icloud-mcp

Overview Schema Related Servers Score Discussions

bulk_delete

Delete multiple iCloud emails at once using filters like sender, date, or subject. Preview deletions with dry run mode for safe bulk email management.

Instructions

Delete emails matching any combination of filters. Processes in chunks of 250 with per-chunk timeouts for reliability. Use dryRun: true to preview without making changes.

Input Schema

TableJSON Schema

Name	Required	Description
`sourceMailbox`	No	Mailbox to delete from (default INBOX)
`dryRun`	No	If true, preview what would be deleted without actually deleting
`sender`	No	Match exact sender email address
`domain`	No	Match any sender from this domain (e.g. substack.com)
`subject`	No	Keyword to match in subject
`before`	No	Only emails before this date (YYYY-MM-DD)
`since`	No	Only emails since this date (YYYY-MM-DD)
`unread`	No	True for unread only, false for read only
`flagged`	No	True for flagged only, false for unflagged only
`larger`	No	Only emails larger than this size in KB
`smaller`	No	Only emails smaller than this size in KB
`hasAttachment`	No	Only emails with attachments (client-side BODYSTRUCTURE scan — must be combined with other filters that narrow results to under 500 emails first)
`account`	No	Account name to use (e.g. 'icloud', 'gmail'). Defaults to first configured account. Use list_accounts to see available accounts.

Implementation Reference

lib/imap.js:1749-1791 (handler)

The `bulk_delete` function performs a chunked deletion of emails based on provided filters, utilizing a rate-limited IMAP client and per-chunk timeouts for robustness.

export async function bulkDelete(filters, sourceMailbox = 'INBOX', dryRun = false, creds = null) {
  const client = createRateLimitedClient(creds);
  await client.connect();
  await client.mailboxOpen(sourceMailbox);
  const query = buildQuery(filters);
  let uids = (await client.search(query, { uid: true })) ?? [];
  if (filters.hasAttachment) {
    if (uids.length > ATTACHMENT_SCAN_LIMIT) {
      await client.logout();
      return { error: `hasAttachment requires narrower filters first — ${uids.length} candidates exceeds scan limit of ${ATTACHMENT_SCAN_LIMIT}.` };
    }
    uids = await filterUidsByAttachment(client, uids);
  }

  if (dryRun) {
    await client.logout();
    return { dryRun: true, wouldDelete: uids.length, sourceMailbox, filters };
  }
  if (uids.length === 0) { await client.logout(); return { deleted: 0, sourceMailbox }; }

  let deleted = 0;
  for (let i = 0; i < uids.length; i += CHUNK_SIZE) {
    const chunk = uids.slice(i, i + CHUNK_SIZE);
    const chunkIndex = Math.floor(i / CHUNK_SIZE);
    try {
      await withTimeout(`bulk_delete chunk ${chunkIndex}`, TIMEOUT.BULK_OP, async () => {
        await client.messageDelete(chunk, { uid: true });
      });
      deleted += chunk.length;
    } catch (err) {
      await safeClose(client);
      return {
        deleted,
        failed: uids.length - deleted,
        sourceMailbox,
        filters,
        error: `Chunk ${chunkIndex} failed: ${err.message}. ${deleted} deleted so far, ${uids.length - deleted} remaining.`
      };
    }
  }
  await client.logout();
  return { deleted, sourceMailbox, filters };
}

Tool Definition Quality

A4.1/5.0

Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries the full burden and successfully discloses implementation details (chunks of 250, per-chunk timeouts) and safety mechanisms (dryRun). It could be improved by explicitly stating the destructive/irreversible nature or timeout failure behavior.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Three sentences with zero waste: front-loaded with the core action, followed by implementation details, and ending with safety guidance. Every sentence earns its place with specific, actionable information.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given 13 parameters and destructive capabilities with zero required parameters (risk of deleting everything if called with empty args), the description is missing critical safety warnings. It covers chunking and dryRun but fails to warn about the empty-filter scenario or explain expected outcomes without an output schema.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

While the schema has 100% coverage (baseline 3), the description adds valuable semantic context about how parameters interact ('any combination of filters') and provides usage syntax for the dryRun parameter, enhancing understanding beyond the schema definitions.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the specific action (Delete), resource (emails), and method (matching any combination of filters). It effectively distinguishes from sibling tools like 'bulk_delete_by_sender' or single 'delete_email' by emphasizing the flexible, combinatorial filter approach.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides explicit guidance on using dryRun for safe preview, which is valuable behavioral instruction. However, it lacks guidance on when to use this versus more specific alternatives (like 'bulk_delete_by_sender') or warnings about the zero required parameters.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/adamzaidi/icloud-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server