// SCAN REPORT

Google Photos MCP Server

19 tools. 8 can modify or destroy data without limits.

8 write tools that can modify data. Rate limits recommended.

Last updated: 11 Jun 2026

8 can modify or destroy data

11 read-only

19 tools total

Community server · catalogue entry verified 11/06/2026

How to control Google Photos MCP Server ↓

TOOL MAP

What Google Photos MCP Server exposes to your agents

Read (11) Write / Execute (8) Destructive / Financial (0)

Running more than one server? Check your whole stack →

MOST DANGEROUS TOOLS

High Risk

The most dangerous Google Photos MCP Server tools

Execute · High start_auth While not destructive or financial, this tool executes an authentication workflow that initiates external operations and stores credentials with side effects. Write · Medium add_album_enrichment This tool creates or modifies album enrichment data (text and location metadata) reversibly. Write · Medium add_media_to_album This tool modifies the state of Google Photos albums by adding media items to them. Write · Medium create_album The tool creates a new album, which is a write operation that modifies the user's photo library structure.

8 of Google Photos MCP Server's 19 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

POLICY

How to control Google Photos MCP Server

PolicyLayer is an MCP gateway — it sits between your AI agents and Google Photos MCP Server, and nothing reaches the server without passing your rules. These are the rules we recommend:

Rate limit write operations

{
  "add_album_enrichment": {
    "limits": [
      {
        "counter": "add_album_enrichment_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations

{
  "auth_status": {
    "limits": [
      {
        "counter": "auth_status_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

Create a free account and register Google Photos MCP Server — nothing to install.
Add these rules — paste them, or build them visually. Tune the limits to your setup.
Point your MCP client (Claude, Cursor, anything) at your gateway URL.

ENFORCE POLICY ON GOOGLE PHOTOS →

Free to start. No card required.

FULL CATALOGUE

All 19 Google Photos MCP Server tools

EXECUTE 1 tools

Execute start_auth Start Google OAuth authentication flow. Spins up a temporary local server, returns a URL to visit in your brow

WRITE 7 tools

Write add_album_enrichment Add a text or location enrichment to a Google Photos album. Write add_media_to_album Add existing media items to a Google Photos album. Maximum 50 items per call. Write create_album Create a new Google Photos album Write create_album_with_media Create a new album and upload multiple local files to it in one step. Handles partial failures — returns per-f Write create_picker_session Create a Google Photos Picker session. Returns a pickerUri the user must open in their browser to select photo Write set_album_cover Set the cover photo of a Google Photos album. Write upload_media Upload a local media file to Google Photos. Reads bytes from filePath and creates a new media item.

READ 11 tools

Read auth_status Check authentication status with Google Photos Read describe_filter_capabilities Returns a machine-readable JSON reference of all valid Google Photos search filter options, constraints, and e Read get_album Get details of a specific album Read get_photo Get details of a specific photo by ID Read list_album_photos List photos in a specific album Read list_albums List all photo albums Read list_media_items List all media items in the library (not filtered by album) Read poll_picker_session Poll a Picker session to check if the user has finished selecting photos. If selection is complete (mediaItems Read search_media_by_filter Search media items using structured filters (dates, categories, media type, features). Use this for determinis Read search_photos Search for photos using a text query Read search_photos_by_location Search for photos by location name

EXPLORE

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

FAQ

Questions about Google Photos MCP Server

How do I prevent bulk modifications through Google Photos MCP Server? +

The Google Photos MCP Server server has 7 write tools including add_album_enrichment, add_media_to_album, create_album. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Google Photos MCP Server.

How many tools does the Google Photos MCP Server MCP server expose? +

19 tools across 3 categories: Execute, Read, Write. 11 are read-only. 8 can modify, create, or delete data.

How do I enforce a policy on Google Photos MCP Server? +

Register the Google Photos MCP Server MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Google Photos MCP Server tool call.

Deterministic rules across all 19 Google Photos MCP Server tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

ENFORCE POLICY ON GOOGLE PHOTOS →

Free to start. No card required.

19 Google Photos MCP Server tools catalogued and risk-classified — across an index of 43,000+ MCP servers.