// MCP TOOL REFERENCE
Critical Risk

GOOGLEDRIVE_DELETE_PERMISSION

Deletes a permission from a file by permission id. use when you need to revoke access for a specific user or group from a file.

Single-target operation

Part of the Google Drive MCP server. Enforce policies on this tool with Intercept, the open-source MCP proxy.

@modelcontextprotocol/server-gdrive Destructive Risk 4/5
// WHEN AI AGENTS USE THIS TOOL

AI agents may call GOOGLEDRIVE_DELETE_PERMISSION to permanently remove or destroy resources in Google Drive. Without a policy, an autonomous agent could delete critical data in a loop with no way to undo the damage. Intercept blocks destructive tools by default and requires explicit human approval before enabling them.

// WHY ENFORCE A POLICY ON GOOGLEDRIVE_DELETE_PERMISSION

Without a policy, an AI agent could call GOOGLEDRIVE_DELETE_PERMISSION in a loop, permanently destroying resources in Google Drive. There is no undo for destructive operations. Intercept blocks this tool by default and only allows it when a human explicitly approves the action.

// RECOMMENDED POLICY

Destructive tools permanently remove data. Block by default. Only enable with explicit approval workflows.

google-drive.yaml 
tools:
  GOOGLEDRIVE_DELETE_PERMISSION:
    rules:
      - action: deny
        reason: "Blocked by default — enable with approval"

See the full Google Drive policy for all 21 tools.

// DETAILS
Tool Name GOOGLEDRIVE_DELETE_PERMISSION
Category Destructive
MCP Server Google Drive MCP Server
Risk Level Critical
// MORE GOOGLE DRIVE TOOLS
Destructive GOOGLEDRIVE_DELETE_COMMENT Destructive GOOGLEDRIVE_DELETE_DRIVE Destructive GOOGLEDRIVE_DELETE_REPLY Destructive GOOGLEDRIVE_EMPTY_TRASH Write GOOGLEDRIVE_ADD_FILE_SHARING_PREFERENCE Write GOOGLEDRIVE_COPY_FILE Write GOOGLEDRIVE_CREATE_COMMENT Write GOOGLEDRIVE_CREATE_DRIVE

View all 21 tools →

// RELATED READING
// FAQ
What does the GOOGLEDRIVE_DELETE_PERMISSION tool do? +

Deletes a permission from a file by permission id. use when you need to revoke access for a specific user or group from a file.. It is categorised as a Destructive tool in the Google Drive MCP Server, which means it can permanently delete or destroy data. Block by default and require explicit approval.

How do I enforce a policy on GOOGLEDRIVE_DELETE_PERMISSION? +

Add a rule in your Intercept YAML policy under the tools section for GOOGLEDRIVE_DELETE_PERMISSION. You can allow, deny, rate-limit, or validate arguments. Then run Intercept as a proxy in front of the Google Drive MCP server.

What risk level is GOOGLEDRIVE_DELETE_PERMISSION? +

GOOGLEDRIVE_DELETE_PERMISSION is a Destructive tool with critical risk. Critical-risk tools should be blocked by default and only enabled with explicit human approval.

Can I rate-limit GOOGLEDRIVE_DELETE_PERMISSION? +

Yes. Add a rate_limit block to the GOOGLEDRIVE_DELETE_PERMISSION rule in your Intercept policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block GOOGLEDRIVE_DELETE_PERMISSION completely? +

Set action: deny in the Intercept policy for GOOGLEDRIVE_DELETE_PERMISSION. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides GOOGLEDRIVE_DELETE_PERMISSION? +

GOOGLEDRIVE_DELETE_PERMISSION is provided by the Google Drive MCP server (@modelcontextprotocol/server-gdrive). Intercept sits as a proxy in front of this server to enforce policies before tool calls reach the server.

Enforce policies on Google Drive

Open source. One binary. Zero dependencies.

npx -y @policylayer/intercept
github.com/policylayer/intercept →
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.