A Fake-Sandbox for Google Apps Script: A Feasibility Study on Securely Executing Code Generated by Gemini CLI

Gists

A Fake-Sandbox for Google Apps Script: A Feasibility Study on Securely Executing Code Generated by Gemini CLI

Abstract

Generating Google Apps Script (GAS) with Gemini CLI from natural language introduces security risks due to broad permissions. This report investigates a “Fake-Sandbox” using the gas-fakes library, translating GAS calls into granularly-scoped API requests to securely execute scripts created from user prompts.

Introduction

1. Background: Generative AI and the Challenge of Secure Script Execution

The emergence of Generative AI now makes it possible to generate executable scripts directly from natural language instructions, particularly through interfaces like the Gemini CLI. For locally executable languages such as JavaScript (Node.js) and Python, code generated from a simple prompt can be run directly. However, Google Apps Script (GAS) presents a unique challenge as it operates within Google’s server-side infrastructure. Executing locally generated GAS code requires the remote invocation of a server-side function via the scripts.run method of the Apps Script API. This process highlights the critical need for a sandbox environment to manage permissions effectively and mitigate the risks associated with executing code generated from natural language, which can sometimes produce unintended or insecure outcomes.

Updated: GAS Library - ToolsForMCPServer

ToolsForMCPServer was updated to v1.0.27

  • v1.0.27 (August 22, 2025)

    1. Following 6 tools for Google Analytics were added.

      • analytics_admin_accountSummaries_list: Retrieves a list of all Google Analytics accounts accessible by the current user
      • analytics_admin_properties_get: Get detailed information about a single Google Analytics property
      • analytics_data_properties_runReport: Fetches a custom report from a Google Analytics property
      • analytics_data_properties_runRealtimeReport: Generates a customized report of real-time event data from a Google Analytics property

You can see the detailed information here https://github.com/tanaikech/ToolsForMCPServer

Streamlining Web Page Insights with Natural Language using Gemini CLI, Google Analytics, and MCP

Gists

Streamlining Web Page Insights with Natural Language using Gemini CLI, Google Analytics, and MCP

Abstract

This report introduces a powerful method for automating Google Analytics tasks using the Gemini CLI and a custom MCP (Model Context Protocol) server built with Google Apps Script. This integration enables streamlined web page analysis through simple natural language commands, simplifying authorization and complex data retrieval workflows.

Introduction

Accessing and interpreting web analytics data often involves navigating complex interfaces and manual report generation. However, the emergence of natural language interfaces is changing this paradigm. Gemini CLI, when paired with MCP servers, allows users to orchestrate sophisticated, multi-step workflows using conversational commands. This creates a more intuitive and efficient way to interact with powerful services like Google Analytics.

Unifying Google Workspace with Natural Language: Integrated Collaboration through Gemini CLI and MCP

Gists

Unifying Google Workspace with Natural Language: Integrated Collaboration through Gemini CLI and MCP

Abstract

This document demonstrates a transformative method for unifying Google Workspace applications by using natural language. Through the integration of the Gemini CLI with MCP, this approach empowers users to intuitively manage Google Drive, Gmail, Google Calendar, Drive Activity, and Google People. Complex tasks and collaborative workflows are streamlined into simple, conversational text commands.

Introduction

In today’s dynamic, collaborative environments, managing document workflows, tracking changes, and coordinating team efforts can be fragmented and inefficient. This article introduces a powerful solution that unifies these processes by leveraging the Gemini CLI and MCP (Model Context Protocol). This integration breaks down the barriers between applications, allowing users to orchestrate complex tasks across Google Workspace with natural language prompts. Whether you’re finding a file in Drive, checking its comment history, retrieving contributor details from Contacts, and drafting a thank-you email in Gmail, these actions can now be executed from a single, conversational interface, dramatically boosting productivity.

Next-Level Classroom Automation: Gemini CLI, Google Classroom, and MCP

Gists

Next-Level Classroom Automation: Gemini CLI, Google Classroom, and MCP

Abstract

Automate Google Classroom management with natural language. This guide details using the Gemini CLI and an MCP server to streamline creating classes, managing assignments, and interacting with students.

Introduction

Unlock the power of natural language to command your Google Workspace. I’ve recently demonstrated how you can automate Google Workspace applications using simple, conversational commands through the Gemini CLI and the MCP (Model Context Protocol) server.

