command not found — install the oo CLI (other platforms: \x3Chttps://cli.oomol.com/install-guide.md>):

    curl -fsSL https://cli.oomol.com/install.sh | bash    # macOS / Linux

    irm https://cli.oomol.com/install.ps1 | iex           # Windows PowerShell

  • Not signed in / authentication error — sign in to your OOMOL account once:

    oo auth login

  • scope_missing / credential_expired / app_not_ready / app_not_found — Google Cloud STS is not connected, or the connection expired or lacks a scope. Connect once (auth type: federated) at:

    https://console.oomol.com/app-connections?provider=gcloud_sts

  • HTTP 402 / OOMOL_INSUFFICIENT_CREDIT — billing stop. Recharge at https://console.oomol.com/billing/token-recharge before retrying.

Resources

安全使用建议
Install only if you intentionally want an agent to obtain Google Cloud federated access tokens through your OOMOL connection. Treat returned tokens as secrets, avoid logging or pasting them into unrelated tools, and verify the Google Cloud scopes, target project, and intended use before running the action.
能力标签
requires-oauth-tokenrequires-sensitive-credentials
能力评估
Purpose & Capability
The stated purpose is Google Cloud STS federation, and the only action does exactly that: exchanges an OOMOL OIDC token for a Google Cloud access token. That capability is inherently high-impact because the returned token can authorize access to Google Cloud resources.
Instruction Scope
The skill says to use it for any Google Cloud STS request, including searching and reading data, while the only available action returns an access token. It also tells the agent to run the action directly and does not require explicit user confirmation before credential issuance.
Install Mechanism
The artifact is markdown-only and declares Bash access scoped to oo commands, with no bundled executable code. It does include first-time setup guidance using remote oo CLI install commands, but only as a fallback when the CLI is missing.
Credentials
Use of an OOMOL-connected account is coherent for this purpose, but exposing a raw Google Cloud access token is a broad credential handoff compared with a narrower connector workflow that performs a specific downstream operation.
Persistence & Privilege
No persistence, background worker, file indexing, or hidden privilege escalation is present in the artifacts. The main privilege concern is short-lived credential issuance and possible leakage or reuse outside the intended workflow.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install oo-gcloud-sts
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /oo-gcloud-sts 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Adds the initial `oo-gcloud-sts` skill for operating Google Cloud Security Token Service through an OOMOL-connected account. - Provides a `get_federated_access_token` action to exchange the connected OOMOL OIDC token via Google Cloud Workload Identity Federation. - Returns a Google Cloud access token without requiring users or agents to handle raw upstream credentials directly. - Documents the standard `oo connector schema` and `oo connector run` workflow for inspecting live action contracts and executing the connector. - Includes setup and recovery guidance for missing CLI installation, authentication failures, expired connections, missing scopes, billing stops, and related connector errors.
元数据
Slug oo-gcloud-sts
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Google Cloud STS 是什么?

Google Cloud STS (cloud.google.com). Use this skill for ANY Google Cloud STS request — searching and reading data. Whenever a task involves Google Cloud STS,... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 29 次。

如何安装 Google Cloud STS?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install oo-gcloud-sts」即可一键安装,无需额外配置。

Google Cloud STS 是免费的吗?

是的,Google Cloud STS 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Google Cloud STS 支持哪些平台?

Google Cloud STS 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Google Cloud STS?

由 OOMOL(@oomol)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论