This Gemini CLI extension provides a secure, sandboxed environment for developing and testing Google Apps Script (GAS) projects locally. It leverages Bruce Mcpherson's gas-fakes library to create a safe sandbox for executing GAS, which is particularly useful when working with AI-generated code.
Google Apps Script is a powerful platform for automating Google Workspace, but its permission model can be dangerously broad. When you run a script, it often requires extensive, irrevocable access to your Google account and data. This presents a significant security concern, especially when using code generated by AI or from untrusted sources. You are essentially giving a black box full access to your digital life.
This extension is designed to solve this problem by providing a local development environment where you can safely execute and test Google Apps Script code without granting it any permissions to your Google account.
- Secure Sandbox: Uses
gas-fakesto create a sandboxed environment, preventing scripts from accessing your Google account or any sensitive data. - Local Development: Develop and test your Google Apps Script projects on your local machine.
- Easy Project Setup: Quickly initialize a new Google Apps Script project with the necessary configuration for local development.
- AI-Friendly: Ideal for experimenting with AI-generated Google Apps Script code without security risks.
- Conversational Automation: Integrates with the Model Context Protocol (MCP) to allow for conversational automation of Google Workspace tasks.
To learn more about managing Gemini CLI Extensions, including installation, uninstallation, and updates, please see the official documentation.
-
Install the extension:
gemini extensions install https://github.com/mhawksey/gas-fakes-ext
-
Navigate to your working directory and start Gemini:
gemini
This extension provides the following commands under the gas namespace. These can be run directly within the Gemini prompt using /gas:<command>.
Initializes a new Google Apps Script project in the current directory. It creates the following files and directories:
.
├── .clasp.json
├── .claspignore
├── node_modules/
├── package.json
├── run.js
└── src/
└── Code.js
After running /gas:init, you can ask Gemini to install the dependencies and test your script.
Generates a Google Apps Script file (src/Code.js) and a corresponding runner script (run.js) based on your prompt. This is useful for quickly scaffolding a script from a natural language description.
Example:
/gas:new "create a new Google Doc and write 'Hello, World!' to it"
This extension includes a GEMINI.md file, which provides system instructions to the Gemini model. This file contains information about how to use the gas-fakes library, ensuring that the model can generate code that is compatible with the sandboxed environment.
When you use the /gas:new command, the contents of GEMINI.md are automatically included in the prompt, providing the model with the necessary context to generate safe and effective Google Apps Script code.
This extension also includes tools for integrating with Model Context Protocol (MCP) servers. MCP allows Gemini to discover and interact with external tools and services, enabling powerful conversational automation workflows.
This project includes a script to run the gas-fakes library as a local MCP server. This allows Gemini to interact with the sandboxed Google Apps Script environment, discover its capabilities, and execute scripts within it. The packaged MCP server now exposes advanced sandbox controls, allowing for fine-grained control over the execution environment.
For more information on this approach, see this article: Secure and Conversational Google Workspace Automation: Integrating Gemini CLI with a gas-fakes MCP Server
For more direct interaction with Google Workspace APIs, you can use the official Google Workspace MCP. This tool allows you to interact with Google Workspace services directly from the Gemini CLI.
For more information, see the official documentation: Use Large Language Models (LLMs) to develop on Google Workspace
This extension uses Bruce Mcpherson's gas-fakes library, which emulates the Google Apps Script environment locally. The run.js script sets up a secure sandbox using Node.js's vm module and executes your GAS code within that sandbox. This prevents the script from accessing any external resources or APIs, ensuring a safe execution environment.
The sandbox can be configured to have granular control over which files a script can access, providing a safe way to test scripts that interact with your Google Drive files.
The packaged MCP server exposes a number of advanced controls that allow you to fine-tune the sandbox environment. These controls can be passed as parameters to the run-gas-fakes-test tool.
strictSandbox(boolean): Whentrue(andsandboxModeis active), attempts to access non-whitelisted, non-session files will throw an error. Iffalse, access is allowed.cleanup(boolean): Iftrue,ScriptApp.__behavior.trash()moves all session-created files to Google Drive trash. Set tofalseto leave artifacts for inspection.whitelistItems(array of objects): Use this to access existing files on Google Drive. Provide an array of objects, where each object has a file ID and optional read/write/trash permissions.[ { id: "FILE_ID_1", write: true }, { id: "FILE_ID_2", read: true, trash: false }, ]
serviceControls(object): Per-service settings that override global settings. The key is the service name (e.g.,'DriveApp').{ "DriveApp": { "enabled": false }, "SpreadsheetApp": { "sandboxMode": false }, }
methodWhitelist(object): An object where the key is the service name and the value is an array of permitted method names.{ "DriveApp": ["getFiles", "createFile"], }
This extension builds upon the work of Bruce Mcpherson and his gas-fakes library. The concept of a secure sandbox for AI-generated Apps Script is further explained in this article by Bruce Mcpherson. This Gemini CLI Extension would also not have been possible without the contributions of Kanshi Tanaike, whose work on the gas-fakes sandbox and MCP server has been instrumental in the development of this extension.