telegram-mcp
Verified Safeby stevehorn
Overview
Searches for messages within a specified Telegram group or channel using keywords, date filters, and extended metadata.
Installation
node /absolute/path/to/telegram-mcp/dist/src/index.jsEnvironment Variables
- TELEGRAM_API_ID
- TELEGRAM_API_HASH
- TELEGRAM_PHONE
- TELEGRAM_SESSION
- TELEGRAM_GROUP_ID
Security Notes
The server handles Telegram API credentials and a session string, which are critical secrets. It correctly uses environment variables for these. The core functionality involves calling the Telegram API's search endpoint with user-provided queries. While no direct 'eval' or arbitrary command injection vulnerabilities are immediately apparent from user input within the provided source code, the reliance on third-party libraries (`telegram`, `chrono-node`) introduces external dependencies whose security is paramount. The `includeExtendedMetadata` option triggers additional API calls (e.g., for reply context, sender info per message), potentially increasing the attack surface or leading to rate-limiting issues if abused. Overall, the approach to secrets management and tool invocation appears standard and reasonably secure.
Similar Servers
wa_llm
An AI-powered WhatsApp bot that joins groups, summarizes conversations, and answers questions using a knowledge base.
kindly-web-search-mcp-server
Provides web search with robust, LLM-optimized content retrieval from various sources (StackExchange, GitHub, Wikipedia, arXiv, and general webpages) for AI coding assistants.
whatsapp-mcp-ts
Connects a personal WhatsApp account to an AI agent, enabling the agent to search messages and contacts, list chats, retrieve message history, and send messages via WhatsApp.
fast-mcp-telegram
Enables AI assistants to interact with Telegram for messaging, search, and contact management via a standardized MCP interface.