Load extension settings for hooks, agents, skills

[chrstnb]

Summary

Extensions can define custom settings (e.g., API keys, model names, paths) that users can configure. These settings are then made available to the various components of the extension: hooks, skills, and agents.

Details

Provide these values in the following ways:

1. Environment variable injection for hooks.
2. Text variable hydration for skills and agents.

Related Issues

Fixes https://github.com/google-gemini/maintainers-gemini-cli/issues/1282

How to Validate

1. Defining Settings

Extensions define their settings in gemini-extension.json.

{
  "name": "my-extension",
  "version": "1.0.0",
  "settings": [
    {
      "name": "API Key",
      "description": "Your API Key for the service",
      "envVar": "MY_SERVICE_API_KEY",
      "sensitive": true
    },
    {
      "name": "Model Name",
      "description": "The model to use",
      "envVar": "MY_MODEL_NAME"
    }
  ]
}

2. Usage in Components

A. Hooks (Command Hooks)

For hooks, which execute external shell commands, settings are injected as environment variables. This is the standard and most secure way to pass configuration to subprocesses.

Example hooks/hooks.json:

{
  "hooks": {
    "postCommand": [
      {
        "command": "python script.py",
        "name": "My Hook"
      }
    ]
  }
}

Behavior:
When python script.py is executed, the process environment will contain:

• MY_SERVICE_API_KEY=...
• MY_MODEL_NAME=...
• Standard variables like GEMINI_PROJECT_DIR.

Note: You do not need to use ${VAR} syntax in the command string itself unless you want to substitute it into the command line arguments (e.g., echo ${MY_MODEL_NAME}). However, relying on the environment variable inside your script is generally cleaner and safer.

B. Agent skills

For skills defined in skills/SKILL.md, settings are applied via text variable hydration. You can use ${VAR_NAME} placeholders anywhere in the file (frontmatter or body).

Example skills/my-skill/SKILL.md:

---
name: my-skill
description: Uses the ${MY_MODEL_NAME} model.
---
To perform this task, use the API key: ${MY_SERVICE_API_KEY}.

Behavior:
When the extension is loaded, ${MY_SERVICE_API_KEY} and ${MY_MODEL_NAME} are replaced with their configured values before the skill is registered with the system.

C. Agents

For local agents defined in agents/my-agent.md, settings are also applied via text variable hydration. This is particularly useful for parametrizing the system prompt.

Example agents/my-agent.md:

---
name: my-agent
model: ${MY_MODEL_NAME}
---
You are a helpful assistant. Always use the API key ${MY_SERVICE_API_KEY} when making requests.

Behavior:
The system prompt and frontmatter fields are hydrated with the user's settings upon load.

3. Configuration & updates

Configure settings using the CLI command:

gemini extensions config my-extension
# or specific setting
gemini extensions config my-extension MY_MODEL_NAME

Pre-Merge Checklist

• Updated relevant documentation and README (if needed)
• Added/updated tests (if needed)
• Noted breaking changes (if any)
• Validated on required platforms/methods:
  • MacOS
    • npm run
    • npx
    • Docker
    • Podman
    • Seatbelt
  • Windows
    • npm run
    • npx
    • Docker
  • Linux
    • npm run
    • npx
    • Docker

[gemini-code-assist]

Summary of Changes

Hello @chrstnb, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the Gemini CLI extension ecosystem by ensuring that extension settings are dynamically loaded and applied across all components—hooks, agent skills, and agents. It introduces a mechanism to restart extensions upon configuration changes, guaranteeing that updates take effect immediately. This improves the developer experience by making extension settings more robust, flexible, and responsive to user modifications.

Highlights

• Real-time Setting Updates: Implemented a mechanism to restart extensions automatically after configuration changes, ensuring that updated settings are applied immediately without requiring a manual CLI restart.
• Enhanced Settings Hydration: Enabled the dynamic injection of extension settings into agent system prompts and skill bodies through text variable replacement, and into command hooks as environment variables.
• Flexible Variable Context: Expanded the VariableContext type to support more flexible and arbitrary variable names, improving the extensibility of extension settings.
• Hook Environment Variable Support: Added explicit support for defining environment variables within CommandHookConfig and ensured that hydrated extension settings are merged into these, making them accessible to hook commands.
• Comprehensive Testing: Introduced new dedicated tests to validate the correct hydration of settings across skills, agents, and hooks, as well as the functionality of the new restartExtension method.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[github-actions]

Size Change: +1.42 kB (+0.01%)

Total Size: 23.4 MB

Filename	Size	Change
./bundle/gemini.js	23.4 MB	+1.42 kB (+0.01%)

ℹ️ View Unchanged

Filename	Size
./bundle/sandbox-macos-permissive-closed.sb	1.03 kB
./bundle/sandbox-macos-permissive-open.sb	890 B
./bundle/sandbox-macos-permissive-proxied.sb	1.31 kB
./bundle/sandbox-macos-restrictive-closed.sb	3.29 kB
./bundle/sandbox-macos-restrictive-open.sb	3.36 kB
./bundle/sandbox-macos-restrictive-proxied.sb	3.56 kB

_{compressed-size-action}

[gemini-code-assist]

Code Review

This pull request introduces a crucial feature for improving the developer experience with extensions: settings are now immediately applied to hooks, skills, and agents upon configuration by restarting the extension. However, two significant security vulnerabilities have been identified. First, a high-severity Command Injection vulnerability exists due to improper escaping of variables substituted into shell commands within hooks. Second, a critical Information Disclosure vulnerability allows sensitive environment variables from .env files to be unintentionally leaked into extension hook execution environments. It is recommended to apply proper shell escaping for command variables and to explicitly construct hook environments using only intended settings.

[chrstnb]

/gemini review

[gemini-code-assist]

Code Review

The pull request successfully implements extension setting hydration for hooks, agent skills, and agents, introducing a restartExtension mechanism for real-time configuration updates. However, it also introduces a critical command injection vulnerability. This occurs because extension settings loaded from the workspace's .env file are used for raw string substitution in shell commands without proper trust checks, potentially allowing arbitrary code execution on the user's machine. While the overall implementation aligns with the stated goals and includes new test cases, addressing this security flaw is paramount. Recommendations for remediation, focusing on enforcing workspace trust and avoiding insecure string hydration in sensitive sinks, have been provided.

[gemini-cli]

Hi there! Thank you for your contribution to Gemini CLI. We really appreciate the time and effort you've put into this pull request.

To keep our backlog manageable and ensure we're focusing on current priorities, we are closing pull requests that haven't seen maintainer activity for 30 days. Currently, the team is prioritizing work associated with 🔒 maintainer only or help wanted issues.

If you believe this change is still critical, please feel free to comment with updated details. Otherwise, we encourage contributors to focus on open issues labeled as help wanted. Thank you for your understanding!