google-drive-mcp

Name: google-drive-mcp
Author: domdomegg

Verified Safe

by domdomegg

View Source

Overview

Facilitates AI systems to perform comprehensive file and folder management in Google Drive, including listing, searching, uploading, downloading, and managing comments and permissions, enabling workflows like content analysis, project scaffolding, and feedback synthesis.

Installation

Run Command

GOOGLE_CLIENT_ID='<YOUR_CLIENT_ID>' GOOGLE_CLIENT_SECRET='<YOUR_CLIENT_SECRET>' MCP_TRANSPORT=http npm start

Environment Variables

MCP_TRANSPORT
GOOGLE_CLIENT_ID
GOOGLE_CLIENT_SECRET
GOOGLE_ACCESS_TOKEN
PORT
MCP_BASE_URL

Security Notes

The server implements a robust OAuth proxy architecture to Google Drive API. It explicitly avoids holding tokens or state, relying on environment variables for Google OAuth credentials (`GOOGLE_CLIENT_ID`, `GOOGLE_CLIENT_SECRET`, `GOOGLE_ACCESS_TOKEN`). The `/authorize` and `/callback` endpoints securely handle redirects by encoding the client's `redirect_uri` within a base64url encoded `state` parameter, mitigating open redirect vulnerabilities. Token validation is performed using Google's `tokeninfo` endpoint and a cache, improving efficiency and preventing processing requests with expired tokens. No `eval`, code obfuscation, or obvious malicious patterns were found in the provided source. The broad `drive` scope is a user configuration choice rather than an inherent server vulnerability.

Similar Servers

google-docs-mcp

241

Allows AI assistants to programmatically interact with Google Docs, Sheets, and Drive for document management, editing, formatting, and file organization.

Other

$Medium

mcp-gsheets

A Model Context Protocol (MCP) server for Google Sheets API integration, enabling reading, writing, and managing Google Sheets documents directly from MCP clients like Claude Code, Claude Desktop, or Cursor.

Other

$Medium