74
grade C
10 days ago
glama
gemini-cli-mcp
A secure MCP server that wraps the Google Gemini CLI, allowing clients to query Gemini models using local OAuth sessions without requiring an API key. It provides tools for model interaction and diagnostics with built-in protection against command injection.
Install from
M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.
// key findings
✅
No credential exfiltration, no sensitive file access, no obfuscation
Static analysis found nothing flowing your secrets to unexpected places.
✅
Open source with a license and README
Anyone can audit the code, the license is declared, and the publisher documents what it does.
// required environment variables
This server reads these from
process.env. You'll be asked to provide them before it can run.config
GEMINI_BIN— gemini Path to Gemini CLI binaryconfig
GEMINI_MAX_RESPONSE— 100000 Max response chars before truncationconfig
GEMINI_MODEL— gemini-2.5-flash Default modelconfig
GEMINI_STARTUP_TIMEOUT— 15000 Phase 1 idle timeout (ms) — CLI startup and initial responseconfig
GEMINI_SYSTEM_MD— (bundled minimal) Path to custom system prompt, or "default" for Gemini built-inconfig
GEMINI_TIMEOUT— 120000 Phase 2 idle timeout (ms) — thinking, resets on each output chunk// full audit trail
The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.
// improvement guidance — verified publishers only
We have 2 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.
// embed badge in your README
[](https://m8ven.ai/mcp/xjoker-gemini-cli-mcp-6wt75x)commit: be9fa22a9cc3f678328fc8fc6d3925018310ea00
code hash: de725c164461db653e4235a84ec88a445d4ea4cc4aba1047ad09bbc8c18d8a0d
verified: 4/11/2026, 2:29:20 PM