gog CLI: safe Google Workspace automation, JSON, auth, scoped reads/writes.
复制安装指令,让 AI 自动完成配置 · 推荐新手
请帮我安装 askskill 上的 "gog" 技能: 1. 下载 https://raw.githubusercontent.com/openclaw/gogcli/main/.agents/skills/gog/SKILL.md 2. 保存为 ~/.claude/skills/gog/SKILL.md 3. 装好后重载技能,告诉我可以用了
Use gog when built-in Google connectors are missing a feature, when shell
automation needs stable JSON, or when you need to inspect local Google auth
state before acting.
gog --version
gog auth list --check --json --no-input
gog auth doctor --check --json --no-input
gog schema --json
Pick the account explicitly for API work:
gog --account [email protected] gmail search 'newer_than:7d' --json --wrap-untrusted
Prefer --json --wrap-untrusted for agent parsing when reading Google content.
Human hints and progress should stay on stderr; stdout is for data.
GOG_KEYRING_PASSWORD is provided by a shell startup file or service
environment, use the matching shell/entrypoint so gog can unlock the file
keyring non-interactively. Do not print the value.GOG_KEYRING_BACKEND=file, GOG_KEYRING_PASSWORD, and HOME must be
present in the process that launches gog.--no-input in automation so auth/keyring prompts fail clearly.--dry-run first where commands support it.--force; do not add it unless the user asked
for that exact mutation.--gmail-no-send or GOG_GMAIL_NO_SEND=1 unless sending mail is the
requested task.docs/safety-profiles.md.Runtime command guards:
gog --enable-commands gmail.search,gmail.get --gmail-no-send \
--account [email protected] gmail search 'from:[email protected]' --json
gog --enable-commands drive.ls,docs.cat --disable-commands drive.delete \
--account [email protected] drive ls --max 10 --json
OAuth setup is partly interactive. An agent can inspect and diagnose it, but a human normally completes browser consent:
gog auth credentials list
gog auth add [email protected] --services all-user --force-consent
gog auth remove [email protected]
Default for existing human/user OAuth reauth: preserve broad service access.
Before reauth, run gog auth list --check --json --no-input and inspect the
account's existing services. When replacing an expired or revoked token, do
not silently reduce scope; prefer --services all-user --force-consent unless
the user explicitly asks for narrower scopes.
Use narrow services only for throwaway/test accounts, service-specific bot
accounts, explicit user requests, or scoped security experiments. Safety should
normally be enforced at command time with --enable-commands,
--disable-commands, --gmail-no-send, dry-runs, and account selection, not by
under-scoping durable user auth.
Service accounts are Workspace-only and mainly fit Admin, Groups, Keep, and
domain-wide delegation flows; they do not solve consumer @gmail.com OAuth.
For OpenClaw/systemd setups, run the diagnostic through the actual agent entrypoint after restarting the service:
openclaw agent --agent main --message \
'Run: gog auth doctor --check --no-input && gog gmail search "newer_than:1d" --max 1 --json'
If this fails with keyring.password while the same gog auth doctor works in
the shell, fix the service or agent environment before reauthenticating.
Remote Mac OAuth pattern:
gog auth add [email protected] --services all-user --force-consent --timeout 15m.open -a "Google Chrome".…
使用 sherpa-onnx 在本地离线将文本快速转换为语音,无需云服务。
基于 Git 历史重生成 OpenClaw 发布更新日志,便于发版前整理版本说明。
帮助团队核验 OpenClaw 版本是否已在多渠道完整发布并可正常使用。
自动获取并筛选 GitHub issues,生成修复分支、PR及评审处理流程。
帮助你在代码仓库中撰写、审校技术文档与智能体指令文件。
帮助维护者准备并核验 OpenClaw 稳定版或测试版发布与发布说明。