Way too risky to use Google services like this tied to your primary account. There’s too much risk of cross damage. Imagine losing access to your Gmail because some Gemini request flags you as an undesirable. The digital death sentence of losing access to your email with a company that notoriously has no way for the average human to contact a human is not worth the risk.
Use a custom domain and don't use google for email.
And if you do use your gmail address just forward it and start to transition to something else. With time everything of importance has been transferred.
How do you even pull away from a Gmail address? I'm nearly twenty years into that service. Getting banned would be absolutely devastating...
Use your own domain to sign up for a paid email service, provided by a company that focuses on email. I use Fastmail, but there are many other options.
Set up forwarding in Gmail to your new address.
Then, whenever you log in to a website or app with your Gmail, take a moment to change it to your new address. In a few weeks, most of your important accounts will be covered. In a few months, almost everything you still actively use will be done.
I did this ~5 years ago and the only thing that still arrives at my Gmail is spam.
I did this but don't forward. Instead, every new email in Gmail I got would prompt me to go update that service's contact info for me.
It probably doesn't matter, but it made me feel a little better because that way Google wouldn't have direct info on to which email/domain I transfered (ignoring other Gmail contacts that start emailing me at my new address(es) ).
Same here but ~8 years.
You can mitigate/speed the process using your password manager too.
I still use a filter in my email so that if something comes in under my Gmail, it gets a special tag that I can filter on and treat those as a todo list. Rarely happens beyond the occasional Google Meet connection.
For quite some time (approx 8 years) I've used an email forwarding (Blur, but any works) to avoid spam.
This looks like perfect case for change of email, since lot of these accounts can be moved out from Gmail by changing the address that email is forwarded too.
Looks like all this hassle with generating a new email for each service pays for the second time (by ease of changing the main mail), in addition to spam and privacy protection.
Solid advice, but I want to double, watch out for things you only log into once a year.
Making a new local account on your machine is a good first step.
^this is the way.
You can buy a domain name for like $10 per year; I recommend getting it from porkbun.com.
Cloudflare.com is good too, EXCEPT if you buy your domain from them, you'll be required to use their nameservers until and unless you transfer your domain elsewhere (which you won't be able to do for a while). Though to be fair, their free DNS is good and lots of people use it anyway. It makes email setup slightly more complicated, but it's still doable.
Spaceship.com also has a pretty good reputation, but I think their customer service isn't as good, they're quite new, and they're owned by Namecheap (a bigger domain registrar with a much worse reputation).
Whatever you do, DO NOT buy from GoDaddy. Do not even search for the domain you're considering on GoDaddy. Literally any option is better than GoDaddy.
By far the most reliable TLD options are .com, .net, and .org. These will look relatively trustworthy for email, and the price stays very very stable from year to year. If you don't want to think about it, just get one of these. You can even still find single dictionary word domains for .org or .net relatively easily.
Do not buy any domain marked "premium". This means the owner of the TLD can change the price at renewal as dramatically as they want, for any reason (e.g. if you have a website hosted at that domain that becomes popular). Your $20 per year domain might suddenly become a $300 or $3000 per year domain for no reason but greed, and you wouldn't be able to do anything about it.
Non-premium nTLD's (.club, .horse, .rocks, .theater, etc) can increase quite dramatically in price, BUT the price is required to be set the same for all domains using that nTLD, so they can't target any individual person for having a successful website or whatever. Also, you can pre-buy up to 10 years, which locks in your price for those 10 years. I'd still not recommend them for a primary email, but it's better than buying a "premium" domain. Just be aware that the yearly price might unexpectedly increase in the future.
Some country code TLD's are also good, but for email, probably stay away from the ones that spammers like to use.
___
Anyway, what I actually originally meant to comment about is: if you set up forwarding from gmail and don't check that account regularly anymore, I recommend setting up a gmail filter rule that forwards all your gmail spam to you (their regular forwarding setting leaves it out and just sends it to the gmail spam folder). It's a little annoying to have to re-flag some of the spam as spam in your new email, but gmail has a habit of marking non-spam as spam for me, and if you're not regularly checking that spam folder you can easily miss important email.
Porkbun have started demanding ID verification for registrations, which depending how you feel about current events might make you reconsider having them on your list
Register your own domain, use a third-party provider to handle actual sending and receiving (I use proton, which makes the setup very easy), forward your Gmail to your personal domain address and as renewals and reminders come in switch your email on services to your personal domain.
After a year or two losing Gmail becomes an inconvenience; after a few more years it is nothing. As everything is now on your own domain name you can switch providers without affecting anything.
That's what I did about 5 years ago and my only regret is not doing it earlier.
I just sold a domain I had for 25 years and used for everything including API endpoints, email, authentication, etc. It took a couple weeks to transition myself and my family/friends.
Pretty sure just moving emails would have take a lot less effort. I had the advantage of keeping the domain until I was ready to move, now imagine Google just turned it off one day and what your workload would be. I shudder to think about having to deal with that.
I moved away from a gmail address that was that old, dating back to the invitation-only days. It had become more spam than not, mostly other people who share my initials not knowing their own email addresses. But the possible devastation you mention was more worrying. It had become too much of a risk for my banking and identity generally to not own my email address.
I got a custom domain. I still host it on google, because I know how impossible it is for small companies to have a reasonable program to deal with insider threats. Because of that, I think only one of the giant companies can realistically provide secure email. And the google app suite is great. Now that I pay for google workspace, there's support and appeals available, and if they ban me anyway, I still control the domain and can regain access to everything.
I have not been able to delete the old address, even after 3 years. There are some things like Google Fi that can only use a non-workplace google account. Very, very rarely, I still get an email that matters on it. But I got to the point where I could stop checking it in about 2 months, and now I look at it about once a week quickly, more out of habit than anything else.
The switch was annoying, but not "hard". It was worth it.
Just start changing addresses. Forward the rest. It takes about a year. Changing your name is way harder and tons of folks do that all the time.
gmail uses IMAP.
make another mailbox (another provider - migadu, fastmail, proton, whoever) that has IMAP as well. (selfhosting.. is PITA. only if u really need it).
install some standalone mail-client - thunderbird, clawsmail, applemail, or k9 , aqua on android, whatever. Attach both mailboxes into that. Find out how to copy an e-mail from one folder into another.
Folder by folder, select all mails, copy from one mailbox into the other. Will take time.
(Beware, some clients (apple) will fuckup the mail-date, anything older than 5 years becomes 5 years old. or it shows like that. YMMV.)
i have made this multiple times, for 20+ years of mails...
Get your own domain so you can easily change providers in the future. Start with your password manager and change the address on all the accounts you have in there.
After a few years you'll notice you stop bothering to check your Gmail and you can delete it to close the address.
If you need motivation, skim the /r/GMail subreddit and see how many people are getting locked out daily.
Do you have a recommendation for a major email provider as a fallback if you have to pick one?
I vaguely recall encountering a service that only accepted addresses from a whitelist of big providers (Gmail, Yahoo, Outlook, etc.), even @icloud did not qualify.
That's a service that doesn't want your business. If you care, message them about it
I've never once run into a service with such a restriction, but I can imagine someone being that short-sighted. I have seen services that only support "log in with Google or Facebook", which is comparably terrible.
Discogs will not let me login with my own domain (of 30 years) and required one of the big providers. It kept complaining about "risky domain". But that is the only incident I can think of.
Discogs
Who? Never heard of them, and it sounds like there's a good reason for that.
I've run into services that will flag specific tlds as invalid.
I have heard of that, yeah. It's still busted, but marginally more understandable if they're dealing with a lot of scams. For instance, `.xyz` and some others have bad reputations. I've never seen something that'll reject an arbitrary self-owned `.org`, by way of example.
It will never be easier than right now. Every day you stay, you dig their moat around you even deeper
I just went through all accounts in my password manager, logged in and changed my email. It takes a little while but not that much.
[deleted]
took about 30 minutes to switch to proton mail
This service is basically a nightmare to export/move away from. 30 minutes to switch to, maybe 30 hours to switch away from.
Sign up at fastmail.com, set up forwarding, change your "reply-to" address. A year later, you'll have nothing arriving in gmail except marketing cruft.
Same. I still have an old Gmail address that receives forgotten but still considered important emails from various services.
What's the playbook for migrating away in this situation?
Companies need to allow you update your personal information including your email. It may need tickets to support but it's doable.
Just have to get started and suffer for a while and make it a practice to switch emails when you log into places.
I switched to fastmail with my own domain.
I went with SimpleLogin.
Although I am increasingly concerned with its longevity since there's a non-zero risk that Proton might shut down SimpleLogin since Proton Pass has its own alias feature.
