gmail-oauthSet up Gmail API access via gog CLI with manual OAuth flow. Use when setting up Gmail integration, renewing expired OAuth tokens, or troubleshooting Gmail authentication on headless servers.
Install via ClawdBot CLI:
clawdbot install kai-jar/gmail-oauthGrade Good — based on market validation, documentation quality, package completeness, maintenance status, and authenticity signals.
Sends data to undocumented external endpoint (potential exfiltration)
POST → https://oauth2.googleapis.com/tokenCalls external URL not in known-safe list
https://console.cloud.google.comUses known external API (expected, informational)
cloud.google.comAI Analysis
The skill's external API calls (Google OAuth and Cloud Console) are consistent with its stated purpose of setting up Gmail API access. The 'unknown data sink' signal for oauth2.googleapis.com is a false positive, as this is the legitimate Google OAuth token endpoint required for the authentication flow. No credential harvesting, hidden instructions, or obfuscation is present.
Generated Feb 24, 2026
A customer service team uses this skill to set up Gmail API access for an AI agent that automatically categorizes and responds to customer inquiries. It enables the agent to read incoming emails, send templated replies, and manage labels for tracking issues, improving response times and organization.
A marketing agency integrates this skill to automate email campaign tracking and follow-ups. The AI agent monitors Gmail for campaign responses, sends personalized follow-up emails, and compiles reports on engagement metrics, streamlining outreach efforts and reducing manual workload.
An individual uses this skill to set up a personal AI assistant that manages email tasks, such as filtering spam, scheduling reminders from emails, and drafting replies. It helps organize inboxes and save time on daily email management for busy professionals.
A DevOps team deploys this skill on a headless server to monitor system alerts sent via Gmail. The AI agent reads emails for error notifications, triggers automated responses or alerts, and logs issues, ensuring reliable system oversight without manual intervention.
A company offers a subscription-based service that uses this skill to provide automated email management features, such as sorting, responding, and analytics. Revenue is generated through monthly or annual user fees, with tiers based on email volume and advanced features.
A consulting firm uses this skill to help clients set up and customize Gmail API integrations for their specific workflows. Revenue comes from project-based fees for implementation, training, and ongoing support, targeting businesses needing tailored email automation solutions.
A developer creates a free app with basic email management features using this skill, then monetizes through premium upgrades like advanced analytics, team collaboration tools, or priority support. Revenue is generated from in-app purchases or premium subscriptions.
💬 Integration Tip
Ensure the Google Cloud project is published to avoid token expiration issues, and use minimal scopes like gmail.modify to simplify the OAuth flow and reduce user permission prompts.
Scored Apr 16, 2026
Audited Apr 16, 2026 · audit v1.0
Use when reviewing code for security vulnerabilities, implementing authentication flows, auditing OWASP Top 10, configuring CORS/CSP headers, handling secrets, input validation, SQL injection prevention, XSS protection, or any security-related code review.
gws CLI: Shared patterns for authentication, global flags, and output formatting.
Automate OAuth login flows with user confirmation via Telegram. Supports 7 providers: Google, Apple, Microsoft, GitHub, Discord, WeChat, QQ. Features: - Auto-detect available OAuth options on login pages - Ask user to choose via Telegram when multiple options exist - Confirm before authorizing - Handle account selection and consent pages automatically
Self-hosted auth for TypeScript/Cloudflare Workers with social auth, 2FA, passkeys, organizations, RBAC, and 15+ plugins. Requires Drizzle ORM or Kysely for D1 (no direct adapter). Self-hosted alternative to Clerk/Auth.js. Use when: self-hosting auth on D1, building OAuth provider, multi-tenant SaaS, or troubleshooting D1 adapter errors, session caching, rate limits, Expo crashes, additionalFields bugs.
Zoho People API integration with managed OAuth. Manage employees, departments, designations, attendance, and leave. Use this skill when users want to read, create, update, or query HR data like employees, departments, designations, and forms in Zoho People. For other third party apps, use the api-gateway skill (https://clawhub.ai/byungkyu/api-gateway). Requires network access and valid Maton API key.
Build secure authentication with sessions, JWT, OAuth, passwordless, MFA, and SSO for web and mobile apps.