Critical-risk tools in Gmail

Critical severity Gmail MCP Server 3 of 20 tools

3 of the 20 tools in Gmail are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at critical risk

GMAIL_DELETE_DRAFT Destructive 4/5

Permanently deletes a specific gmail draft using its id; ensure the draft exists and the user has necessary permissions for the given `user id`.
GMAIL_DELETE_MESSAGE Destructive 4/5

Permanently deletes a specific email message by its id from a gmail mailbox; for `user id`, use 'me' for the authenticated user or an email address to which the authenticated us...
GMAIL_REMOVE_LABEL Destructive 4/5

Permanently deletes a specific, existing user-created gmail label by its id for a user; cannot delete system labels.

Attacks that target this class

Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Critical-risk tools in Gmail

Tools at critical risk

Attacks that target this class

More on Gmail

Enforce policy on Gmail