Guard

Gemini CLI Integration

Integrate AIVory Guard with Gemini CLI, Google’s command-line interface for Gemini AI models, to enable compliance and security scanning in your terminal workflow.

  • Shell-based Integration - Use wrapper scripts, aliases, or direct prompts
  • No MCP Required - Works via npx commands that Gemini can execute
  • Flexible Options - Choose from prompting, wrapper scripts, or aliases
  • Full Compliance Coverage - Access all 17+ compliance standards
Note Gemini CLI doesn’t natively support MCP, so integration uses shell commands that Gemini can execute on your behalf.

Prerequisites

Before you begin:


Installation

Install Gemini CLI globally:

npm install -g @google/generative-ai-cli

Configure your Google AI API key:

gemini-cli config set apiKey YOUR_GOOGLE_AI_API_KEY
Note Get your Google AI API key from aistudio.google.com - it’s free to get started.

Integration Options

Choose the integration method that best fits your workflow.

Direct Prompting
Ask Gemini to run AIVory scan commands directly in chat
Shell Wrapper
Create a custom script that auto-scans after Gemini sessions
Shell Alias
Simple alias for quick compliance-aware AI assistance

Option 1: Direct Prompting

The simplest approach - ask Gemini to run AIVory scans directly in your chat session.

gemini-cli chat "Scan this code for OWASP compliance using this command: npx @aivorynet/guard scan file.js"
Note Be specific in your prompts. Tell Gemini exactly which file to scan and which compliance standard to check.

Option 2: Shell Wrapper Script

Create a wrapper script that automatically runs compliance scans after your Gemini chat sessions.

Create ~/bin/gemini-secure:

#!/bin/bash
# Gemini CLI with automatic compliance scanning

gemini-cli chat "$@"

# After chat, scan workspace
echo "Running AIVory compliance scan..."
npx --yes @aivorynet/guard scan .

Make it executable:

chmod +x ~/bin/gemini-secure
Note Ensure ~/bin is in your PATH, or place the script in a directory that is.

Option 3: Shell Alias

Add a quick alias to your shell configuration for compliance-aware AI assistance.

Add to ~/.bashrc or ~/.zshrc:

alias gemini-scan="gemini-cli chat 'First, help me with my request. Then scan all changed files using: npx @aivorynet/guard scan'"

Reload your shell configuration:

source ~/.bashrc  # or source ~/.zshrc

Use it:

gemini-scan "Write a user authentication function"

API Key Configuration

For full access to all compliance standards and unlimited scans, configure your AIVory API key.

export AIVORY_API_KEY="your_api_key_here"
Note Get your AIVory API key from app.aivory.net/tokens. Add the export to your shell profile for persistence.

Troubleshooting

Common Issues

Gemini CLI Not Found

# Reinstall globally
npm install -g @google/generative-ai-cli

AIVory Scan Not Running

  • Ensure Node.js 18+ is installed
  • Check that npx is available in your PATH
  • Verify your AIVORY_API_KEY is set correctly

Permission Denied on Wrapper Script

chmod +x ~/bin/gemini-secure

Shell Alias Not Working

  • Ensure you’ve reloaded your shell config: source ~/.bashrc
  • Check for typos in the alias definition
Advanced: Custom Standards

Scanning Specific Standards

You can target specific compliance standards in your scans:

# OWASP Top 10 only
npx @aivorynet/guard scan --standards OWASP_TOP_10 file.js

# Multiple standards
npx @aivorynet/guard scan --standards GDPR,HIPAA,SOC2 .

Environment Variables

Variable Description
AIVORY_API_KEY Your AIVory API key for full access
AIVORY_ENABLED_STANDARDS Comma-separated list of standards
AIVORY_LOG_LEVEL Logging verbosity (debug, info, warn, error)

Next Steps