by 安全扫描
OpenClaw
可疑
medium confidenceThe skill mostly does what it says (wraps the Gemini CLI), but the manifest omits required system dependencies and the instructions encourage running an agentic CLI with auto-approve file writes and long-lived Google credentials — mismatches and risk factors you should understand before installing.
评估建议
Before installing: (1) Expect to need Node.js 18+ and root privileges — the manifest does not declare these but setup.sh requires them. (2) The script adds Google's apt repo and globally installs the gemini CLI via npm and writes /usr/local/bin/ask-gemini — run it only on a throwaway VM or container, not on a production server. (3) The authentication flow creates long-lived ADC tokens at $HOME/.config/gcloud/application_default_credentials.json; consider using a dedicated Google account with min...详细分析 ▾
⚠ 用途与能力
The skill's description matches its behavior (wrapping Gemini CLI as a sub-agent). However the declared metadata lists no required binaries or env vars while the included setup.sh requires Node.js 18+, the gemini CLI (npm @google/gemini-cli) and gcloud — a clear mismatch between claimed requirements and actual needs.
⚠ 指令范围
SKILL.md explicitly instructs installing system-level packages and performing OAuth flows that create long-lived ADC credentials. It also recommends agentic coding with gemini -y (auto-approves file writes and shell commands), which grants the CLI permission to read/write arbitrary files — this is coherent with 'agentic coding' but expands the skill's authority to the host filesystem and can be unsafe if run on sensitive systems.
ℹ 安装机制
Installation is via the provided scripts: global npm install of @google/gemini-cli and adding Google's APT repo + apt-get install google-cloud-cli. Sources used (npm package and packages.cloud.google.com) are official, not arbitrary URLs, but the script writes to system paths (/usr/local/bin, /etc/apt/...) and will require elevated privileges to succeed. The manifest had no separate install spec despite shipping a setup script.
ℹ 凭证需求
No unrelated credentials are requested in metadata. The skill relies on Google Application Default Credentials (ADC) created by gcloud auth flows; credentials are stored in $HOME/.config/gcloud/application_default_credentials.json and are described as 'cached indefinitely'. This is expected for using a Google-subscribed CLI but is high-impact: those tokens may grant broad access to the authenticated Google account/project if scopes are not limited.
ℹ 持久化与权限
always is false and the skill is user-invocable (normal). The setup script installs a wrapper to /usr/local/bin and configures system apt sources; it therefore requests system-level persistence and requires root to install globally. It does not modify other skills' configs. The combination of global install + long-lived credentials increases blast radius if run on shared/production hosts.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/3/1
First release — use Gemini 3.1 Pro via Google subscription as a free OpenClaw sub-agent. Zero API cost, 1M context, agentic coding support.
● 可疑
安装命令 点击复制
官方npx clawhub@latest install gemini-sub-agent
镜像加速npx clawhub@latest install gemini-sub-agent --registry https://cn.clawhub-mirror.com
技能文档
Use Google Gemini (via subscription, $0 API cost) as a sub-agent inside OpenClaw workflows.
Setup
Run once on a fresh machine:
bash skills/gemini-sub-agent/scripts/setup.sh
Then authenticate (headless VPS flow):
- On VPS:
gcloud auth application-default login --no-browser→ copy the--remote-bootstrapURL - On laptop:
gcloud auth application-default login --remote-bootstrap="→ copy the" localhost:8085output - Paste
localhost:8085output back into VPS prompt - Complete Gemini CLI OAuth:
GOOGLE_GENAI_USE_GCA=true gemini -p "hello"→ paste auth code
Credentials are cached indefinitely and auto-refresh.
Available Models
| Model | Use for |
|---|---|
gemini-3.1-pro-preview | Default — latest flagship, best reasoning |
gemini-2.5-pro | Stable coding tasks, multi-file edits |
gemini-3-flash-preview | Fast summaries, quick Q&A |
gemini-3-pro-preview | Previous gen Pro, reliable fallback |
gemini-2.5-flash | Lightweight fallback |
Usage Patterns
1. Simple text task (exec)
ask-gemini "your prompt here"
ask-gemini -m gemini-2.5-pro "your prompt"
2. Pipe large content (long-context)
cat large_file.txt | ask-gemini "summarize this in 5 bullets"
cat report.md | ask-gemini "extract all action items"
3. Agentic coding (replaces Swift/Sonnet for 30-200 line tasks)
cd /path/to/project
GOOGLE_GENAI_USE_GCA=true gemini -m gemini-2.5-pro -y -p "write a script that..."
-y = yolo mode (auto-approves all file writes and shell commands). Gemini reads/writes files autonomously.4. Pipe files directly into agentic session
cat existing_script.py | GOOGLE_GENAI_USE_GCA=true gemini -m gemini-2.5-pro -y -p "refactor this to add error handling"
Routing Rules (when to use Gemini vs others)
| Task | Use |
|---|---|
| Text, analysis, summarization | ask-gemini |
| Medium coding (30–200 lines) | Gemini agentic (-y) instead of Swift/Sonnet |
| Large file / long-context | ask-gemini (1M token window) |
| Web search / research | Research agent (Grok) — Gemini has no web access |
| Multi-agent orchestration | OpenClaw native (sessions_spawn) |
| Complex architecture / debugging | Codex (Opus) — escalate if Gemini fails twice |
Escalation
If Gemini returns wrong output twice on the same task → escalate to Swift (Sonnet) or Codex (Opus).
Log the failure in failures/hot_antipatterns.md with the task type.
Scripts
scripts/setup.sh— Full install: gemini-cli + gcloud + ask-gemini wrapperscripts/ask-gemini— The wrapper script itself (copy to/usr/local/bin/)
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制