There was a time back when we could get generic LoginWIth OAUTH butons along with the social media roster , allowing one to use whichever provider they wanted.
Current state of OIDC should be pretty much standard across most providers - it put it that devs need too make the push to support alt login providers for preventing vendor lockin in identity like were currently barreling towards in hardware/software.
This wasn't due to some random Gemini request. Users were using sketchy antigravity auth plugins to use their antigravity tokens on things like OpenClaw, clearly against ToS. It's great that Google is giving these users a second chance.
Yes, our masters once again embarrass us unworthy peons with their endless grace, generosity and forebearance. How lucky we are to entrust our data and our lives to them!
Anyone can buy the tokens via the API and do whatever they want with them.
Its not evil of Google to say "Here is an allotment of steeply discounted tokens, but you can only use them with our services."
It is evil to block your email and hold your photos hostage over it though :)
They only blocked access to Antigravity and GeminiCLI for the offense.
Didn’t they only block Antigravity though, leaving other services available?
I would question the judgment of anyone who thought they would maintain "don't be evil" beyond IPO.
"Google Shuts Down Gmail For Two Hours To Show Its Immense Power"
If a 3rd party product advertises compatibility with a Google service and you use it to login via a first party Google login page, doesn’t the responsibility fall somewhere between the offending product and Google itself? In practice it’s structured pretty much like a phishing attempt.
Notably some model providers explicitly allow that very flow, while others will ban you without notice.
If the "3rd party product" is you selfhosting FOSS, then that's you (OpenClaw users)
Why do you call it self-hosting? It appears to be installable app with a fancy homepage. At what point does the software being covered by an open license changes the responsibility model?
Okay but they were paying customers paying $$$ for the service. Banning your customers without prior warning is not right, however sketchy their behaviour might appear. Even if it's obvious to Google that there's a difference between a Gemini API key and an Antigravity API key, it's not necessarily obvious to others.
The correct and sane thing to do is to send them an email, with at most a 24 hour suspension. If they keep doing it despite being warned then by all means fire them.
The concern is not losing access to some new IDE for operating outside the terms of service. The concern is when you lose access to the IDE, you also lose access to your 20 year old Gmail account.
A general problem for Google products is that everything is mixed together.
But that's not what happened.
It’s be great if Google just revoked antigravity access if terms were violated. No need to disable the entire account.
> just revoked antigravity access
That's exactly what they did, plus Gemini CLI and Code Assist, which are the same product in different formats.
No Google account has been banned for this. People just keep spreading this lie because no one agrees that they have the right to steal the OAuth token.
"steal" is semantically incorrect here.
It's their OAuth token, it's not being stolen. It's just being copied from one place on their computer to another. This is no different than a competing browser importing your localStorage and cookies from Chrome on first launch.
No, the OAuth token is supposed to be used solely with the context of a first-party app only. Clearly, if you need to extract the key by reverse engineering or set up a proxy to spoof requests to a service, you're doing something shady.
> No, the OAuth token is supposed to be used solely with the context of a first-party app only.
The web doesn't work like that. The operators of google.com saying you must only use Chrome to load it is a ridiculous concept. It's not spoofing to use your own access credentials on your own computer to access your own account on an HTTP API.
>The web doesn't work like that. The operators of google.com saying you must only use Chrome to load it is a ridiculous concept.
I have no idea what you are talking about. Chrome? Are you sure you are replying to the right thread?
Only Antigravity and Gemini access was banned, not email or other google account stuff.
I’ll go further: there should be laws addressing account consolidation. Getting banned from an Apple or Google account is an incredibly wide blast radius. It would be like being banned from buying Unilever or Nestle food from your grocery store.
Email providers should be utilities and also legally require a warrant before disclosing any information whatsoever to the government.
Unfortunately the government is full of corrupt geriatrics who do not understand technology and are paid to continue not understanding technology as they sign bills prepared for them by ALEC.
>It's great that Google is giving these users a second chance.
I hope this is sarcasm. A permaban as the first action is never a good idea.
They were banning people and those people couldn’t even cancel their subscription. That’s a rookie mistake and you expect the same company to have a flawless ban system?
When's the last time you read the ToS of a service you signed up for?
Telling your users they can't use certain software to access your HTTP API is exactly the same as telling people they can't use certain browsers to load https://google.com.
"Hey Gemini, write a short blurb casting our capriciousness in a good light."
> Way too risky to use Google services like this tied to your primary account
As a hedge, you can google.com/takeout on a monthly cadence.
At least a few years ago when raspberry pi nodes were cheap, you could set up rClone to sync the `TAKEOUT` folder of your gdrive account locally and then encrypt it and shove it into backblaze. Then set up a monthly reminder to quickly request a takeout and make sure that you choose the "deliver to google drive" option.
[deleted][deleted]
Using Gmail as your primary email has become a serious risk. Email was once a distinct thing but Google tying it to your everything-account makes gmail terrible.
That's a big part of why I switched to paid email.
I'm the customer, not the product.
Here’s an idea: run your digital life away from a corporate shitbucket like Google. Don’t run your email there. Plenty of good other options.
It's not 100% clear to me, but supposedly it was just access to Antigravity that was shut off.
If people lost access to their whole accounts that would be a major crisis for Google users. But it doesn't seem that that was actually the case.
yeah exactly have you ever tried to call Google support? it doesn't exist. the only way to contact Google is by posting something on news.ycombinator.com and then hoping that some person who works at that company actually responds to you and logs in somewhere and then changes your access.
[deleted]
AFAIK it has clearly been a ban of Gemini and not of all people's Google accounts.
However many stories appeared where people tried to claim that their whole Google account was banned to gain traction.
Unless it is clear that a full Google account has been banned we should push back on any story that claims this.
Why? Google has been doing automated bans for ages, even before "AI".
By now they lost any trace of goodwill they ever had and are guilty until proven innocent.
> The digital death sentence of losing access to your email
I agree that the digital death sentence is really bad and doubly so seen that many are using single-sign on tied to their Google identity but...
> with a company that notoriously has no way for the average human to contact a human is not worth the risk
There's definitely phone support for paying Google Workspace users: don't tell me there's not, my wife got Google support on the phone more than once and they've been helpful.
And it's not a crazy expensive subscription either.
This remains a problem for the personal account though (arguably what "primary account" meant in GP)
Can that account be upgraded to Workspace just to get the support?
The danger here is they'll ban you with no specific reason, fill out the form and you get an automatic unban and then something else automatically flags and you're banned the second time permanently.
Support bot will then say "you were warned, read the TOS" and you get to guess what you did wrong.
You'll notice there are no appeals or reviews in this workflow.
Google has no creditability when it comes to handling account bans.
People are crazy to use Google as the core of their online identity.
Not crazy, it is just convenient. Constant pushes with Android, Chrome, random websites asking for Google login.
Google wasn't always like this, and moving of from an email address isn't technically hard, but something that 99% of the people will be very very reluctant to do.
Ex googler here. It is based on Google’s fundamental disdain of customers. Googlers are repeatedly told by management that they are the smartest people in the world and that their time is too valuable to spend on silly things like helping customers.
Google has zero customer service. using them for anything serious makes no business sense. the only thing that they're good for is serving ads to people, and they have a support team for that, but only if you're spending a lot of money, and even then good luck finding it
I still kinda wish that the subscriptions would just allow you to use the tokens however you wish.
I get that they rely on people not using all of their quota. But e.g. with open code it doesn't really matter if I use antigravity or gemini-cli the usage should be about the same.
What they are actually trying to force you to do is to pay for the tokens that you don't use in their applications to increase their revenue and/or give their in-house tools an "unfair" advantage. But this is bad for the consumer because it means that there is less competition between coding agents and unless I'm willing to pay per token I have to take one of the model labs agents.
Anticompetitive behaviour imo they could just ban reselling tokens or something like that instead of locking your subscription in like this.
>I still kinda wish that the subscriptions would just allow you to use the tokens however you wish. I get that they rely on people not using all of their quota. But e.g. with open code it doesn't really matter if I use antigravity or gemini-cli the usage should be about the same.
This is almost as realistic as "I wish netflix or youtube allowed me to use VLC to watch their content".
Haha maybe that would reduce piracy.
The easiest way to watch a movie in the player of my choice - even if i have legal access to it because it's in my netflix subscription - is to download it off piratebay.
Add to that Netflix's shitty discovery system, I'm pretty sure I watched some downloaded movies in spite of actually having legal access to them.
