Delv
CommunityAbandoned· 10mo2,700t4.3by GongRzhe

Gmail

Read, search, send, label Gmail messages from Claude. Note: original repo archived March 2026; community forks may be more current.

View repo
C
Safety & Trust

Delv Safety Grade: C

Score 58/100 · assessed 2026-04-22

Maintainer40
Permissions55
Supply chain65
Transparency60
Incidents100

Gmail MCP Server is a community-built tool by solo developer GongRzhe that grants Claude full read and write access to your Gmail account via OAuth. The maintainer score is low because this is a single-developer project with limited track record and the description notes the original repo will be archived in March 2026, suggesting uncertain long-term maintenance. Permissions are broad: reading all messages, sending emails on your behalf, and modifying labels means Claude has nearly complete control of your inbox. The package is distributed via npm with reasonable versioning, but as a community project it lacks the review depth of official integrations. Transparency is moderate with open source code but thin documentation. No known security incidents, but the combination of sensitive email access and solo maintenance warrants caution. Suitable for personal experimentation but risky for production use with sensitive correspondence.

Lethal Trifecta (prompt-injection exposure)

TRIFECTA RISK
All three axes present. This server can read private data, ingest attacker-controlled content, and send data outbound. A poisoned input (a GitHub issue, an email, a webpage) can exfiltrate secrets via this chain. Only install with auditing; avoid on shared or cloud agents.
Private dataYes
Reads secrets, credentials, private files
Untrusted inputYes
Ingests web pages, PRs, issues, emails
External commsYes
Can send data outbound

Reads inbox (private), processes attacker-controlled email bodies (untrusted), can send email (outbound). Trifecta.

Green flags

  • Uses proper OAuth flow rather than app passwords or direct credentials
  • Published to npm with standard package distribution
  • Open source code available for inspection on GitHub
  • Scoped to Gmail only, not broader Google Workspace access

Red flags

  • Solo maintainer with uncertain long-term commitment (repo archived March 2026)
  • Full read/write access to entire Gmail account including sensitive messages
  • OAuth credentials stored locally create credential theft risk
  • Community project lacks security review from Google or Anthropic
  • Sending capability means AI could email anyone without additional confirmation

Permissions requested

Read messagesSend messagesOutbound networkAccess secretsIdentity read
Assessed by Delv Editorial using public metadata. Grades are advisory and update as the ecosystem changes. They do not replace your own review of permissions and code before granting an agent access to sensitive systems.

Install

npx @gongrzhe/server-gmail-autoauth-mcp
Env vars needed: GMAIL_CLIENT_IDGMAIL_CLIENT_SECRET

Review

Gmail MCP Server lets Claude read, search, send, and label your Gmail directly from the chat interface. It's the most complete community-built email integration I've tested. You authenticate once with OAuth, then Claude can triage your inbox, draft replies, or pull up threads by date or sender without you switching windows. I've used it for morning email sweeps: ask Claude to show unread messages from the last 24 hours, summarise each, then draft replies to the urgent ones. It handles labels well, so you can automate filing into folders or marking things for follow-up. The search is proper Gmail search syntax, which means you can use operators like 'from:' or 'subject:' and get exactly what you'd expect in the web UI. Setup requires a Google Cloud project and OAuth credentials, which is fiddly but standard for anything touching Gmail's API. You'll need to enable the Gmail API in your project and create OAuth 2.0 credentials. The repo walks you through it, but expect 10 minutes of clicking around Google Cloud Console if you've never done it before. Once configured, it's stable. I haven't had it drop auth or fail to fetch messages. Quirks: it can't handle attachments beyond listing them, so if you need to download or send files, you're back in the browser. The send function works but doesn't support rich formatting, just plain text. If your workflow involves a lot of inline images or complex HTML emails, this won't replace your client. Also, it's community-maintained, so updates depend on the author's time. Who shouldn't bother: if you only check email a few times a day and don't mind context-switching, this is overkill. It shines when you're doing repetitive triage or need to query your inbox as part of a larger task, like pulling all messages from a client and summarising them for a report. If you're not on Claude Desktop or Cursor, you'll need to wire it up manually, which adds friction.
Verdict

Best community Gmail integration for Claude. Install it if you do email triage in bulk or want to query your inbox without leaving your editor. Skip if you rarely need email context mid-task or aren't comfortable setting up OAuth credentials.

Good at

  • Full Gmail search syntax support, so you can use the same operators you know from the web UI.
  • Handles labels and sending, not just reading, which makes it useful for triage workflows.
  • OAuth setup is standard Google practice, so it's as secure as any other Gmail integration.
  • Stable once configured. I haven't had auth drop or messages fail to load.

Watch out

  • No attachment handling beyond listing them, so you can't download or send files.
  • Send function is plain text only, no rich formatting or HTML emails.
  • OAuth setup is fiddly if you've never created a Google Cloud project before.
  • Community-maintained, so updates and support depend on the author's availability.

Getting started

1. Create a Google Cloud project, enable the Gmail API, and generate OAuth 2.0 credentials (Client ID and Secret). Download the credentials JSON. 2. Set GMAIL_CLIENT_ID and GMAIL_CLIENT_SECRET as environment variables from the credentials file. 3. Add the server to your Claude Desktop or Cursor config using the npx command from the repo (typically 'npx -y gmail-mcp-server'). 4. Restart your host and authenticate via the OAuth flow when prompted. Claude will open a browser window for you to grant access. 5. Test by asking Claude to 'show my unread emails from today'. Watch out: the first auth flow can time out if you're slow to approve, just restart and try again.

Works with

Claude DesktopCursor

Similar MCPs