discord-mcp
discord-mcp is an MCP server plus CLI that lets an AI assistant manage a Discord guild/server using natural language. It provides a large set of Discord administration tools (roles, channels, members, messages, moderation, events, automod, polls, webhooks, etc.), includes an interactive setup wizard (bot creation/token validation/invite generation and client config), and offers a health check/permission audit.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Uses a Discord bot token provided via environment variables and requires Discord permissions granted through the invite OAuth flow; this enables a health check/permission audit but does not evidence fine-grained scoping beyond Discord’s permission system. The provided content does not show secret-handling guarantees (e.g., redaction in logs) or dependency/version security posture. Rate-limit behavior and retry/backoff strategy are not documented in the provided excerpt, which can lead to accidental repeated actions under agent retries.
⚡ Reliability
Best When
You want a broad set of Discord admin capabilities available to an MCP-capable agent, and you can securely handle a Discord bot token and restrict the bot’s permissions to what’s needed.
Avoid When
You cannot secure secrets, or you need strong guarantees around retries/idempotency and auditability of agent-initiated changes.
Use Cases
- • Automating Discord server administration via an AI assistant
- • Creating/modifying roles and channel structures
- • Moderation actions like kicks/bans/timeouts and automod rule management
- • Messaging operations including thread-aware sends/edits/deletes and reactions
- • Generating and auditing required Discord bot permissions before connecting an agent
- • Managing server events, forums, scheduled activities, and polls
- • Admin tasks like audit log viewing and server templates/integrations
Not For
- • Unsupervised operation without human approval (many tools can irreversibly change server state)
- • Use in environments where exposing a Discord bot token to an agent runtime is unacceptable
- • Replacing Discord’s native permission model with overly broad bot privileges
- • Use cases requiring guaranteed idempotency for repeated agent retries
Interface
Authentication
Authentication is by a Discord bot token provided to the running process. The effective permissions are determined by the permissions granted to the bot via its OAuth invite URL; there is a CLI health check that audits required permissions.
Pricing
No pricing information is present in the provided README/repo metadata; it appears to be an npm package (MIT licensed).
Agent Metadata
Known Gotchas
- ⚠ Large tool surface includes highly destructive operations (delete/bulk_delete/ban/kick). Ensure the agent is constrained and actions are approved.
- ⚠ Repeated tool calls after partial failure may create duplicates (e.g., sending messages, creating roles/channels) unless the agent checks state first.
- ⚠ Name-based fuzzy matching can select unintended targets if similarly named channels/roles/members exist.
- ⚠ Token + permission breadth: bot permissions granted via invite determine what the tools can do; over-permissioning increases blast radius.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for discord-mcp.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.