Oh, remember when PC games used to come on disks? For the Netflix example I can only guess, but I'm 100% sure I downloaded isos for games I had actually bought and had the physical disc... somewhere.
i don't believe this is a significant driver of piracy tbh, normal people don't care about that kinda thing :P
especially considering most modern movie/tv piracy is free streaming websites - shitty quality and awkward player controls, definitely no choice of player here
This is almost as realistic as "I wish OpenAI supports using OpenCode with ChatGPT subscription account."
Yea, there are the last to the party (have they even arrived?), so they are going to have to make some concessions. I wonder if they at rollout will have a third-party subscription token service in addition to their first-party one.
> there are the last to the party
Anecdotally, I'm having a very hard time imagining there are more Gemini Cli users than Codex users.
Why is that unrealistic?
Think of it like the digital right-to-repair.
I pay for it, I get to use it with any client I want. Simple.
I do wish that though. I have given up on streaming services, I am not paying for this bullshit experience. We used to have all the content unlimited on one service for like $10/mo. I can accept prices increasing with inflation but society should not accept such a backslide in service quality.
> I get that they rely on people not using all of their quota
They have no problem with users using their quota on their own software. Because they get the signals. They do have a problem with users using the API in 3rd party software, because they don't get the signals.
Well ... the clear signal is that people want to use Google's models but not Google products
Most people have actually just been using Opus through antigravity
That's very different from what I'm seeing around me, but yes, I suppose that happens to. And I guess Google wouldn't have as much of an issue with that, right?
Ah, in my spaces (Involved in the proxy dev), most people have been using it for Opus. I suspect they may even have more of an issue with it, as they don't get the cost advantage of serving an in-house model
I don't really understand this reasoning actually:
if OpenClaw usage go up, and a service (OpenAI it looks like) gets lots of usage data for personal assistent usage, they can optimize to make it better for people who get a $200 subscription just because of that use case.
I turned off tracking on Antigravity. Do I deserve to get my account banned from a service I pay for now? Silly.
[deleted]
> But e.g. with open code it doesn't really matter if I use antigravity or gemini-cli the usage should be about the same.
This is not at all true. What is prompting this behavior from Google and Anthropic is that people are using their oauth creds/API keys to run OpenClaw bots that use orders of magnitude more tokens than the IDEs. The official clients also can use a lot more prompt caching because they have expected workflows.
And like, if you want to run OpenClaw, they’re not saying you can’t do that: use the API pricing, that’s what it’s for. But people are getting mad that they’re not allowed to roll their pickup truck up to the all-you-can-eat buffet table and fill it.
I think the deal is quite clear: subscription for personal usage in their products, API token for everything else. You get a rebate for subscription because they get the data. I would be quite sad if they removed the subscription option just to not be "anticompetitive".
The Gemini-CLI situation is poor. They did not communicate that AI Pro or AI Ultra accounts cannot be used with this API broadly earlier. I specifically remember searching for this info. Seeing this made me wonder if I had missed it. Turns out it was added to the TOS 2 days ago - diff
https://github.com/google-gemini/gemini-cli/pull/20488/chang.... I'd be happy to stand corrected here.
Anti Gravity I understand, they are subsidizing to promote a general IDE, but I dont understand constraining the generative AI backend that Gemini CLI hits.
The Apache License of this product at this point is rich. Just make it closed source and close the API reference. Why have it out there?
I have a Code Assist Standard license to evaluate gemini-cli (and the new models)
To this day I cannot coax the gemini-cli to allow me to use the models they claim you have access to. Enabled all the preview stuff in cloud etc etc.
Still I mostly get 2.5 and rarely get 3 or 3.1 offered.
The gemini-cli repo is a shit show.
I can seem to access the new models using opencode, but am 429 rate limited almost immediately such that its like 5 minutes between calls.
It takes your query, computes the complexity of the request, and tries to route it to the appropriate model. There is a /manual command i think, to pick the right model.
They mask the 429s well in Gemini-Cli - if an endpoint is rate limited, they try another, or route to another model, etc to keep service availability up.
Your experience on the 429s is consistent with mine - the 429s is the first thing they need to fix. Fix that and they have a solid model at a good price point.
I use my own coding agent (https://github.com/hsaliak/std_slop) and not being able to bring my (now cancelled) AI account with Google to it is a bummer.
I'd still use it with the Code Assist Standard license if the google cloud API subscription allows for it but I have no clarification.
> It takes your query, computes the complexity of the request, and tries to route it to the appropriate model. There is a /manual command i think, to pick the right model.
That is what is should do, but there is no > 2.5 model shown in /model and it always picks a 2.5 model. Ive enabled preview models in the google cloud project as well.
If I pass the 3 model in start param it shows 3 in the lower right corner but it is still using 2.5.
I know google has issues dealing with paying customers but the current state is a shit show. If you go to the gemini-cli repo its a deluge of issues and ai slop. It seems there is a cadre of people jumping to be the first person to pump an issue into claude and get some sort of PR clout.
It might be good but it needs more time to cook, or they need to take a step back and evaluate what they should consider a paid product.
> Using third-party software, tools, or services to harvest or piggyback on Gemini CLI's OAuth authentication to access our backend services is a direct violation of Gemini CLI’s applicable terms and policies.
It's been 2 months since these bans have started, first Anthropic, then Google. And their wording is still so confusing that I can't get a simple answer to a simple question:
Is piggybacking on headless 'gemini-cli -p' or 'claude -p' a TOS violation? Because there's really no reason why you can't do exactly what these tools did that caused these two companies to start giving out bans.
Unless you're in for a very specific configuration of models for some niche concern, CLIs give you nearly exact same access to the backend that snatching an OAuth token from them does. They give you JSONL for stdin, JSONL for stdout, and if you spin up a local proxy, you even get the same exact API contract in responses that you get from public APIs.
In fact, I already built a small tool for myself that does exactly that, to allow usage of alternative harnesses I prefer. Once I release it to the public, will -p be banned too?
I think the issue is people are using tools in an automated fashion and running up a compute bill for free when they were only meant to be used by humans in a more limited capacity (for companies to gather data on how to improve their products for humans). I think the correct way to use these models in an automated fashion is via the APIs and even then they might also worry about things like abuse/distillation type attacks still if the volume is too high. I think the lack of transparency might actually be by design so that people abusing their services don't figure out what triggers them losing their accounts. I could be wrong of course, this is just speculation on my part.
> I think the issue is people are using tools in an automated fashion
But that's the sole reason why all of the tools have headless modes. Headless mode is textbook definition of supporting automation.
From gemini docs: [1]
> Headless mode allows you to run Gemini CLI programmatically from command line scripts and automation tools without any interactive UI.
And claude code:
> Use the Agent SDK to run Claude Code programmatically from the CLI, Python, or TypeScript
Why does headless mode exist if using it is a bannable offense?
>Unless previously approved, Anthropic does not allow third party developers to offer claude.ai login or rate limits for their products, including agents built on the Claude Agent SDK. Please use the API key authentication methods described in this document instead.
Seems clear-cut to me.
Yes, I have. And it's obvious that restriction was put there for a reason. The most obvious possible reason is that snatching OAuth made it possible for third party tools to utilize subscription to the fullest - like OpenClaw.
But these tools, including openclaw, didn't have to snatch the OAuth tokens, they could have used claude code built in headless stdio and consequences for Anthropic would be exactly the same. OAuth was just faster to plug in.
So if I open source my solution that allows opencode & openclaw to go through claude cli's headless mode, is this allowed? Is this a product that allows claude.ai login?
What if I open source a 1 line bash loop (e.g. ralph loop) that does the same?
What if I build a more complex bash loop that goes through my tasks in a text file, and calls claude cli for each?
I don't know at which point this becomes "offering claude.ai login" or a "product", or "building agents".
Here's my product:
while :; do cat PROMPT.md | claude ; done
Am I blacklisted now?
They just want people to pay more via API. Technically, your example would violate ToS, because the purpose matters. Like a license file may allow personal use and prohibit commercial use (unless you obtain a commercial license).
Before I use time responding, I want to ask again: Did you actually read the website, especially the "Compare the Agent SDK to other Claude tools" section? It answers your question pretty thoroughly.
For the second time, yes. And it's still not clear at what point does a wrapper around claude cli running in headless mode become a 'product' that is going to get my account banned.
My guess is, and others have said this as well in the thread: "when you start utilizing your weekly quotas fully".
But obviously, they can't put "you can't use your weekly allocated quota fully". That would be way too honest and we can't accept that.
