> For the complete documentation index, see [llms.txt](https://docs.gomboc.ai/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.gomboc.ai/orl/agent-skills/gomboc-enterprise-skills/gemini-enterprise.md). # Gemini (Enterprise) {% hint style="info" %} This plugin is distributed only as a private zip package shared via Google Drive during Gomboc Enterprise onboarding. It is not published on any public marketplace. {% endhint %} #### What you will set up By the end of this guide, you will have: * The Gomboc Enterprise plugin package extracted locally on your machine * The `gomboc` Gemini CLI extension installed locally * A valid `GOMBOC_API_TOKEN` configured for the extension * Docker available so the ORL container runtime can run * A working Gemini CLI flow for Gomboc enterprise remediation and rule workflows For background on ORL, see [ORL (Open Remediation Language)](/orl.md). For Gomboc rule concepts, see [Rules](/policy-management/rules.md) #### Who this is for This guide is for Gomboc Enterprise customers who: * use [Gemini CLI](https://github.com/google-gemini/gemini-cli) as their coding agent * have a valid Gomboc Enterprise subscription * need enterprise remediation, rule authoring, or rule publishing workflows *** #### Prerequisites Before you start, make sure you have the following. **Gemini CLI** * Gemini CLI must be installed and authenticated on your machine. * Confirm the extension manager is available: `gemini extensions list` For Gemini CLI extension internals, see the [Gemini CLI Extensions reference](https://google-gemini.github.io/gemini-cli/docs/extensions/). **Enterprise Skills Plugin Package** * The plugin is distributed as a zip package via a Google Drive link shared by your Gomboc contact during onboarding. * Download the zip and extract it to a stable location on your machine (for example `~/gomboc/gomboc-enterprise-skills/`). The same extracted folder works for all four supported agent runtimes; you only need to do this once. * To upgrade later, download the new zip your Gomboc contact provides and replace the extracted folder (or extract alongside and re-point the install commands to the new path). {% hint style="info" %} The zip contains the full plugin — every per-agent manifest (`plugin.json`, `gemini-extension.json`, `.codex-plugin/plugin.json`, `.cursor-plugin/plugin.json`) plus all skills, commands, and reference files. {% endhint %} **Gomboc API token** * You need a valid `GOMBOC_API_TOKEN`. See [Generate A Personal Access Token](/getting-started/generate-a-personal-access-token.md). **Docker (for the ORL runtime)** * The Gomboc Enterprise extension runs ORL through the public `gombocai/orl:latest` container image, managed automatically by the agent. * Install Docker Desktop or Docker Engine for your operating system and confirm the daemon is running: `docker info` For ORL concepts, see [Custom Rules Quickstart](/orl/quickstart.md) *** #### **Step 1: Download and extract the plugin package** Download the zip file from the Google Drive link your Gomboc contact provided and extract it: ```bash # Example — adjust the zip filename and destination to match your setup unzip ~/Downloads/gomboc-enterprise-skills.zip -d ~/gomboc/ ``` For the rest of this guide, the path `~/gomboc/gomboc-enterprise-skills/` refers to the extracted folder. Adjust it to wherever you extracted the zip. Gemini CLI reads the extension manifest from `plugins/gomboc/gemini-extension.json` inside this folder. #### **Step 2: Install the Gomboc enterprise extension** Link the extension from the extracted folder into Gemini CLI. Use the absolute path to `plugins/gomboc/` inside the extracted folder: ```bash gemini extensions link ~/gomboc/gomboc-enterprise-skills/plugins/gomboc ``` `link` creates a symbolic link from the Gemini CLI extensions directory to the extracted plugin folder, so when you receive a new zip from your Gomboc contact and replace the folder contents in place, the updates are picked up automatically on the next Gemini CLI session restart — no separate `update` step is needed. Verify the extension is installed: ```bash gemini extensions list ``` You should see `gomboc` in the list. Restart your Gemini CLI session if it was already running. #### Step 3: Configure your Gomboc token The `gomboc` extension declares `GOMBOC_API_TOKEN` as a required setting (defined in `gemini-extension.json`). When you install the extension, Gemini CLI prompts you for it. Paste the token from [Generate A Personal Access Token](/getting-started/generate-a-personal-access-token.md) when prompted. If you skipped configuration on install, set the token via your shell environment before launching Gemini CLI: ```bash export GOMBOC_API_TOKEN="" ``` {% hint style="info" %} Keep this token private. Do not commit it to source control. {% endhint %} #### **Step 4: Confirm the ORL runtime** The `gomboc` plugin's `orl` skill resolves the runtime for you. It uses a local `orl` binary when one is on your `PATH`, and otherwise runs ORL through the `gombocai/orl:latest` Docker container (pulled automatically on first use). You do not invoke the runtime directly. Verify the integration end-to-end by asking the agent to run the `orl` skill with the `version` subcommand. The skill prints the resolved ORL version and reports the execution method (local binary or container image). In Gemini CLI, run the namespaced command: `/gomboc:orl version` If the call fails (no version returned, or an error referencing the runtime), see ORL runtime not available under [Troubleshooting](#troubleshooting) below. #### Step 5: Run your first Gomboc workflow Once the extension, token, and ORL runtime are in place, launch Gemini