mcp-telegram
Provides an MCP server/CLI that connects LLM agents to Telegram via Telethon (MTProto), enabling sending/editing/deleting messages, searching dialogs, managing drafts, and downloading media through MCP tools.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Uses Telegram MTProto via Telethon; transport security is expected over HTTPS/TCP, but the README does not explicitly state TLS requirements. Auth is based on Telegram API credentials plus a stored session file; no OAuth/scopes are documented, so access control is coarse. README warns to keep API credentials private and mentions stored session data. Multiple-instance use of the same session file may cause SQLite locking issues (reliability/security-adjacent operational concern). No security hardening (encryption of session file, audit logging, explicit redaction behavior) is documented in the provided text.
⚡ Reliability
Best When
You need local/on-prem style Telegram access for an MCP-enabled agent and can run the CLI/MCP server securely with a dedicated session.
Avoid When
You need OAuth-style app authorization, fine-grained per-tenant permissions, or a documented, standardized error contract for programmatic retries.
Use Cases
- • Letting an AI assistant send messages to Telegram users/chats
- • AI-assisted moderation workflows (e.g., delete/edit messages) with human review
- • Retrieving and summarizing Telegram message history via search/history tools
- • Media retrieval workflows (download photos/videos/documents) for downstream analysis
Not For
- • Automated bulk spam or abusive messaging
- • Use without understanding Telegram Terms of Service and user/device consent
- • Use where strong enterprise compliance/audit controls are required without additional hardening
Interface
Authentication
Authentication is session-based (Telethon SQLite session). No OAuth or explicit scopes are documented; access is effectively governed by possession of the session/credential storage configured via env/session files.
Pricing
No pricing information provided; it appears to be an open-source CLI package.
Agent Metadata
Known Gotchas
- ⚠ Use of multiple concurrent mcp-telegram instances with the same session file can trigger Telethon SQLite 'database is locked' errors.
- ⚠ Authentication is interactive (login prompts) and relies on a locally stored session; agents will need pre-authenticated setup or scripted environment provisioning.
- ⚠ The README does not document tool parameter schemas or structured error codes, so robust agent-side handling may require inspection of runtime behavior.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for mcp-telegram.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.