No, the link clearly says that if you are not using the harness provided by Claude for the Agent SDK (such as for making tool calls), you have to use the Client SDK. So attempting to prompt the Agent SDK with a third-party app so that the third-party app can then call a tool with the output is not allowed in the Agent SDK. You have to use the Client SDK (API).It even gives an example in the section I asked you to read, which is why I am seriously doubting whether or not you read it.
> the link clearly says that if you are not using the harness provided by Claude for the Agent SDK (such as for making tool calls), you have to use the Client SDK
But you just made this up? There's no text on the page that says this. What the linked page does is explain technical differences between Agent SDK and Client SDK, and Agent SDK and cli (Agent SDK is just a wrapper around cli anyway).
Neither tab says anything remotely like "if a third-party app prompts the Agent SDK and uses the output for tool calls, that's not allowed." You entirely fabricated this from the comparisons.
And your assumption is wrong on another level. The Agent SDK specifically exists so that you can write your own harness and give it custom tools - that's its entire purpose. It's even documented in their custom tools guide [1]. So not only "using a third-party harness with the Agent SDK" isn't forbidden, it's the product's primary use case. There's no such thing as "harness provided by claude for the agent SDK" - you bring the harness.
The only policy statement on that page is this:
> Unless previously approved, Anthropic does not allow third party developers to offer claude.ai login or rate limits for their products..
But I've already addressed this, so it seems we're going in circles.
>And your assumption is wrong on another level. The Agent SDK specifically exists so that you can write your own harness and give it custom tools - that's its entire purpose. It's even documented in their custom tools guide [1].
Yea, you don't seem to even understand what you are writing. This in no way contradicts any statement I or Anthopic has said.
>Neither tab says anything remotely like "if a third-party app prompts the Agent SDK and uses the output for tool calls, that's not allowed." You entirely fabricated this from the comparisons.
>The Anthropic Client SDK gives you direct API access: you send prompts and implement tool execution yourself. The Agent SDK gives you Claude with built-in tool execution.
>With the Client SDK, you implement a tool loop. With the Agent SDK, Claude handles it:
Python
# Client SDK: You implement the tool loop
response = client.messages.create(...)
while response.stop_reason == "tool_use":
result = your_tool_executor(response.tool_use)
response = client.messages.create(tool_result=result, \*params)
# Agent SDK: Claude handles tools autonomously
async for message in query(prompt="Fix the bug in auth.py"):
print(message)
At this point, it's clear that you either have questionable reading comprehension skills, are being willfully ignorant, or are arguing in bad faith because it even says that tool calls outside of the Agent SDK harness has to use the Client SDK as the comments to the code used in the examples.
What I don’t understand about policy violations is why Google never warns the user before banning. A simple alert or email would reduce so much frustration on the part of users and so much overhead for Google.
ToS change frequently and it’s not really fair to assume the user knows what is and is not correct use of tokens.
I think from their end, they see a lot more malicious users (e.g. spam accounts) that it's not worth providing a gentle warning before a ban. There might've been thousands more accounts created for Chinese companies for distillation[0], that Google didn't think of/weren't able to initially distinguish genuine user accounts just using a third party tool on their Antigravity token.
Like in a similar vein, Instagram sometimes randomly bans genuine users without appeal, probably because they deal with thousands more spam accounts that don't deserve a warning/appeals process.
Not just Google. This seems to be the default for most tech giants. I was banned on Facebook for an unknown reason, not provided any explanation, and given zero recourse. Had to resort to reaching out to a friend who worked there.
Why is this published on github.com? Is google somehow incapable of making official announcements through their own web properties?
It’s interesting that with both Anthropic and Google we’re seeing them develop agentic models that are supposed to do anything a human can do on computers without human intervention, but at the same time, if you plug one program into another of their programs or APIs in a way that wasn’t preapproved you may be blocked or banned.
To be charitable, maybe they’re expecting AI agents to eventually start reading the ToS docs
I see a lot of comments in googles defense, part of me wonders whats the split between google employees(even so people in teams related to these products) and normies who ignore the true underlying issue here…
Google consistently fails to provide a process to deal with user issues.
You donot see many reports of these at Amazon, Microsoft, Apple, and many more providers. Though Meta learns from google I think.
Microsoft has a had a few high profile cases of locking people out and taking their OneDrive with it with no ability to get support.
> Microsoft has a had a few high profile cases of locking people out and taking their OneDrive with it with no ability to get support.
Yes but as we're talking about Microsoft, these cases are probably explained by incompetence.
Just wanted to say that Windsurf is chugging along just great. No drama for users, excellent outputs at low cost. I am confused why they are not used more widely.
The problem wasn't antigravity, the problem was funneling clawdbot tokens through it (with a 3rd party plugin) to skirt API costs.
We use them as well. Great product.
Without the context of “Antigravity” being a product name this headline is science fiction gold.
All this whole thing did is ensure I never, ever use any google AI service. The fact that they didn't instantly comprehend what a total account ban means when they've got people with 20+ years worth of personal data in those accounts is incredibly concerning.
Refreshing response from Google especially given the incompetence with which Anthropic has handled bans.
Still no clarification if they block your whole Google account or just Gemini?
Not the entire Google account.
> bans for Antigravity usage also blocked access to Gemini CLI and Gemini Code Assist.
Disclosure: I work at Google, but not on anything related to this.
This is the correct way to handle this situation.
this is good.
problem is google's security concerns. when people connect gmail to openclaw, google flags the activity as weird and suspend the account because of unusual activity. Many whose accounts got locked because of this and they thought it was because they connected it to antigravity use against the policy (which happened in some cases). We will still see google account suspensions, and that would keep making news. and it wont be because of antigravity usage.
[deleted]
Complete risk to use google products like this with your real account. My youtube is still banned over uploading two clips of Dexter's Laboratory over 15 years ago.
Today I could have uploaded them fine, and let whoever owns the cartoon make money I was just a fan of the show.
The problem is that Google treats its customers as college kids who can be banned from a college maker lab for using too much 3D filament rather than entrepreneurs who are trusting their livelyhood to a service provider that promises to be reliable. If War Department uses too many Gemini tokens, do they cut them off, make them go through recertification process and permaban the next time around?
Which means that anyone serious about AI and not going local route should be using a provider with better reputation. I don't know if Alibaba, Z.ai or moonshots AI are also known for hair trigger responses, could be decent options for coding AI otherwise? If not, time to look for smaller providers with good reputation?
I feel dumb. I've never heard of Antigravity until now.
Good for you :)
Welcome to the singularity, now in progress. One of its defining features is that things move too fast for people to keep up.
By this logic though JavaScript frameworks were the singularity
lol. True. I guess the difference is “things that matter to technological progress” move too fast to keep up.
Incompetence of Google is amazing. They take an existing thing like Windsurf and somehow make it constantly coredump. And can't fix it for months.
this is the long-standing problem with using Google services. either they become deprecated and removed without notification, or they outright ban you for using tools as intended. either way, using Google tools for anything doesn't make business sense to anybody who's seen the history of this.
[deleted]
cool. now do something about the hundreds/thousands of people getting rate limited on Antigravity even after upgrading their plans, even on their $250 /month plan.
> to address violations of the Antigravity Terms of Service (ToS), specifically the use of 3rd party tools or proxies to access Antigravity resources and quotas
Translation: Google doesn’t want you using Gemini oauth with openclaw
Another recent concern on other posts here on HN is whether a private company should have veto power over the US government. Or, another way to look at it, whether the US government should be able to designate a company as a supply chain risk and ban them from most business in the host country.
If I squint at the conversation, it doesn't seem that different from a behemoth company taking an employee of a private company and forcing them to still stop working for arbitrary reasons.
I'm giving agents and coding tools wide berth here, but if AI is going to replace all employees, what guarantees do you have as the employer that your employees will do your bidding, and not the bidding of enterprises with a shifting moral landscape?
Once we have tooling wrapped around specific agents, it'll be hard to rehire. What will we do then when our "employees" are furloughed?
This will be especially relevant when the big AI labs decide they need to enter a market to justify an obscene valuation. Or, when the sovereign wealth fund decides they don't like the direction of a business.
This is a good and honorable decision by Google. But it also brings up scary times ahead.
I am sick and tired of companies forcing a shitty fork of vscode down my throat. If I am paying let me use your api how I wish to. Most people aren’t malicious and just want to use their own workflow.
Way too risky to use Google services like this tied to your primary account. There’s too much risk of cross damage. Imagine losing access to your Gmail because some Gemini request flags you as an undesirable. The digital death sentence of losing access to your email with a company that notoriously has no way for the average human to contact a human is not worth the risk.
Use a custom domain and don't use google for email.