CLI in a project directory and use the namespaced slash commands provided by the extension. All commands are registered as `/gomboc:` from `commands/gomboc/*.toml`. **Diagnose a codebase** Use: `/gomboc:diagnose [--policy ]` Scans the target path for security and compliance violations across the loaded Gomboc classifications. **Fix a concrete issue in code** Use: `/gomboc:fix [--files ]` Runs the `analyze-context` → `build-fix` → `apply-fix` pipeline to apply a targeted remediation for a real violation. **Enforce a policy end to end** Use: `/gomboc:enforce [--create-missing] [--publish] [--dry-run]` Runs the full enforcement loop: diagnose, assess rule coverage, apply existing rules, optionally create missing rules, and verify compliance. **Create a classification from a policy document** Use: `/gomboc:new-policy [--org ] [--languages ]` Parses a policy URL, standard ID, or local file and creates a Gomboc classification plus per-language use cases. **Create a reusable rule** Use: `/gomboc:new-rule [--language ] [--use-case-path ]` Builds a production-quality ORL rule from an existing classification, runs the 12-item review, and applies metadata enrichment. **Release or publish a rule** Use: `/gomboc:release [--push]` Releases a reviewed rule package either via PR to the org rule repository or directly to the Gomboc Rules Service. For details about publishing ORL rules, see [Publish](/orl/publish.md) and [Rule Service API](/orl/publish/orl-rule-service-api.md) **Save an in-context fix as a persistent rule** Use: `/gomboc:save-rule [--classification ] [--generalize] [--push]` Promotes a `.gomboc/orl-rules/` package created by `/gomboc:fix` into the org's persistent rule repository. *** #### Troubleshooting Use this section to diagnose the most common setup issues. **Plugin package download or extraction issues** If the zip file provided by your Gomboc contact cannot be downloaded or extracted: * Confirm the Google Drive link is still valid and has not expired. Ask your Gomboc contact to re-share if needed. * Confirm the download completed fully before extracting — a partial download will fail silently or produce an empty folder. * On macOS, if unzipping via Finder produces an incomplete result, prefer the terminal: `unzip ~/Downloads/gomboc-enterprise-skills.zip -d ~/gomboc/` * Confirm you have write access to the destination folder. If you are still unable to obtain the package, contact your Gomboc representative. **Gemini extensions install fails** If the install command fails: * Confirm Gemini CLI is up to date. * Confirm you are pointing at the directory that contains `gemini-extension.json`, i.e. `plugins/gomboc` inside the extracted folder, not the extracted folder's root. * Run `gemini extensions list` to check whether a previous install left a stale entry; remove it with `gemini extensions uninstall gomboc` and retry. **Extension installed but commands do not appear** If `gemini extensions list` shows `gomboc` but `/gomboc:diagnose` and the other commands are missing: * Quit and restart Gemini CLI. Extension changes take effect on session restart. * Confirm the extension is enabled: `gemini extensions enable gomboc`. * For install-based setups, replace the extracted folder with the latest zip your Gomboc contact provides and run `gemini extensions update gomboc`. For link-based setups, just restart Gemini CLI — the symlink picks up changes automatically. **Token configuration errors** If the extension reports authentication or token errors: * Confirm that `GOMBOC_API_TOKEN` is configured for the extension or exported in your shell. * Confirm that the token is valid and has not expired. * Generate or rotate your token — see [Generate A Personal Access Token](/getting-started/generate-a-personal-access-token.md) * Restart Gemini CLI after updating the token. **ORL runtime not available** If a Gomboc command reports that ORL cannot be executed: * Run `docker info` to confirm Docker is installed and the daemon is running. * Pull the image manually to confirm registry access: `docker pull gombocai/orl:latest` * If you maintain a local `orl` binary, confirm it is on `PATH` with `command -v orl`. * Restart your terminal and Gemini CLI after fixing Docker or `PATH`. **ORL command runs but remediation fails** If ORL launches but the workflow does not complete: * Confirm that you are running Gemini CLI from the correct project or workspace. * Confirm that the target files are supported by the workflow you are running. * Confirm that your `GOMBOC_API_TOKEN` is valid. * Review the Gemini CLI output for rule, language, workspace, or authentication errors. For ORL concepts and supported rule workflows, see [ORL (Open Remediation Language)](/orl.md) and [Workspace](/orl/concepts/workspace.md) **Extension updates do not appear** If a new version of the extension is available but Gemini CLI still shows an older version: * Replace the extracted folder contents with the latest zip your Gomboc contact provided. * For `install`-based setups: `gemini extensions update gomboc` * For `link`-based setups, the symlink picks up changes automatically; just restart Gemini CLI. **Still need help?** If you are still blocked, contact the Gomboc team with: * the step where the setup failed * the error message you received * the absolute path to your extracted plugin folder * the output of `gemini extensions list` * the output of `docker info` (or `orl --help`, if you use a local binary) See [Support](/support.md) for support channels. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.gomboc.ai/orl/agent-skills/gomboc-enterprise-skills/gemini-enterprise.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.