Home
Agents
Hooks
Gemini CLI

Gemini CLI

This guide shows how to integrate Gemini CLI with Maybe Don’t using hooks.

Prerequisites

  • Maybe Don’t gateway running in http or sse mode (see Get Started)
  • Gemini CLI installed
  • jq and curl on PATH
  • MAYBE_DONT_URL environment variable set (e.g., http://localhost:8080)

Install the Hook

Export the hook script into your project’s .gemini/hooks/ directory:

mkdir -p .gemini/hooks
maybe-dont hooks export --agent gemini-cli > $GEMINI_PROJECT_DIR/.gemini/hooks/maybe-dont-hook.sh
chmod +x $GEMINI_PROJECT_DIR/.gemini/hooks/maybe-dont-hook.sh

Configure Gemini CLI

Export the config snippet:

maybe-dont hooks export --agent gemini-cli --config

This outputs a JSON snippet to merge into your Gemini CLI settings.json. Update the command path to where you placed the hook script:

{
  "hooks": {
    "BeforeTool": [
      {
        "type": "command",
        "command": "$GEMINI_PROJECT_DIR/.gemini/hooks/maybe-dont-hook.sh"
      }
    ],
    "AfterTool": [
      {
        "type": "command",
        "command": "$GEMINI_PROJECT_DIR/.gemini/hooks/maybe-dont-hook.sh"
      }
    ]
  }
}

Set the gateway URL before starting Gemini CLI:

export MAYBE_DONT_URL="http://localhost:8080"

Supported Events

EventPhaseDescription
BeforeToolPre-toolFires before Gemini CLI executes a tool. The hook can block the tool call.
AfterToolPost-toolFires after tool execution. Observability only — results are logged but cannot be blocked or modified.

Verify It Works

Start Gemini CLI and trigger a tool call. Check the gateway’s audit log for entries — you should see an intercept record for the tool call.

gemini

The hook is silent on allow. On deny, you’ll see stderr output like:

[maybe-dont] WARNING (AfterTool): Policy violation detected for '<tool_name>' — <reason>

Filtering

Gemini CLI hooks support a matcher field that uses regex for tool events (BeforeTool, AfterTool) and exact strings for lifecycle events. Use "*" or omit the matcher to match all tools.

{
  "BeforeTool": [
    {
      "matcher": "write_file|replace",
      "hooks": [
        {
          "type": "command",
          "command": "$GEMINI_PROJECT_DIR/.gemini/hooks/maybe-dont-hook.sh"
        }
      ]
    }
  ]
}

To change what triggers the hook, update the matcher field in your Gemini CLI settings.json. See the Gemini CLI hooks documentation for details.

Agent-Specific Notes

  • Gemini CLI hooks apply to the CLI tool only — not the Gemini Code Assist IDE extension.
  • $GEMINI_PROJECT_DIR resolves to the project root at runtime, ensuring the hook works regardless of the agent’s working directory.
  • Gemini CLI passes tool details as JSON on stdin to the hook script.
CursorCline