slack-mcp-server

Slack MCP server exposing Slack Web API capabilities as MCP tools, supporting both local stdio transport and remote HTTP transport.

Evaluated Mar 30, 2026 (21d ago)

Homepage ↗ Repo ↗ Messaging mcp slack ai-agents integration messaging oauth

⚙ Agent Friendliness

/ 100

Can an agent use this?

🔒 Security

/ 100

Is it safe for agents?

⚡ Reliability

/ 100

Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality

Documentation

Error Messages

Auth Simplicity

Rate Limits

🔒 Security

TLS Enforcement

Auth Strength

Scope Granularity

Dep. Hygiene

Secret Handling

Tokens are provided via environment variables. README does not describe server-side request authentication/authorization for the MCP interface, transport security for HTTP mode (beyond using localhost), OAuth scopes/least-privilege, audit logging, or how errors are sanitized. Safe search appears to be enforced server-side for search, reducing accidental exposure of private content, but write tools remain powerful.

⚡ Reliability

Uptime/SLA

Version Stability

Breaking Changes

Error Recovery

Best When

You want an MCP-compatible integration to let an AI agent read and/or act in a Slack workspace using standardized tool calls.

Avoid When

You cannot safely handle OAuth tokens or you lack control over what the agent is allowed to do (e.g., broad write capabilities like posting/reactions/search across the workspace).

Use Cases

• List Slack channels with pagination
• Post messages and reply within Slack threads
• Add reactions to Slack messages
• Fetch channel history and thread replies
• Retrieve Slack user profiles (single and batch)
• Search Slack messages with filters (including safe-search option)

Not For

• Automating Slack actions without obtaining/securely storing Slack OAuth tokens
• Workloads that require strict tenant isolation or strong per-request authorization beyond what the server implements
• High-scale deployments without verified rate-limit handling

Interface

REST API

Yes

GraphQL

gRPC

MCP Server

Yes ↗

SDK

Webhooks

Authentication

Methods: Slack Bot User OAuth token (SLACK_BOT_TOKEN) Slack User OAuth token (SLACK_USER_TOKEN)

OAuth: Yes Scopes: No

Server requires Slack OAuth tokens via environment variables. README does not document specific OAuth scopes or least-privilege guidance.

Pricing

Free tier: No

Requires CC: No

This package is distributed via npm; costs mainly come from your Slack app usage/quotas and hosting (if using HTTP transport).

Agent Metadata

Pagination

pagination for slack_list_channels (mentioned)

Idempotent

False

Retry Guidance

Not documented

Known Gotchas

⚠ Write-capable tools (post message, add reaction, reply) may have side effects; agents should implement their own safeguards (confirmations, idempotency via message dedupe, etc.).
⚠ Message search may depend on Slack user token and safe-search behavior; agents should expect different results depending on token and SLACK_SAFE_SEARCH setting.
⚠ HTTP transport is started locally on a port; ensure networking/auth boundaries around the server since the README does not describe additional request authentication.

Alternatives

Use Slack Web API directly with your own backend (REST) Use other MCP servers or custom MCP tool wrappers around Slack APIs Build a small MCP server that calls Slack Web API with stricter authorization and auditing

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for slack-mcp-server.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo

API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-30.