Why I Built a 109-Tool Gmail MCP Server
I use Claude Code for everything. Email management shouldn't be the exception.
When the Model Context Protocol launched, Gmail MCP servers started popping up everywhere. I tried the popular ones. They all had the same problems.
The landscape is a mess
The most-starred Gmail MCP server — gongrzhe/gmail-mcp-server with 1.1K stars — hasn't been updated since August 2025. It has 72 unmerged pull requests. Bugs reported months ago sit untouched.
It has 12 tools. Twelve. Gmail's API has hundreds of endpoints across messages, threads, labels, filters, settings, delegates, forwarding, and more.
The other options aren't better. Some include telemetry (opt-out, not opt-in). Some haven't been updated in over a year. None of them encrypt credentials — they all store your Google OAuth tokens as plaintext JSON files.
So I built PRISM
PRISM started as a personal tool. I needed my AI to manage my email — not just search and send. Create filters. Set up forwarding rules. Configure vacation responders. Handle delegate access. Export threads for legal cases.
The tool list grew from 15 to 30 to 50 to 92. At some point I realized: this is the most complete Gmail MCP server that exists.
What 109 tools actually means
Every Gmail API endpoint has a tool:
- Messages (16 tools): Send, read, search, list, modify, trash, untrash, delete, batch modify, import — plus full RFC2822 support with attachments, CC, BCC, reply-to
- Settings (11 tools): Vacation responder, IMAP/POP config, language, signatures — things you'd normally do in the Gmail web UI
- Threads (10 tools): Full thread operations with label management, archiving, batch operations
- Delegates (5 tools): Add, remove, list delegates — critical for business accounts
- Multi-account (4 tools): Switch between Gmail accounts without reconfiguring
When I tell Claude "set up a filter that archives all newsletters and labels them 'Newsletters'", it works. When I say "configure my vacation responder for next week", it works. When I say "export all threads with my accountant to PDF", it works.
Privacy isn't a feature, it's a constraint
PRISM has zero telemetry. Not "minimal telemetry." Zero. No analytics, no tracking, no phone-home, no crash reports. Nothing leaves your machine except the Gmail API calls you explicitly make.
Your credentials are encrypted at rest with AES-256-GCM using a machine-derived key via scrypt. Not plaintext JSON like every other Gmail MCP server.
The technical decisions
Middleware pipeline: Every tool goes through rate-limit → cache → retry → audit. No exceptions. Every tool automatically respects Gmail's quota limits, caches intelligently, retries on transient failures, and logs for debugging.
TypeScript strict mode: Zero any types. Zod validation on every tool input.
LRU cache with per-data-type TTLs: Labels change rarely (5 min TTL). Message content never changes (2 min TTL). Thread lists change frequently (30 sec TTL). One-size-fits-all caching doesn't work for email.
Open-core model: All 109 tools are dual-licensed (MIT + commercial). Free forever. Pro tier adds team features — not gated tools.
Try it
npm install -g @synthcorp/prism
prism auth109 tools. Zero telemetry. Your email, your rules, your agent.