Coarse-grained tool permissions requiring excessive babysitting

5/10 Medium

Gemini CLI lacks support for tool subcommands (e.g., git status vs git rm), forcing developers to grant all-or-nothing permissions for entire binaries like `git`, `gh`, `vercel`, or `supabase`. Users must constantly babysit permission requests instead of setting granular policies.

Gemini CLI Git

Sources

https://github.com/google-gemini/gemini-cli/discussions/7432

Collection History

Query: “What are the most common pain points with Gemini API for developers in 2025?”3/30/2026

Gemini doesn't support tool subcommands. Instead of always allowing `git status` and always requiring permission for `git rm, git push, git switch, etc.` you have to babysit each call because you can only give it full permissions for `git` binary itself.

Created: 3/30/2026Updated: 3/30/2026