Google Sheets MCP
MCP server for Google Sheets - read, write, and query spreadsheet data
Score Breakdown
Server Info
- Package
- google-sheets-mcp
- Registry
- npm
- Repository
- domdomegg/google-sheets-mcp
- Maintainer
- Community
- Category
- Document Management
- Tags
- spreadsheetgoogledata
- Last Scanned
- 7 Apr 2026
Findings
4 issuesAuthentication & Identity
LOWImplements MCP OAuth spec for per-user authentication
Supports both stdio (with GOOGLE_ACCESS_TOKEN env var) and HTTP transport with full MCP OAuth spec implementation. HTTP mode exposes .well-known/oauth-authorization-server and .well-known/oauth-protected-resource endpoints, proxying through to Google OAuth. Uses StreamableHTTPServerTransport. Validates bearer tokens before processing requests.
Document the required OAuth scopes for each tool.
Tool Schema Quality
CRITICALDangerous execution surface: batch_update accepts arbitrary request objects via z.array(z.record(z.unknown())) allowing any Sheets API operation including destructive ones
Tool allows raw code/query execution which could be exploited via prompt injection.
Use parameterized queries or validated command sets.
Maintenance & Trust
LOWCommunity-maintained by Adam Jones (domdomegg)
No official vendor backing.
Seek vendor verification.
MEDIUM9 dependency vulnerabilities (6 high)
npm audit found 6 high severity CVEs.
Update vulnerable dependencies.
Tools
12 total| Name | Description | Risk |
|---|---|---|
| spreadsheet_get | Get spreadsheet metadata including title, sheets list, and optionally cell data | read |
| spreadsheet_create | Create a new Google Sheets spreadsheet | write |
| values_get | Read cell values from a spreadsheet range | read |
| values_batch_get | Read cell values from multiple ranges in a single request | read |
| values_update | Write cell values to a spreadsheet range (overwrites existing data) | write |
| values_batch_update | Write cell values to multiple ranges in a single request | write |
| values_append | Append rows of data after the last row with data in a range | write |
| values_clear | Clear cell values from a range (keeps formatting) | write |
| sheets_list | List all sheets (tabs) in a spreadsheet with their properties | read |
| sheet_add | Add a new sheet (tab) to a spreadsheet | write |
| sheet_delete | Delete a sheet (tab) from a spreadsheet | admin |
| batch_update | Execute multiple spreadsheet operations in a single request. Use for advanced operations like formatting, merging cells, creating filters, conditional formatting, sorting, etc. | write |
Deploy Google Sheets MCP securely
CompleteFlow adds per-user authentication, permission scoping, and audit logging to any MCP server out of the box.
Deploy on CompleteFlow