And if you do use your gmail address just forward it and start to transition to something else. With time everything of importance has been transferred.
How do you even pull away from a Gmail address? I'm nearly twenty years into that service. Getting banned would be absolutely devastating...
Use your own domain to sign up for a paid email service, provided by a company that focuses on email. I use Fastmail, but there are many other options.
Set up forwarding in Gmail to your new address.
Then, whenever you log in to a website or app with your Gmail, take a moment to change it to your new address. In a few weeks, most of your important accounts will be covered. In a few months, almost everything you still actively use will be done.
I did this ~5 years ago and the only thing that still arrives at my Gmail is spam.
I did this but don't forward. Instead, every new email in Gmail I got would prompt me to go update that service's contact info for me.
It probably doesn't matter, but it made me feel a little better because that way Google wouldn't have direct info on to which email/domain I transfered (ignoring other Gmail contacts that start emailing me at my new address(es) ).
Same here but ~8 years.
You can mitigate/speed the process using your password manager too.
I still use a filter in my email so that if something comes in under my Gmail, it gets a special tag that I can filter on and treat those as a todo list. Rarely happens beyond the occasional Google Meet connection.
For quite some time (approx 8 years) I've used an email forwarding (Blur, but any works) to avoid spam.
This looks like perfect case for change of email, since lot of these accounts can be moved out from Gmail by changing the address that email is forwarded too.
Looks like all this hassle with generating a new email for each service pays for the second time (by ease of changing the main mail), in addition to spam and privacy protection.
Solid advice, but I want to double, watch out for things you only log into once a year.
Making a new local account on your machine is a good first step.
^this is the way.
You can buy a domain name for like $10 per year; I recommend getting it from porkbun.com.
Cloudflare.com is good too, EXCEPT if you buy your domain from them, you'll be required to use their nameservers until and unless you transfer your domain elsewhere (which you won't be able to do for a while). Though to be fair, their free DNS is good and lots of people use it anyway. It makes email setup slightly more complicated, but it's still doable.
Spaceship.com also has a pretty good reputation, but I think their customer service isn't as good, they're quite new, and they're owned by Namecheap (a bigger domain registrar with a much worse reputation).
Whatever you do, DO NOT buy from GoDaddy. Do not even search for the domain you're considering on GoDaddy. Literally any option is better than GoDaddy.
By far the most reliable TLD options are .com, .net, and .org. These will look relatively trustworthy for email, and the price stays very very stable from year to year. If you don't want to think about it, just get one of these. You can even still find single dictionary word domains for .org or .net relatively easily.
Do not buy any domain marked "premium". This means the owner of the TLD can change the price at renewal as dramatically as they want, for any reason (e.g. if you have a website hosted at that domain that becomes popular). Your $20 per year domain might suddenly become a $300 or $3000 per year domain for no reason but greed, and you wouldn't be able to do anything about it.
Non-premium nTLD's (.club, .horse, .rocks, .theater, etc) can increase quite dramatically in price, BUT the price is required to be set the same for all domains using that nTLD, so they can't target any individual person for having a successful website or whatever. Also, you can pre-buy up to 10 years, which locks in your price for those 10 years. I'd still not recommend them for a primary email, but it's better than buying a "premium" domain. Just be aware that the yearly price might unexpectedly increase in the future.
Some country code TLD's are also good, but for email, probably stay away from the ones that spammers like to use.
___
Anyway, what I actually originally meant to comment about is: if you set up forwarding from gmail and don't check that account regularly anymore, I recommend setting up a gmail filter rule that forwards all your gmail spam to you (their regular forwarding setting leaves it out and just sends it to the gmail spam folder). It's a little annoying to have to re-flag some of the spam as spam in your new email, but gmail has a habit of marking non-spam as spam for me, and if you're not regularly checking that spam folder you can easily miss important email.
Porkbun have started demanding ID verification for registrations, which depending how you feel about current events might make you reconsider having them on your list
Register your own domain, use a third-party provider to handle actual sending and receiving (I use proton, which makes the setup very easy), forward your Gmail to your personal domain address and as renewals and reminders come in switch your email on services to your personal domain.
After a year or two losing Gmail becomes an inconvenience; after a few more years it is nothing. As everything is now on your own domain name you can switch providers without affecting anything.
That's what I did about 5 years ago and my only regret is not doing it earlier.
I just sold a domain I had for 25 years and used for everything including API endpoints, email, authentication, etc. It took a couple weeks to transition myself and my family/friends.
Pretty sure just moving emails would have take a lot less effort. I had the advantage of keeping the domain until I was ready to move, now imagine Google just turned it off one day and what your workload would be. I shudder to think about having to deal with that.
I moved away from a gmail address that was that old, dating back to the invitation-only days. It had become more spam than not, mostly other people who share my initials not knowing their own email addresses. But the possible devastation you mention was more worrying. It had become too much of a risk for my banking and identity generally to not own my email address.
I got a custom domain. I still host it on google, because I know how impossible it is for small companies to have a reasonable program to deal with insider threats. Because of that, I think only one of the giant companies can realistically provide secure email. And the google app suite is great. Now that I pay for google workspace, there's support and appeals available, and if they ban me anyway, I still control the domain and can regain access to everything.
I have not been able to delete the old address, even after 3 years. There are some things like Google Fi that can only use a non-workplace google account. Very, very rarely, I still get an email that matters on it. But I got to the point where I could stop checking it in about 2 months, and now I look at it about once a week quickly, more out of habit than anything else.
The switch was annoying, but not "hard". It was worth it.
Just start changing addresses. Forward the rest. It takes about a year. Changing your name is way harder and tons of folks do that all the time.
gmail uses IMAP.
make another mailbox (another provider - migadu, fastmail, proton, whoever) that has IMAP as well. (selfhosting.. is PITA. only if u really need it).
install some standalone mail-client - thunderbird, clawsmail, applemail, or k9 , aqua on android, whatever. Attach both mailboxes into that. Find out how to copy an e-mail from one folder into another.
Folder by folder, select all mails, copy from one mailbox into the other. Will take time.
(Beware, some clients (apple) will fuckup the mail-date, anything older than 5 years becomes 5 years old. or it shows like that. YMMV.)
i have made this multiple times, for 20+ years of mails...
Get your own domain so you can easily change providers in the future. Start with your password manager and change the address on all the accounts you have in there.
After a few years you'll notice you stop bothering to check your Gmail and you can delete it to close the address.
If you need motivation, skim the /r/GMail subreddit and see how many people are getting locked out daily.
Do you have a recommendation for a major email provider as a fallback if you have to pick one?
I vaguely recall encountering a service that only accepted addresses from a whitelist of big providers (Gmail, Yahoo, Outlook, etc.), even @icloud did not qualify.
That's a service that doesn't want your business. If you care, message them about it
I've never once run into a service with such a restriction, but I can imagine someone being that short-sighted. I have seen services that only support "log in with Google or Facebook", which is comparably terrible.
Discogs will not let me login with my own domain (of 30 years) and required one of the big providers. It kept complaining about "risky domain". But that is the only incident I can think of.
Discogs
Who? Never heard of them, and it sounds like there's a good reason for that.
I've run into services that will flag specific tlds as invalid.
I have heard of that, yeah. It's still busted, but marginally more understandable if they're dealing with a lot of scams. For instance, `.xyz` and some others have bad reputations. I've never seen something that'll reject an arbitrary self-owned `.org`, by way of example.
It will never be easier than right now. Every day you stay, you dig their moat around you even deeper
I just went through all accounts in my password manager, logged in and changed my email. It takes a little while but not that much.
took about 30 minutes to switch to proton mail
This service is basically a nightmare to export/move away from. 30 minutes to switch to, maybe 30 hours to switch away from.
Sign up at fastmail.com, set up forwarding, change your "reply-to" address. A year later, you'll have nothing arriving in gmail except marketing cruft.
Same. I still have an old Gmail address that receives forgotten but still considered important emails from various services.
What's the playbook for migrating away in this situation?
Companies need to allow you update your personal information including your email. It may need tickets to support but it's doable.
Just have to get started and suffer for a while and make it a practice to switch emails when you log into places.
I switched to fastmail with my own domain.
I went with SimpleLogin.
Although I am increasingly concerned with its longevity since there's a non-zero risk that Proton might shut down SimpleLogin since Proton Pass has its own alias feature.
There was a time back when we could get generic LoginWIth OAUTH butons along with the social media roster , allowing one to use whichever provider they wanted.
Current state of OIDC should be pretty much standard across most providers - it put it that devs need too make the push to support alt login providers for preventing vendor lockin in identity like were currently barreling towards in hardware/software.
