Connect Google Drive to search, manage, and collaborate on cloud files.
This tool is described as managing Google Drive files, folders, comments, and permissions, which implies normal cloud data access and network interaction, so the overall posture is caution. Its open-source MIT-licensed status is a positive factor, but missing documentation, low adoption, and unknown maintenance still warrant careful evaluation in a constrained environment.
The materials say no extra keys or environment variables are required, but managing Google Drive files and permissions would normally still require some form of Google authorization token or account consent; the docs do not explain how credentials are obtained, stored, or refreshed. There is no clear sign of credential theft, but the opaque auth model should still be treated as sensitive cloud-account access.
Although no remote host is listed in the registration metadata, the stated Google Drive functionality necessarily implies sending file contents, metadata, comments, or permission changes to Google Drive-related services. This egress is consistent with the declared purpose, and no unrelated or unknown third-party endpoints are indicated, so this is caution rather than high risk.
The system flags executes-code, meaning the MCP tool runs a local service process or executes code on the host. That is an inherent property of this class of tools by itself; the materials do not show requests for unusual system privileges, unrelated command execution, or stealthy persistence, so the rating is caution.
The description says it can list, search, upload, download, and manage Google Drive files/folders, as well as comments and permissions, so its data access spans user cloud-drive content and sharing controls. This scope matches the stated purpose, but it still involves reading/writing cloud data and modifying access controls, so permission boundaries should be minimized.
Positive factors are that the project is open source, auditable, and MIT-licensed, which materially lowers supply-chain risk; however, it comes from a third-party registry, has only 0 stars, unknown maintenance, and no README details provided, limiting verifiability and maturity. There is no explicit sign of malice, but trust signals are not strong enough for a low-risk rating.
Copy the install command and let the AI configure it · recommended for beginners
No copy-paste install info for "google-drive-mcp" yet — see the docs or source repo.
Search Google Drive for files containing the keyword "Q3 review", sort by most recently updated, and list the file name, parent folder, and link.
A list of matching files with names, folder locations, update times, and access links.
Upload files from the local folder "Contract Materials" to the Google Drive path "2025/Legal/Contracts"; create the folders if they do not exist and keep the original file names.
Creates the folder path, uploads the files in bulk, and returns upload results or failure details.
Review sharing permissions for all files in the "Marketing Weekly Reports" folder in Google Drive, identify items that are publicly accessible or available to anyone with the link, and generate a risk list.
A permission audit report highlighting high-risk files and their current sharing settings.
Securely search, read, create, and update Google Drive files in a scoped folder.
Search Google Drive files locally with a read-only MCP server.
Connect to Google Drive through one API for file access and workflow automation.
Search and read Google Drive, Docs, and Sheets for fast content extraction.
Securely manage Google files, docs, sheets, slides, and calendars with natural language.
Read, create, update, and manage Google Drive files through MCP tools.