Safe Gmail MCP
A security-hardened Gmail MCP server for Claude Code that supports reading, labeling, archiving, and drafting emails, but cannot send or delete.
README
Safe Gmail MCP
A security-hardened Gmail MCP server for Claude Code. Supports reading, labeling, archiving, and drafting emails - but cannot send or delete.
Quick Start
git clone <this-repo>
cd safe-gmail-mcp
npm install
npm run init
The setup wizard will guide you through:
- Creating Google Cloud OAuth credentials
- Authenticating with your Gmail account
- Configuring Claude Code
Why This Exists
The original Gmail MCP has powerful capabilities that could be dangerous if misused:
- Send emails (impersonation risk)
- Delete emails (data loss)
- Create filters (auto-forward/delete)
This fork removes those dangerous operations while keeping everything needed for email triage workflows.
What You Can Do
| Tool | Description |
|---|---|
draft_email |
Create a draft email (you send manually) |
send_email |
Send email to yourself only (for reminders) |
read_email |
Read email content by ID |
search_emails |
Search with Gmail syntax |
list_email_labels |
List all labels |
create_label |
Create a new label |
update_label |
Update a label |
delete_label |
Delete a user-created label |
get_or_create_label |
Get existing or create new label |
modify_email |
Add/remove labels from an email |
batch_modify_emails |
Bulk label modifications |
download_attachment |
Save attachment to disk |
What You CANNOT Do
- Send emails to others (only drafts)
- Delete emails
- Create filters
Commands
| Command | Description |
|---|---|
npm run init |
Interactive setup wizard |
npm run auth |
Re-authenticate (if token expires) |
npm run status |
Check authentication status |
npm start |
Run the MCP server |
Manual Setup
If you prefer not to use the wizard:
1. Create Google Cloud OAuth Credentials
- Go to Google Cloud Console
- Create a new project
- Enable the Gmail API: APIs & Services > Library > Gmail API > Enable
- Configure OAuth consent screen:
- User type: External
- Add your email as a test user
- Create credentials: Credentials > Create > OAuth Client ID > Desktop app
- Download the JSON file
2. Set Up Credentials
mkdir -p ~/.safe-gmail-mcp
chmod 700 ~/.safe-gmail-mcp
mv ~/Downloads/client_secret_*.json ~/.safe-gmail-mcp/gcp-oauth.keys.json
chmod 600 ~/.safe-gmail-mcp/gcp-oauth.keys.json
3. Authenticate
npm run auth
4. Configure Claude Code
Add to your .mcp.json:
{
"mcpServers": {
"safe-gmail": {
"command": "node",
"args": ["/path/to/safe-gmail-mcp/src/index.js"],
"env": {
"GMAIL_OAUTH_PATH": "/Users/you/.safe-gmail-mcp/gcp-oauth.keys.json",
"GMAIL_CREDENTIALS_PATH": "/Users/you/.safe-gmail-mcp/credentials.json"
}
}
}
}
Troubleshooting
"Gmail API has not been used"
Enable Gmail API: APIs & Services > Library > Gmail API > Enable
"Access denied" or 403 error
Add your email as a test user in the OAuth consent screen.
Token expired
Run npm run auth to re-authenticate.
Port already in use
The auth flow tries ports 3000, 3001, 3002. Close any apps using these ports.
Security
See SECURITY.md for detailed security design documentation.
License
ISC (inherited from original project)
Credits
Recommended Servers
playwright-mcp
A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.
Magic Component Platform (MCP)
An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.
Audiense Insights MCP Server
Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.
VeyraX MCP
Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.
graphlit-mcp-server
The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.
Kagi MCP Server
An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.
E2B
Using MCP to run code via e2b.
Neon Database
MCP server for interacting with Neon Management API and databases
Exa Search
A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.
Qdrant Server
This repository is an example of how to create a MCP server for Qdrant, a vector search engine.