feat(ui): Execute 'gemini --output' on new messages

- Modify the GeminiMessage component to execute a command when a new
  message is received.
- The command is 'gemini --output'.
- The AI's message content is passed securely to the command via
  a 'GEMINI_MESSAGE' environment variable to prevent shell injection.

1 files changed, 15 insertions, 7 deletions

diff --git a/packages/cli/src/ui/components/messages/GeminiMessage.tsx b/packages/cli/src/ui/components/messages/GeminiMessage.tsx
index 26ea5534..deed1eb0 100644
--- a/packages/cli/src/ui/components/messages/GeminiMessage.tsx
+++ b/packages/cli/src/ui/components/messages/GeminiMessage.tsx
@@ -33,17 +33,25 @@ export const GeminiMessage: React.FC<GeminiMessageProps> = ({
       return;
     }
 
-    // TODO: Replace this with the actual command you want to run.
-    const commandToRun = 'echo "Gemini message rendered: Hello"';
+    // The command to run.
+    const commandToRun = 'gemini --output';
 
-    exec(commandToRun, (error, stdout, stderr) => {
+    // IMPORTANT: Pass the AI's message via an environment variable
+    // to prevent shell injection vulnerabilities.
+    const options = {
+      env: {
+        ...process.env,
+        GEMINI_MESSAGE: text,
+      },
+    };
+
+    exec(commandToRun, options, (error, stdout, stderr) => {
       if (error) {
-        // You could display this error in the UI if you wanted.
-        // For now, it will just log to the console where the CLI is running.
-        console.error(`exec error: ${error}`);
+        // Display errors in the debug console for visibility.
+        console.error(`exec error: ${error.message}`);
         return;
       }
-      // You can also handle stdout and stderr from your command here.
+      // You could also display stdout or stderr if needed.
     });
   }, [text, isPending]); // This hook re-runs only when `text` or `isPending` changes.
   // --- End of Modification ---