This wasn't due to some random Gemini request. Users were using sketchy antigravity auth plugins to use their antigravity tokens on things like OpenClaw, clearly against ToS. It's great that Google is giving these users a second chance.
Yes, our masters once again embarrass us unworthy peons with their endless grace, generosity and forebearance. How lucky we are to entrust our data and our lives to them!
Anyone can buy the tokens via the API and do whatever they want with them.
Its not evil of Google to say "Here is an allotment of steeply discounted tokens, but you can only use them with our services."
It is evil to block your email and hold your photos hostage over it though :)
They only blocked access to Antigravity and GeminiCLI for the offense.
Didn’t they only block Antigravity though, leaving other services available?
I would question the judgment of anyone who thought they would maintain "don't be evil" beyond IPO.
https://youtu.be/ntICHMV-WMA?t=40
"Google Shuts Down Gmail For Two Hours To Show Its Immense Power"
If a 3rd party product advertises compatibility with a Google service and you use it to login via a first party Google login page, doesn’t the responsibility fall somewhere between the offending product and Google itself? In practice it’s structured pretty much like a phishing attempt.
Notably some model providers explicitly allow that very flow, while others will ban you without notice.
If the "3rd party product" is you selfhosting FOSS, then that's you (OpenClaw users)
Why do you call it self-hosting? It appears to be installable app with a fancy homepage. At what point does the software being covered by an open license changes the responsibility model?
Okay but they were paying customers paying $$$ for the service. Banning your customers without prior warning is not right, however sketchy their behaviour might appear. Even if it's obvious to Google that there's a difference between a Gemini API key and an Antigravity API key, it's not necessarily obvious to others.
The correct and sane thing to do is to send them an email, with at most a 24 hour suspension. If they keep doing it despite being warned then by all means fire them.
The concern is not losing access to some new IDE for operating outside the terms of service. The concern is when you lose access to the IDE, you also lose access to your 20 year old Gmail account.
A general problem for Google products is that everything is mixed together.
But that's not what happened.
It’s be great if Google just revoked antigravity access if terms were violated. No need to disable the entire account.
> just revoked antigravity access
That's exactly what they did, plus Gemini CLI and Code Assist, which are the same product in different formats.
No Google account has been banned for this. People just keep spreading this lie because no one agrees that they have the right to steal the OAuth token.
"steal" is semantically incorrect here.
It's their OAuth token, it's not being stolen. It's just being copied from one place on their computer to another. This is no different than a competing browser importing your localStorage and cookies from Chrome on first launch.
No, the OAuth token is supposed to be used solely with the context of a first-party app only. Clearly, if you need to extract the key by reverse engineering or set up a proxy to spoof requests to a service, you're doing something shady.
> No, the OAuth token is supposed to be used solely with the context of a first-party app only.
The web doesn't work like that. The operators of google.com saying you must only use Chrome to load it is a ridiculous concept. It's not spoofing to use your own access credentials on your own computer to access your own account on an HTTP API.
>The web doesn't work like that. The operators of google.com saying you must only use Chrome to load it is a ridiculous concept.
I have no idea what you are talking about. Chrome? Are you sure you are replying to the right thread?
Only Antigravity and Gemini access was banned, not email or other google account stuff.
I’ll go further: there should be laws addressing account consolidation. Getting banned from an Apple or Google account is an incredibly wide blast radius. It would be like being banned from buying Unilever or Nestle food from your grocery store.
Email providers should be utilities and also legally require a warrant before disclosing any information whatsoever to the government.
Unfortunately the government is full of corrupt geriatrics who do not understand technology and are paid to continue not understanding technology as they sign bills prepared for them by ALEC.
>It's great that Google is giving these users a second chance.
I hope this is sarcasm. A permaban as the first action is never a good idea.
They were banning people and those people couldn’t even cancel their subscription. That’s a rookie mistake and you expect the same company to have a flawless ban system?
When's the last time you read the ToS of a service you signed up for?
Telling your users they can't use certain software to access your HTTP API is exactly the same as telling people they can't use certain browsers to load https://google.com.
"Hey Gemini, write a short blurb casting our capriciousness in a good light."
> Way too risky to use Google services like this tied to your primary account
As a hedge, you can google.com/takeout on a monthly cadence.
At least a few years ago when raspberry pi nodes were cheap, you could set up rClone to sync the `TAKEOUT` folder of your gdrive account locally and then encrypt it and shove it into backblaze. Then set up a monthly reminder to quickly request a takeout and make sure that you choose the "deliver to google drive" option.
Using Gmail as your primary email has become a serious risk. Email was once a distinct thing but Google tying it to your everything-account makes gmail terrible.
That's a big part of why I switched to paid email.
I'm the customer, not the product.
Here’s an idea: run your digital life away from a corporate shitbucket like Google. Don’t run your email there. Plenty of good other options.
It's not 100% clear to me, but supposedly it was just access to Antigravity that was shut off.
If people lost access to their whole accounts that would be a major crisis for Google users. But it doesn't seem that that was actually the case.
This doesn't make it super clear, but, the submission from a week ago when bans got handed out: https://news.ycombinator.com/item?id=47115805
yeah exactly have you ever tried to call Google support? it doesn't exist. the only way to contact Google is by posting something on news.ycombinator.com and then hoping that some person who works at that company actually responds to you and logs in somewhere and then changes your access.
AFAIK it has clearly been a ban of Gemini and not of all people's Google accounts.
However many stories appeared where people tried to claim that their whole Google account was banned to gain traction.
Unless it is clear that a full Google account has been banned we should push back on any story that claims this.
Why? Google has been doing automated bans for ages, even before "AI".
By now they lost any trace of goodwill they ever had and are guilty until proven innocent.
> The digital death sentence of losing access to your email
I agree that the digital death sentence is really bad and doubly so seen that many are using single-sign on tied to their Google identity but...
> with a company that notoriously has no way for the average human to contact a human is not worth the risk
There's definitely phone support for paying Google Workspace users: don't tell me there's not, my wife got Google support on the phone more than once and they've been helpful.
And it's not a crazy expensive subscription either.
This remains a problem for the personal account though (arguably what "primary account" meant in GP)
Can that account be upgraded to Workspace just to get the support?
Over the past week,
A week? Try at least 16 days
https://discuss.ai.google.dev/t/account-restricted-without-w...
The danger here is they'll ban you with no specific reason, fill out the form and you get an automatic unban and then something else automatically flags and you're banned the second time permanently.
Support bot will then say "you were warned, read the TOS" and you get to guess what you did wrong.
You'll notice there are no appeals or reviews in this workflow.
Google has no creditability when it comes to handling account bans.
People are crazy to use Google as the core of their online identity.
Not crazy, it is just convenient. Constant pushes with Android, Chrome, random websites asking for Google login.
Google wasn't always like this, and moving of from an email address isn't technically hard, but something that 99% of the people will be very very reluctant to do.
Ex googler here. It is based on Google’s fundamental disdain of customers. Googlers are repeatedly told by management that they are the smartest people in the world and that their time is too valuable to spend on silly things like helping customers.
Google has zero customer service. using them for anything serious makes no business sense. the only thing that they're good for is serving ads to people, and they have a support team for that, but only if you're spending a lot of money, and even then good luck finding it
I still kinda wish that the subscriptions would just allow you to use the tokens however you wish. I get that they rely on people not using all of their quota. But e.g. with open code it doesn't really matter if I use antigravity or gemini-cli the usage should be about the same.
What they are actually trying to force you to do is to pay for the tokens that you don't use in their applications to increase their revenue and/or give their in-house tools an "unfair" advantage. But this is bad for the consumer because it means that there is less competition between coding agents and unless I'm willing to pay per token I have to take one of the model labs agents.
Anticompetitive behaviour imo they could just ban reselling tokens or something like that instead of locking your subscription in like this.
>I still kinda wish that the subscriptions would just allow you to use the tokens however you wish. I get that they rely on people not using all of their quota. But e.g. with open code it doesn't really matter if I use antigravity or gemini-cli the usage should be about the same.
This is almost as realistic as "I wish netflix or youtube allowed me to use VLC to watch their content".
Haha maybe that would reduce piracy.
The easiest way to watch a movie in the player of my choice - even if i have legal access to it because it's in my netflix subscription - is to download it off piratebay.
Add to that Netflix's shitty discovery system, I'm pretty sure I watched some downloaded movies in spite of actually having legal access to them.
