Built-in Google Drive MCP feels like forced opt-in / Microsoft-style assumption

Resolved 💬 3 comments Opened Apr 8, 2026 by rriley23 Closed Apr 8, 2026

Preflight Checklist

  • [x] I have searched existing requests and this feature hasn't been requested yet
  • [x] This is a single feature request (not multiple features)

Problem Statement

Claude Code ships with a Google Drive MCP (claude.ai Google Drive -> https://drivemcp.googleapis.com/mcp/v1) pre-registered with no user consent and no way to remove it via claude mcp remove. It shows up in claude mcp list as "Needs authentication" on a fresh install.

While it's technically dormant until authenticated, discovering an unknown MCP server pointed at a Google endpoint — that you never asked for — reads as malware-adjacent. It's the kind of "we assumed you'd want this" behavior that erodes trust. Microsoft got a lot of grief for exactly this pattern.

Proposed Solution

Suggestion: either don't pre-register it at all (true opt-in), or at minimum make claude mcp remove work on built-ins so users have agency over their own MCP surface area.

Alternative Solutions

Suggestion: either don't pre-register it at all (true opt-in), or at minimum make claude mcp remove work on built-ins so users have agency over their own MCP surface area.

Priority

Low - Nice to have

Feature Category

MCP server integration

Use Case Example

_No response_

Additional Context

_No response_

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