Gmail MCP Server
UnverifiedREPOjmonsellier/gmail-mcp-server
F
Catalogue entry updated 8 days ago
Auth postureNot probedno remote endpoint probed yet
Tools61 Destructive · 1 Execute · 2 Write · 2 Read
Worst categoryDestructivegrade tracks the peak, not the average
Capability mix
Destructive 1Execute 1Write 2Read 2
What it can reach
Ingests untrusted inputTouches secretsReaches networkRuns codeTouches filesChanges permissionsSends external commsPersistsDeletes dataMoves money
Exfiltration pathReads content an attacker can plant and can send data outward — a prompt-injection-to-exfiltration route.
Change history
No changes recorded since first scan. Watched servers surface a diff within the hour.
Recommended policy
trash-emaildeny
open-emailrequire approval
mark-email-as-readrate limit
Read-only toolsallow
Full policy breakdown with enforcement rules →