Oh, remember when PC games used to come on disks? For the Netflix example I can only guess, but I'm 100% sure I downloaded isos for games I had actually bought and had the physical disc... somewhere.
i don't believe this is a significant driver of piracy tbh, normal people don't care about that kinda thing :P
especially considering most modern movie/tv piracy is free streaming websites - shitty quality and awkward player controls, definitely no choice of player here
This is almost as realistic as "I wish OpenAI supports using OpenCode with ChatGPT subscription account."
Oh, except they do[0].
[0]: https://x.com/thsottiaux/status/2009742187484065881
Yea, there are the last to the party (have they even arrived?), so they are going to have to make some concessions. I wonder if they at rollout will have a third-party subscription token service in addition to their first-party one.
> there are the last to the party
Anecdotally, I'm having a very hard time imagining there are more Gemini Cli users than Codex users.
Why is that unrealistic?
Think of it like the digital right-to-repair.
I pay for it, I get to use it with any client I want. Simple.
I do wish that though. I have given up on streaming services, I am not paying for this bullshit experience. We used to have all the content unlimited on one service for like $10/mo. I can accept prices increasing with inflation but society should not accept such a backslide in service quality.
> I get that they rely on people not using all of their quota
They have no problem with users using their quota on their own software. Because they get the signals. They do have a problem with users using the API in 3rd party software, because they don't get the signals.
Well ... the clear signal is that people want to use Google's models but not Google products
Most people have actually just been using Opus through antigravity
That's very different from what I'm seeing around me, but yes, I suppose that happens to. And I guess Google wouldn't have as much of an issue with that, right?
Ah, in my spaces (Involved in the proxy dev), most people have been using it for Opus. I suspect they may even have more of an issue with it, as they don't get the cost advantage of serving an in-house model
I don't really understand this reasoning actually:
if OpenClaw usage go up, and a service (OpenAI it looks like) gets lots of usage data for personal assistent usage, they can optimize to make it better for people who get a $200 subscription just because of that use case.
I turned off tracking on Antigravity. Do I deserve to get my account banned from a service I pay for now? Silly.
> But e.g. with open code it doesn't really matter if I use antigravity or gemini-cli the usage should be about the same.
This is not at all true. What is prompting this behavior from Google and Anthropic is that people are using their oauth creds/API keys to run OpenClaw bots that use orders of magnitude more tokens than the IDEs. The official clients also can use a lot more prompt caching because they have expected workflows.
And like, if you want to run OpenClaw, they’re not saying you can’t do that: use the API pricing, that’s what it’s for. But people are getting mad that they’re not allowed to roll their pickup truck up to the all-you-can-eat buffet table and fill it.
I think the deal is quite clear: subscription for personal usage in their products, API token for everything else. You get a rebate for subscription because they get the data. I would be quite sad if they removed the subscription option just to not be "anticompetitive".
The Gemini-CLI situation is poor. They did not communicate that AI Pro or AI Ultra accounts cannot be used with this API broadly earlier. I specifically remember searching for this info. Seeing this made me wonder if I had missed it. Turns out it was added to the TOS 2 days ago - diff https://github.com/google-gemini/gemini-cli/pull/20488/chang.... I'd be happy to stand corrected here.
Anti Gravity I understand, they are subsidizing to promote a general IDE, but I dont understand constraining the generative AI backend that Gemini CLI hits.
Finally, it's unclear what's allowed and what's not if I purchase the API access from google cloud here https://developers.google.com/gemini-code-assist/docs/overvi...
The Apache License of this product at this point is rich. Just make it closed source and close the API reference. Why have it out there?
I have a Code Assist Standard license to evaluate gemini-cli (and the new models)
To this day I cannot coax the gemini-cli to allow me to use the models they claim you have access to. Enabled all the preview stuff in cloud etc etc.
Still I mostly get 2.5 and rarely get 3 or 3.1 offered.
The gemini-cli repo is a shit show.
I can seem to access the new models using opencode, but am 429 rate limited almost immediately such that its like 5 minutes between calls.
It takes your query, computes the complexity of the request, and tries to route it to the appropriate model. There is a /manual command i think, to pick the right model.
They mask the 429s well in Gemini-Cli - if an endpoint is rate limited, they try another, or route to another model, etc to keep service availability up.
Your experience on the 429s is consistent with mine - the 429s is the first thing they need to fix. Fix that and they have a solid model at a good price point.
I use my own coding agent (https://github.com/hsaliak/std_slop) and not being able to bring my (now cancelled) AI account with Google to it is a bummer.
I'd still use it with the Code Assist Standard license if the google cloud API subscription allows for it but I have no clarification.
> It takes your query, computes the complexity of the request, and tries to route it to the appropriate model. There is a /manual command i think, to pick the right model.
That is what is should do, but there is no > 2.5 model shown in /model and it always picks a 2.5 model. Ive enabled preview models in the google cloud project as well.
If I pass the 3 model in start param it shows 3 in the lower right corner but it is still using 2.5.
I know google has issues dealing with paying customers but the current state is a shit show. If you go to the gemini-cli repo its a deluge of issues and ai slop. It seems there is a cadre of people jumping to be the first person to pump an issue into claude and get some sort of PR clout.
It might be good but it needs more time to cook, or they need to take a step back and evaluate what they should consider a paid product.
> Using third-party software, tools, or services to harvest or piggyback on Gemini CLI's OAuth authentication to access our backend services is a direct violation of Gemini CLI’s applicable terms and policies.
It's been 2 months since these bans have started, first Anthropic, then Google. And their wording is still so confusing that I can't get a simple answer to a simple question:
Is piggybacking on headless 'gemini-cli -p' or 'claude -p' a TOS violation? Because there's really no reason why you can't do exactly what these tools did that caused these two companies to start giving out bans.
Unless you're in for a very specific configuration of models for some niche concern, CLIs give you nearly exact same access to the backend that snatching an OAuth token from them does. They give you JSONL for stdin, JSONL for stdout, and if you spin up a local proxy, you even get the same exact API contract in responses that you get from public APIs.
In fact, I already built a small tool for myself that does exactly that, to allow usage of alternative harnesses I prefer. Once I release it to the public, will -p be banned too?
I think the issue is people are using tools in an automated fashion and running up a compute bill for free when they were only meant to be used by humans in a more limited capacity (for companies to gather data on how to improve their products for humans). I think the correct way to use these models in an automated fashion is via the APIs and even then they might also worry about things like abuse/distillation type attacks still if the volume is too high. I think the lack of transparency might actually be by design so that people abusing their services don't figure out what triggers them losing their accounts. I could be wrong of course, this is just speculation on my part.
> I think the issue is people are using tools in an automated fashion
But that's the sole reason why all of the tools have headless modes. Headless mode is textbook definition of supporting automation.
From gemini docs: [1]
> Headless mode allows you to run Gemini CLI programmatically from command line scripts and automation tools without any interactive UI.
And claude code:
> Use the Agent SDK to run Claude Code programmatically from the CLI, Python, or TypeScript
Why does headless mode exist if using it is a bannable offense?
[1] https://google-gemini.github.io/gemini-cli/docs/cli/headless...
[2] https://code.claude.com/docs/en/headless
Headless is fine as long as there's a human in the loop. Remove the human, their bills skyrocket.
Have you read the website? https://platform.claude.com/docs/en/agent-sdk/overview
>Unless previously approved, Anthropic does not allow third party developers to offer claude.ai login or rate limits for their products, including agents built on the Claude Agent SDK. Please use the API key authentication methods described in this document instead.
Seems clear-cut to me.
Yes, I have. And it's obvious that restriction was put there for a reason. The most obvious possible reason is that snatching OAuth made it possible for third party tools to utilize subscription to the fullest - like OpenClaw.
But these tools, including openclaw, didn't have to snatch the OAuth tokens, they could have used claude code built in headless stdio and consequences for Anthropic would be exactly the same. OAuth was just faster to plug in.
So if I open source my solution that allows opencode & openclaw to go through claude cli's headless mode, is this allowed? Is this a product that allows claude.ai login?
What if I open source a 1 line bash loop (e.g. ralph loop) that does the same?
What if I build a more complex bash loop that goes through my tasks in a text file, and calls claude cli for each?
I don't know at which point this becomes "offering claude.ai login" or a "product", or "building agents".
Here's my product:
while :; do cat PROMPT.md | claude ; done
Am I blacklisted now?
They just want people to pay more via API. Technically, your example would violate ToS, because the purpose matters. Like a license file may allow personal use and prohibit commercial use (unless you obtain a commercial license).
Before I use time responding, I want to ask again: Did you actually read the website, especially the "Compare the Agent SDK to other Claude tools" section? It answers your question pretty thoroughly.
