Manage Gemini MCP authentication lifecycle on Linux by automating cookie refresh, GUI startup/shutdown, status checks, and smoke tests.
Security Analysis
high confidenceGemini Ops is aligned with refreshing Gemini MCP auth, but it extracts and stores Google session cookies while delegating the main work to unreviewed hard-coded local scripts.
The purpose is coherent for Gemini MCP auth refresh, but the capability includes extracting reusable Google session cookies and persisting them for MCP use; that is high-impact account access.
The documented ON/OFF workflows run shell scripts that mutate MCP configuration and stop GUI/browser processes, but the artifacts do not show confirmation, backup, exact scoping, or reversibility.
There is no install spec and the included scripts are wrappers that call hard-coded helper scripts outside the provided manifest, so the main auth-refresh implementation cannot be reviewed.
The Linux GUI stack, Chromium CDP, x11vnc, and mcporter use are disclosed and purpose-aligned, but registry metadata declares no OS restriction or required binaries, so users may miss the operational/security setup requirements.
The skill reuses the same browser profile/session and writes cookies to ~/.mcporter/mcporter.json, creating persistent delegated access to the user's Gemini/Google session.
Guidance
Install or invoke this only if you intentionally want an agent to reuse your logged-in Google/Gemini browser session. Audit the external /home/moltuser/clawd helper scripts first, lock down Chromium remote debugging and x11vnc, protect ~/.mcporter/mcporter.json, and avoid using it on shared or untrusted hosts.
Latest Release
v1.0.0
Initial release: automate Gemini MCP (gemini-webapi-mcp) on/off/auth refresh, current-tab navigation to gemini.google.com, tab-level cookie extraction (__Secure-1PSID/TS), smoke/status checks, and full GUI stack cleanup. Designed for frequent cookie expiration; requires one-time Chromium login.
Popular Skills
Published by @spiceman161 on ClawHub
