Critical-risk tools in Google MCP Remote

Critical severity Google MCP Remote MCP Server 5 of 35 tools

5 of the 35 tools in Google MCP Remote are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.

Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.

Tools at critical risk

calendar_deleteEvent Destructive

Delete a calendar event
drive_deleteFile Destructive

Delete a file (moves to trash by default).
gmail_deleteEmail Destructive

Delete an email (moves to trash by default).
tasks_deleteTask Destructive

Delete a task permanently.
tasks_deleteTaskList Destructive

Delete a task list permanently. This also deletes all tasks within it.

Attacks that target this class

Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.

Destructive Action Autonomy
Privilege escalation via admin-only tools
Data exfiltration via tool chaining
Runaway Tool Loops

Critical-risk tools in Google MCP Remote

Tools at critical risk

Attacks that target this class

More on Google MCP Remote

Enforce policy on every Google MCP Remote tool call.