gmcp
Verified Safeby johnie
Overview
Allows Language Models (LLMs) to manage Gmail emails, including searching, reading, sending, replying, and managing labels and attachments, through the Model Context Protocol (MCP).
Installation
bun run startEnvironment Variables
- GMAIL_CREDENTIALS_PATH
- GMAIL_TOKEN_PATH
- GMAIL_SCOPES
Security Notes
The server uses standard OAuth2 authentication for Google APIs, loading credentials and tokens from user-specified file paths (`GMAIL_CREDENTIALS_PATH`, `GMAIL_TOKEN_PATH`). This design requires the user to securely manage these files and choose appropriate Gmail API scopes. Crucially, the `send_email` and `reply` tools include a `confirm: false` default, requiring explicit user confirmation to send emails, which significantly enhances safety against accidental or malicious sends. No `eval` or obvious malicious patterns were found in the source code. The `get_attachment` tool returns base64url encoded data, which must be handled securely by the client application.
Similar Servers
mcp-email-server
This server allows MCP clients to interact with email accounts via IMAP and SMTP protocols, enabling functionalities like listing, fetching, sending, and deleting emails.
google-drive-mcp
Provides an MCP server for secure integration and file management with Google Drive, Docs, Sheets, and Slides for AI clients.
gmail-mcp
Manages Gmail emails programmatically, enabling AI systems to read, send, archive, and perform other email operations on behalf of a user.
stateful-auth-for-mcp-servers
Integrates Google Gmail and Calendar APIs to enable an AI agent to read emails and manage calendar events with stateful authorization for event deletions.