Updated: GAS Library - MCPApp

MCPApp was updated to v2.0.7

  • v2.0.7 (August 6, 2025)

    1. Starting with v2.0.7, you can now selectively enable or disable the LockService.

      • By default, this library runs with the LockService enabled. To disable it, simply modify return new MCPApp.mcpApp({ accessKey: "sample" }) to return new MCPApp.mcpApp({ accessKey: "sample", lock: false }).
      • When the LockService is disabled (lock: false), asynchronous requests from clients like the Gemini CLI may see an increase in processing speed. However, it’s important to note that the maximum number of concurrent requests must not exceed 30. Please use this option with caution.

You can see the detail information here https://github.com/tanaikech/MCPApp

Enhanced Guide to Using Prompts in Gemini CLI

Gists

Abstract

This report provides a comprehensive overview of how to utilize prompts within the Gemini Command-Line Interface (CLI). Leveraging a Google Apps Script MCP server, we will explore practical examples, including roadmap generation, real-time weather inquiries, and Google Drive file searches. This enhanced document offers more in-depth explanations and a broader context to empower users in their understanding and application of these powerful features.

Introduction

The Model Context Protocol (MCP) establishes a standardized framework for servers to offer clients predefined, structured prompt templates. These user-controllable prompts, customizable with arguments, are engineered to streamline interactions with large language models. The Gemini CLI, starting with version v0.1.15, integrates support for these prompts, significantly expanding its capabilities.

Updated: GAS Library - ToolsForMCPServer

ToolsForMCPServer was updated to v1.0.12

  • v1.0.12 (July 31, 2025)

    1. At Gemini CLI v0.1.15, prompts/list was called even when prompts wasn’t included in capabilities. This resulted in the error Error discovering prompts from gas_web_apps: MCP error -32001: Request timed out when prompts wasn’t returned for prompts/list. To resolve this, I updated ToolsForMCPServer to return an empty array for prompts, which eliminated the error. Consequently, with this update in v1.0.12, you can now set custom prompts and resources.

You can see the detailed information here https://github.com/tanaikech/ToolsForMCPServer

Google OAuth Verification & Application Privacy Policy

Registered Application Name: Workspace & Gemini AI Orchestration Engine

Application Purpose & Core Functionality:

This web page serves as the official homepage and privacy compliance interface for the application "Workspace & Gemini AI Orchestration Engine". This specialized developer utility is designed to research, benchmark, and optimize advanced integrations between Google Workspace services, the Google Apps Script API, and Gemini AI models (via Google Vertex AI / Gemini API endpoints).

The application facilitates automated multi-agent scaffolding, programmatic script deployment, project resource management, and structural analysis of Google Apps Script projects. It allows developers and autonomous AI agents (operating via Model Context Protocol / MCP) to securely evaluate execution performance, implement high-performance batch requests, and test agent-to-agent (A2A) workflows within a controlled and structured environment.

Google User Data Policy Compliance Statements:

1. Data Access & Specific Usage

Our application explicitly requests access to specific Google user accounts through OAuth scopes required strictly for interacting with the Google Apps Script API and Google Workspace endpoints. This access is utilized solely to execute user-initiated or agent-orchestrated programmatic operations—such as creating, modifying, deploying, or benchmarking script projects and executing automated workflows. No background automated extraction occurs without explicit session initiation.

2. Data Storage & Zero-Retention Policy

Adhering to a strict Zero-Retention Model, this application does not store, log, or persist any personal data, OAuth tokens, script source codes, or Google account configurations on any external server, database, or persistent storage medium. All data processing and API responses are handled entirely in-memory or securely on the client side within the active session context, ensuring complete cryptographic transient isolation.

3. Data Sharing & Third-Party Non-Disclosure

We maintain absolute data privacy. No data accessed via Google OAuth scopes is shared, sold, rented, or transferred to third-party entities, advertising networks, or data brokers. All data transmissions are strictly point-to-point, encrypted in transit using industry-standard protocols, and limited entirely to the direct channel between the execution environment and Google's official API gateways.

For inquiries regarding this developer application, technical benchmarks, or verification compliance, please refer to the official documentation and repositories linked on this homepage (tanaikech.github.io).