Google Workspace CLI Built for AI Agents Ships 100+ Skills

Google has released gws, an unofficial command-line interface for Google Workspace that represents a fundamental shift in how developer tools approach AI agent integration. The project, published March 2, 2026 by Justin Poehnelt, a Senior Developer Relations Engineer at Google, gained immediate traction in the developer community—accumulating more forks in hours than most tools see in months. What makes this release significant isn't just another CLI, but its core architectural thesis: the primary user might not be human.

Dynamic Command Generation from API Documentation

Unlike traditional CLIs with hardcoded command structures, gws builds its entire interface dynamically from Google's Discovery Documents—machine-readable specifications of every Google API. The tool implements two-phase argument parsing: first identifying the target service (Drive, Gmail, Calendar, etc.), then fetching and caching the Discovery Document to generate the complete command tree before parsing the remaining arguments.

This architecture means when Google adds or modifies API endpoints, gws automatically reflects those changes without code updates. The Discovery Documents are cached for 24 hours, and the CLI literally rewrites its own interface from Google's published documentation. Core modules (discovery.rs, commands.rs, executor.rs) handle document parsing, recursive command building with clap, and HTTP request execution respectively.

Agent-First Design Principles

Poehnelt published a design document titled "You Need to Rewrite Your CLI for AI Agents" outlining seven principles that distinguish agent-optimized tools from human-optimized ones. The central tenet: "The agent is not a trusted operator. Build like it." This treats adversarial inputs as the baseline, not an edge case.

Rather than custom flags for every parameter, gws accepts raw JSON payloads matching Google's API schemas directly via --params and --json flags. This eliminates the translation layer between CLI syntax and API structure—agents work with the actual API format. A built-in gws schema command provides runtime schema introspection, letting agents discover exact payload structures without hallucinating parameter names from documentation.

Context window discipline is enforced through field masks (--fields) to limit response size and --page-all for auto-pagination as newline-delimited JSON, reducing token waste when agents consume output. Authentication uses AES-256-GCM encryption with OS keyring storage, supporting multi-account workflows and headless operation via environment variables.

100+ Prebuilt Agent Skills

The repository ships with over 100 SKILL.md files—structured Markdown documents with YAML frontmatter defining discrete agent capabilities. Each skill includes task description, required parameters, example invocations, and expected outputs. These serve as prompt-ready instructions for Keychains.dev: Secure Credential Proxy for AI Agents to execute complex Google Workspace operations.

The project also includes 10 "persona packs"—collections of skills bundled for specific roles or workflows. This transforms gws from a simple API wrapper into a library of composable agent behaviors that LLM-based systems can invoke directly.

Technical Implementation

Built in Rust and distributed via npm (@googleworkspace/cli), Cargo, and Nix, the tool runs on version 0.3.5 as of this writing. Key dependencies include clap 4 for CLI parsing, reqwest 0.12 with rustls-tls for HTTP, tokio for async runtime, serde for serialization, and yup-oauth2 for authentication flows. The npm-for-Rust distribution sparked debate on Hacker News but enables wider adoption among JavaScript-heavy workflows.

The tool supports multiple interfaces beyond the CLI binary: an MCP (Model Context Protocol) server for agentic frameworks, Gemini CLI extension support, and programmatic access patterns. Dry-run mode (--dry-run) provides safety rails for all mutating operations, and Model Armor integration sanitizes responses to prevent injection attacks.

Implications for the AI Ecosystem

This release signals a broader pattern in developer tooling: optimization for machine consumption as a first-class concern. Traditional CLI design prioritizes human discoverability (helpful error messages, intuitive flag names, colorful output). Agent-first design prioritizes predictability, structured output, and defensive input handling.

The dynamic command generation from API documentation could become a template for other tool builders. Rather than maintaining parallel CLI implementations that lag behind API changes, tools can treat their API specs as the source of truth. For agentic workflows that need reliable, up-to-date interfaces to external services, this pattern reduces integration fragility.

The SKILL.md system also represents an interesting middle ground between raw API access and high-level abstractions. Rather than forcing agents to learn complex API choreography or limiting them to predetermined workflows, it provides composable building blocks with clear contracts. This could inform how other tool authors package agent-facing capabilities.

Source: Reading.sh article by JP Caparas, covering the googleworkspace/cli repository and Justin Poehnelt's design principles published March 4, 2026.