telegram-mcp-api
by DimaPhil
Overview
Telegram integration for AI agents (Claude, Cursor) via MCP and local scripts via HTTP API for automation.
Installation
docker compose up --build -dEnvironment Variables
- TELEGRAM_API_ID
- TELEGRAM_API_HASH
- TELEGRAM_SESSION_STRING
- TELEGRAM_SESSION_NAME
Security Notes
The HTTP API (`api.py`) binds to `0.0.0.0:8080` by default and lacks any explicit authentication or authorization mechanisms. This means anyone on the network with access to the host machine can potentially send requests to the API and control the Telegram account (send messages, delete chats, ban users, etc.) with full permissions. While the `docker-compose.yml` configuration may imply local usage, binding to `0.0.0.0` is a significant risk if deployed without strict network isolation (e.g., firewall rules). The MCP server, operating over stdio, has less network exposure, but its capabilities are equally broad. Sensitive Telegram API credentials are correctly handled via environment variables (`.env`). Input validation for chat/user IDs is present, which mitigates some basic injection risks. However, the lack of API-level access control is a critical vulnerability for the HTTP API component.
Similar Servers
line-bot-mcp-server
Integrates AI agents with LINE Messaging API for automated communication and management of LINE Official Accounts.
fast-mcp-telegram
Enables AI assistants to interact with Telegram for messaging, search, and contact management via a standardized MCP interface.
WeChat-MCP-Server
Integrate WeChat message sending capabilities into AI assistants using the Model Context Protocol (MCP).
miyabi-mcp-bundle
An all-in-one MCP server providing a vast array of development, monitoring, and automation tools, enabling Claude Desktop and AI agents to perform complex software development, operations, and analysis tasks efficiently and securely.