TheFinalDiscordMCP

Name: TheFinalDiscordMCP
Author: DawnReaverWOWS

Verified Safe

by DawnReaverWOWS

View Source

Overview

Provides AI assistants with comprehensive control over Discord servers by offering a Model Context Protocol (MCP) interface, REST API, and prefix commands for managing channels, messages, users, voice, and server automation.

Installation

Run Command

npm start

Environment Variables

DISCORD_TOKEN
DISCORD_GUILD_ID
MCP_HTTP_PORT
RATE_LIMIT_PROTECTION
ENABLE_LOGGING
HTTP_ONLY
CORS_ORIGINS
CORS_ALLOW_ALL
MAX_RETRIES
RETRY_DELAY
TIMEOUT
ALLOWED_ACTIONS
DENIED_ACTIONS

Security Notes

The server demonstrates strong security practices. It extensively uses a dedicated `SecurityUtils` class for input validation, sanitization (e.g., Discord snowflake IDs, command arguments), and robust SSRF prevention (whitelisting domains, blocking private IPs, and reconstructing URLs from validated components when downloading images). Role-based permission checks and hierarchy validation are consistently applied before performing sensitive Discord operations (moderation, channel/role management). CORS is explicitly configured to avoid wildcards in production. Hardcoded secrets are avoided, relying on environment variables. The use of Zod for schema validation adds an additional layer of input validation. Potential minor risks exist if the `ALLOWED_UPLOAD_DIRS` environment variable is misconfigured by the user to include sensitive system paths, or if `CORS_ALLOW_ALL` is set in production.

Similar Servers

mcp-discord

An MCP server that enables AI assistants to interact with the Discord platform by providing tools for communication, channel management, and server information retrieval.

AI & ML

$Medium

ncp

Acts as a unified orchestrator for various Model Context Protocol (MCP) servers, making them discoverable and executable by AI agents, and providing built-in features like scheduling, management, and dynamic code execution.

Coding Agents

$Medium