For the second time, yes. And it's still not clear at what point does a wrapper around claude cli running in headless mode become a 'product' that is going to get my account banned.
My guess is, and others have said this as well in the thread: "when you start utilizing your weekly quotas fully".
But obviously, they can't put "you can't use your weekly allocated quota fully". That would be way too honest and we can't accept that.
No, the link clearly says that if you are not using the harness provided by Claude for the Agent SDK (such as for making tool calls), you have to use the Client SDK. So attempting to prompt the Agent SDK with a third-party app so that the third-party app can then call a tool with the output is not allowed in the Agent SDK. You have to use the Client SDK (API).It even gives an example in the section I asked you to read, which is why I am seriously doubting whether or not you read it.
> the link clearly says that if you are not using the harness provided by Claude for the Agent SDK (such as for making tool calls), you have to use the Client SDK
But you just made this up? There's no text on the page that says this. What the linked page does is explain technical differences between Agent SDK and Client SDK, and Agent SDK and cli (Agent SDK is just a wrapper around cli anyway).
Neither tab says anything remotely like "if a third-party app prompts the Agent SDK and uses the output for tool calls, that's not allowed." You entirely fabricated this from the comparisons.
And your assumption is wrong on another level. The Agent SDK specifically exists so that you can write your own harness and give it custom tools - that's its entire purpose. It's even documented in their custom tools guide [1]. So not only "using a third-party harness with the Agent SDK" isn't forbidden, it's the product's primary use case. There's no such thing as "harness provided by claude for the agent SDK" - you bring the harness.
The only policy statement on that page is this:
> Unless previously approved, Anthropic does not allow third party developers to offer claude.ai login or rate limits for their products..
But I've already addressed this, so it seems we're going in circles.
[1] https://platform.claude.com/docs/en/agent-sdk/custom-tools
>And your assumption is wrong on another level. The Agent SDK specifically exists so that you can write your own harness and give it custom tools - that's its entire purpose. It's even documented in their custom tools guide [1].
Yea, you don't seem to even understand what you are writing. This in no way contradicts any statement I or Anthopic has said.
>Neither tab says anything remotely like "if a third-party app prompts the Agent SDK and uses the output for tool calls, that's not allowed." You entirely fabricated this from the comparisons.
From: https://platform.claude.com/docs/en/agent-sdk/overview#agent...
>The Anthropic Client SDK gives you direct API access: you send prompts and implement tool execution yourself. The Agent SDK gives you Claude with built-in tool execution.
>With the Client SDK, you implement a tool loop. With the Agent SDK, Claude handles it:
Python
At this point, it's clear that you either have questionable reading comprehension skills, are being willfully ignorant, or are arguing in bad faith because it even says that tool calls outside of the Agent SDK harness has to use the Client SDK as the comments to the code used in the examples.What I don’t understand about policy violations is why Google never warns the user before banning. A simple alert or email would reduce so much frustration on the part of users and so much overhead for Google.
ToS change frequently and it’s not really fair to assume the user knows what is and is not correct use of tokens.
I think from their end, they see a lot more malicious users (e.g. spam accounts) that it's not worth providing a gentle warning before a ban. There might've been thousands more accounts created for Chinese companies for distillation[0], that Google didn't think of/weren't able to initially distinguish genuine user accounts just using a third party tool on their Antigravity token.
Like in a similar vein, Instagram sometimes randomly bans genuine users without appeal, probably because they deal with thousands more spam accounts that don't deserve a warning/appeals process.
[0] Like as Anthropic reported: https://www.anthropic.com/news/detecting-and-preventing-dist...
Not just Google. This seems to be the default for most tech giants. I was banned on Facebook for an unknown reason, not provided any explanation, and given zero recourse. Had to resort to reaching out to a friend who worked there.
Why is this published on github.com? Is google somehow incapable of making official announcements through their own web properties?
It’s interesting that with both Anthropic and Google we’re seeing them develop agentic models that are supposed to do anything a human can do on computers without human intervention, but at the same time, if you plug one program into another of their programs or APIs in a way that wasn’t preapproved you may be blocked or banned.
To be charitable, maybe they’re expecting AI agents to eventually start reading the ToS docs
I see a lot of comments in googles defense, part of me wonders whats the split between google employees(even so people in teams related to these products) and normies who ignore the true underlying issue here…
Google consistently fails to provide a process to deal with user issues. You donot see many reports of these at Amazon, Microsoft, Apple, and many more providers. Though Meta learns from google I think.
Microsoft has a had a few high profile cases of locking people out and taking their OneDrive with it with no ability to get support.
> Microsoft has a had a few high profile cases of locking people out and taking their OneDrive with it with no ability to get support.
Yes but as we're talking about Microsoft, these cases are probably explained by incompetence.
Just wanted to say that Windsurf is chugging along just great. No drama for users, excellent outputs at low cost. I am confused why they are not used more widely.
The problem wasn't antigravity, the problem was funneling clawdbot tokens through it (with a 3rd party plugin) to skirt API costs.
We use them as well. Great product.
Without the context of “Antigravity” being a product name this headline is science fiction gold.
All this whole thing did is ensure I never, ever use any google AI service. The fact that they didn't instantly comprehend what a total account ban means when they've got people with 20+ years worth of personal data in those accounts is incredibly concerning.
Refreshing response from Google especially given the incompetence with which Anthropic has handled bans.
Still no clarification if they block your whole Google account or just Gemini?
Not the entire Google account.
> bans for Antigravity usage also blocked access to Gemini CLI and Gemini Code Assist.
Disclosure: I work at Google, but not on anything related to this.
This is the correct way to handle this situation.
this is good.
problem is google's security concerns. when people connect gmail to openclaw, google flags the activity as weird and suspend the account because of unusual activity. Many whose accounts got locked because of this and they thought it was because they connected it to antigravity use against the policy (which happened in some cases). We will still see google account suspensions, and that would keep making news. and it wont be because of antigravity usage.
Complete risk to use google products like this with your real account. My youtube is still banned over uploading two clips of Dexter's Laboratory over 15 years ago.
Today I could have uploaded them fine, and let whoever owns the cartoon make money I was just a fan of the show.
The problem is that Google treats its customers as college kids who can be banned from a college maker lab for using too much 3D filament rather than entrepreneurs who are trusting their livelyhood to a service provider that promises to be reliable. If War Department uses too many Gemini tokens, do they cut them off, make them go through recertification process and permaban the next time around?
Which means that anyone serious about AI and not going local route should be using a provider with better reputation. I don't know if Alibaba, Z.ai or moonshots AI are also known for hair trigger responses, could be decent options for coding AI otherwise? If not, time to look for smaller providers with good reputation?
I feel dumb. I've never heard of Antigravity until now.
Good for you :)
Welcome to the singularity, now in progress. One of its defining features is that things move too fast for people to keep up.
By this logic though JavaScript frameworks were the singularity
lol. True. I guess the difference is “things that matter to technological progress” move too fast to keep up.
Incompetence of Google is amazing. They take an existing thing like Windsurf and somehow make it constantly coredump. And can't fix it for months.
this is the long-standing problem with using Google services. either they become deprecated and removed without notification, or they outright ban you for using tools as intended. either way, using Google tools for anything doesn't make business sense to anybody who's seen the history of this.
cool. now do something about the hundreds/thousands of people getting rate limited on Antigravity even after upgrading their plans, even on their $250 /month plan.
https://discuss.ai.google.dev/c/antigravity/64
> to address violations of the Antigravity Terms of Service (ToS), specifically the use of 3rd party tools or proxies to access Antigravity resources and quotas
Translation: Google doesn’t want you using Gemini oauth with openclaw
Another recent concern on other posts here on HN is whether a private company should have veto power over the US government. Or, another way to look at it, whether the US government should be able to designate a company as a supply chain risk and ban them from most business in the host country.
If I squint at the conversation, it doesn't seem that different from a behemoth company taking an employee of a private company and forcing them to still stop working for arbitrary reasons.
I'm giving agents and coding tools wide berth here, but if AI is going to replace all employees, what guarantees do you have as the employer that your employees will do your bidding, and not the bidding of enterprises with a shifting moral landscape?
Once we have tooling wrapped around specific agents, it'll be hard to rehire. What will we do then when our "employees" are furloughed?
This will be especially relevant when the big AI labs decide they need to enter a market to justify an obscene valuation. Or, when the sovereign wealth fund decides they don't like the direction of a business.
This is a good and honorable decision by Google. But it also brings up scary times ahead.
I am sick and tired of companies forcing a shitty fork of vscode down my throat. If I am paying let me use your api how I wish to. Most people aren’t malicious and just want to use their own workflow.