All skills
Skillintermediate

Gemini CLI Invocation

- Model: `gemini-3.1-pro-preview` - Extensions: `code-review`, `gemini-cli-security`

Claude Code Knowledge Pack7/10/2026

Overview

Gemini CLI Invocation

Default Configuration

  • Model: gemini-3.1-pro-preview
  • Extensions: code-review, gemini-cli-security

Key Flags

FlagPurpose
-p <prompt>Non-interactive (headless) mode
--yolo / -yAuto-approve all tool calls
-m <model>Model selection
-e <ext>Load specific extension(s)

Scope-to-Diff Mapping

Gemini does not have built-in scope flags like Codex. Map the user's scope choice to the correct git diff command:

ScopeDiff command
Uncommittedgit diff HEAD (captures both staged and unstaged)
Branch diffgit diff <branch>...HEAD
Specific commitgit diff <sha>~1..<sha>

Important: For uncommitted scope, use git diff HEAD not bare git diff. Bare git diff misses staged changes.

Code Review (General, Performance, Error Handling)

For uncommitted changes, the /code-review extension automatically picks up the working tree diff:

gemini -p "/code-review" \\
  --yolo \\
  -e code-review \\
  -m gemini-3.1-pro-preview

For branch diffs or specific commits, pipe the diff with a prompt header (avoids heredocs — diffs contain $ and backticks that break shell expansion):

git diff <branch>...HEAD > /tmp/review-diff.txt
{ printf '%s\
\
' 'Review this diff for code quality issues. <focus prompt>'; \\
  cat /tmp/review-diff.txt; } \\
  | gemini -p - -m gemini-3.1-pro-preview --yolo

Security Review

The /security:analyze extension is interactive-only, so use headless mode with a security-focused prompt instead:

git diff HEAD > /tmp/review-diff.txt
{ printf '%s\
\
' 'Analyze this diff for security vulnerabilities, including injection, auth bypass, data exposure, and input validation issues. Report each finding with severity, location, and remediation.'; \\
  cat /tmp/review-diff.txt; } \\
  | gemini -p - -e gemini-cli-security -m gemini-3.1-pro-preview --yolo

When security focus is selected, only run the supply chain scan if the diff touches dependency manifest files:

# Check whether dependency files changed before scanning
git diff --name-only <scope> \\
  | grep -qiE '(package\\.json|package-lock|yarn\\.lock|pnpm-lock|Gemfile|\\.gemspec|requirements\\.txt|setup\\.py|setup\\.cfg|pyproject\\.toml|poetry\\.lock|uv\\.lock|Cargo\\.toml|Cargo\\.lock|go\\.mod|go\\.sum|composer\\.json|composer\\.lock|Pipfile)' \\
  && gemini -p "/security:scan-deps" \\
       --yolo \\
       -e gemini-cli-security \\
       -m gemini-3.1-pro-preview

Skip the scan when only non-dependency files changed. The scan analyzes the entire project's dependency tree regardless of diff scope, so it adds significant time for no value when dependencies weren't touched.

Adding Project Context

If project context was requested, prepend it to the prompt:

git diff HEAD > /tmp/review-diff.txt
{ printf 'Project conventions:\
---\
'; \\
  cat CLAUDE.md; \\
  printf '\
---\
\
%s\
\
' '<review instructions and focus>'; \\
  cat /tmp/review-diff.txt; } \\
  | gemini -p - -m gemini-3.1-pro-preview --yolo

Error Handling

ErrorAction
gemini: command not foundTell user: npm i -g @google/gemini-cli
Extension missingTell user: gemini extensions install <github-url>
-e security silently ignoredUse -e gemini-cli-security (the actual installed name)
TimeoutInform user, suggest scoping down the diff

Extension Install Commands

gemini extensions install https://github.com/gemini-cli-extensions/code-review
gemini extensions install https://github.com/gemini-cli-extensions/security

Note: The security extension installs as gemini-cli-security (not security). Always use -e gemini-cli-security when loading it.