slack-mcp
Verified Safeby duolingo
Overview
A read-only Model Context Protocol (MCP) server for Slack, providing secure, multi-user access to Slack data through a set of API tools.
Installation
docker run -p 8001:8001 -e SLACK_CLIENT_ID="your_client_id" -e SLACK_CLIENT_SECRET="your_client_secret" -e SLACK_MCP_BASE_URI="https://your-domain.com" -e SLACK_EXTERNAL_URL="https://your-domain.com" slack-mcpEnvironment Variables
- SLACK_CLIENT_ID
- SLACK_CLIENT_SECRET
- SLACK_MCP_BASE_URI
- SLACK_EXTERNAL_URL
- SLACK_MCP_PORT
Security Notes
The server demonstrates strong security practices, particularly in its OAuth and session management. It explicitly implements immutable session-to-user bindings and uses cryptographically secure state parameters for CSRF protection during the OAuth flow. Environment variables are used for sensitive credentials (Client ID/Secret), preventing hardcoding. It leverages well-established libraries like `fastmcp`, `fastapi`, and `slack-sdk`. No direct 'eval' or other obvious arbitrary code execution vectors were found. The primary risk would be misconfiguration of environment variables or allowing access to untrusted clients, which is external to the code's direct vulnerabilities.
Similar Servers
fastmcp
FastMCP is an ergonomic interface for the Model Context Protocol (MCP), providing a comprehensive framework for building and interacting with AI agents, tools, resources, and prompts across various transports and authentication methods.
mcp-context-forge
Converts web content (HTML, PDF, DOCX, etc.) and local files from a URL into high-quality Markdown format. It supports multiple conversion engines, content optimization, batch processing, and image handling.
slack-mcp-server
Provides a Model Context Protocol (MCP) server for integrating Slack workspace data and communication capabilities with AI models and agents.
slack-mcp-client
This client bridges Slack with AI models and external tools via the Model Context Protocol (MCP), enabling AI to interact with real systems and data through Slack conversations.