Skip to content

taylorwilsdon/google_workspace_mcp

v1.20.4 Security

This release includes 2 security fixes for security teams reviewing exposed deployments.

Published 27d MCP SaaS Integrations
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 2 known CVEs

Topics

ai g-suite gmail google-calendar google-chat google-docs
+14 more
google-drive google-forms google-sheets google-tasks google-workspace gsuite llm llm-tools mcp mcp-server model-context-protocol model-context-protocol-server model-context-protocol-servers workspace

Affected surfaces

auth rbac

Summary

AI summary

Security fix: GitHub Actions workflow vulnerability that prevented fork PRs from executing arbitrary code (CWE-77).

Full changelog

What's Changed

  • API reliability and testing improvements - Added configurable API retry logic for Drive/Docs/Gmail write operations,
    included driveId field in detailed file listings, enhanced import_to_google_doc to accept file_path for batch operations, and
    expanded Drive tools test coverage by @taylorwilsdon in https://github.com/taylorwilsdon/google_workspace_mcp/pull/742
  • Security fix: GitHub Actions workflow vulnerability - Split ruff workflow into separate validation and autofix jobs,
    preventing fork PRs from executing arbitrary code with write permissions (CWE-77) by @taylorwilsdon in
    https://github.com/taylorwilsdon/google_workspace_mcp/pull/747
  • Security fix: GitHub Actions workflow vulnerability - Prevented fork PR code execution in ruff workflow by removing
    attacker-controlled repository checkout and restricting write permissions (CWE-77) by @sebastiondev in
    https://github.com/taylorwilsdon/google_workspace_mcp/pull/746
  • Per-request impersonation for service accounts - Added DWD_ALLOW_REQUEST_IMPERSONATION option enabling domain-wide
    delegation to impersonate different users per tool call instead of a single static user, with optional domain allowlist via
    DWD_ALLOWED_DOMAINS by @taylorwilsdon in https://github.com/taylorwilsdon/google_workspace_mcp/pull/749
  • Configuration and scope handling fixes - Fixed limited tools configuration and improved OAuth scope management for custom
    tool subsets by @taylorwilsdon in https://github.com/taylorwilsdon/google_workspace_mcp/pull/748
  • Shared Drives enumeration - Added list_shared_drives tool to enumerate accessible shared drives with metadata
    (capabilities, restrictions, creation time) and optional organizer listing via include_organizers parameter by @lacotousek in
    https://github.com/taylorwilsdon/google_workspace_mcp/pull/751
  • Apps Script execution scopes - Added required Apps Script API scopes to enable script execution functionality by
    @taylorwilsdon in https://github.com/taylorwilsdon/google_workspace_mcp/pull/757
  • Slides API validation - Added preflight validator for batch_update_presentation that detects and prevents invalid
    insertText operations targeting slide/page objects instead of text-capable shapes or table cells by @taylorwilsdon in
    https://github.com/taylorwilsdon/google_workspace_mcp/pull/760
  • OAuth callback resilience - Added missing state parameter fallback for single-user stdio OAuth callbacks, recovering PKCE
    verifiers from recently stored states when Google omits the state parameter by @taylorwilsdon in
    https://github.com/taylorwilsdon/google_workspace_mcp/pull/762
  • Slides validation refactoring - Extracted batch update validation logic into slides_helpers module with comprehensive
    request type checking, improving maintainability and test coverage by @taylorwilsdon in
    https://github.com/taylorwilsdon/google_workspace_mcp/pull/770

New Contributors

  • @sebastiondev made their first contribution in https://github.com/taylorwilsdon/google_workspace_mcp/pull/746
  • @lacotousek made their first contribution in https://github.com/taylorwilsdon/google_workspace_mcp/pull/751

Full Changelog: https://github.com/taylorwilsdon/google_workspace_mcp/compare/v1.20.3...v1.20.4

Security Fixes

  • GitHub Actions workflow vulnerability (CWE-77): Split ruff workflow into separate validation and autofix jobs, preventing fork PRs from executing arbitrary code with write permissions.
  • GitHub Actions workflow vulnerability (CWE-77): Removed attacker-controlled repository checkout and restricted write permissions to prevent fork PR code execution.
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track taylorwilsdon/google_workspace_mcp

Get notified when new releases ship.

Sign up free

About taylorwilsdon/google_workspace_mcp

Comprehensive Google Workspace MCP server with full support for Google Calendar, Drive, Gmail, and Docs, Forms, Chats, Slides and Sheets over stdio, Streamable HTTP and SSE transports.

All releases →

Related context

Beta — feedback welcome: [email protected]