Gmail MCP
Manage Gmail end-to-end from an agent: send, draft, reply, label, search, and bulk-modify messages.
🛡️ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for Gmail MCP, derived from its capabilities.
AIVSS 8.6 · High
View MAESTRO 7-layer threat model →Overview
This connector lets an AI agent operate a user's Gmail account: sending, drafting, replying, forwarding, and bulk-modifying or deleting messages and threads, plus label/archive/trash organization and attachment retrieval. It also reads contacts to autofill recipients. It holds broad OAuth mail scopes, so a poisoned tool result or prompt injection could exfiltrate or destroy mail, making scope minimization and human confirmation essential.
Key features
- Send/draft/reply/forward email
- Label, archive, trash, bulk-modify threads
- Search messages and read attachments
- Contacts access for autofill
Use cases
- Automate inbox triage and replies
- Draft and send email from an assistant