{"id":"dend-guildbridge","name":"guildbridge","homepage":null,"repo_url":"https://github.com/dend/guildbridge","category":"communication","subcategories":[],"tags":["ai","agents","automation","discord","mcp","model-context-protocol","cloudflare-workers","oauth2","rbac","security","typescript"],"what_it_does":"GuildBridge is a remotely hosted Model Context Protocol (MCP) server for Discord, intended to let MCP clients authenticate and then access Discord guilds/channels/messages (list/search/read/send/reply) with server-side permission-aware access control. It is designed to run on Cloudflare Workers and can use Discord OAuth2 plus Cloudflare Zero Trust for protecting the admin allowlist.","use_cases":["Connect MCP-capable AI agents to Discord to read and search messages across permitted guilds/channels","Allow controlled message posting and replying from AI agents in existing Discord conversations","Provide a permission-aware bridge between MCP clients and Discord where contributors coordinate in Discord","Administer an allowlist of Discord users who can authenticate to the MCP server (via /admin)"],"not_for":["Unauthenticated public Discord message access","Use cases requiring data export guarantees beyond what’s documented (e.g., regulated archival, strict retention policies)","High-reliability transactional message processing without retries/idempotency considerations"],"best_when":"You want agents to operate inside Discord with explicit OAuth-based identity verification and guild/channel permission checks, deployed on Cloudflare Workers.","avoid_when":"You need an SDK/REST-style interface or a standardized HTTP API beyond MCP, or you require a clearly documented SLAs/rate limits/retry semantics at the MCP tool layer.","alternatives":["Build a direct Discord bot/agent integration (custom code) with MCP or tool wrappers","Use a different MCP Discord integration project (if available)","Use Discord API via your own backend and expose tools through your own MCP server","Create a lightweight proxy service around Discord REST APIs with OAuth-based gating"],"af_score":57.2,"security_score":76.0,"reliability_score":27.5,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T15:38:45.399176+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":"https://<your-worker>.workers.dev/mcp","has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["OAuth2 (Discord OAuth2 login)","Cloudflare Zero Trust (admin panel gating)","MCP bearer token carrying encrypted user OAuth token"],"oauth":true,"scopes":true,"notes":"Authentication flow described: MCP client connects to /mcp, authenticates via Discord OAuth2, and receives an MCP access token that contains/enables decryption of the user OAuth token for guild membership verification. Admin panel access uses Cloudflare Zero Trust. Tool authorization includes guild membership and channel visibility/permissions checks."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing for the project itself is described; it relies on Cloudflare Workers/Zero Trust/DB primitives. Free tier is mentioned as sufficient for Cloudflare for prerequisites, but tool usage costs are not quantified."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":57.2,"security_score":76.0,"reliability_score":27.5,"mcp_server_quality":78.0,"documentation_accuracy":72.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":55.0,"rate_limit_clarity":20.0,"tls_enforcement":90.0,"auth_strength":85.0,"scope_granularity":70.0,"dependency_hygiene":45.0,"secret_handling":80.0,"security_notes":"Strengths: uses Discord OAuth2 for user identity and server-side permission checks; bot token is server-side only; user OAuth token is carried by an encrypted MCP token returned to the client; admin is gated by Cloudflare Zero Trust; uses CSRF cookie and Cloudflare KV state binding during OAuth. Potential concerns: rate limiting and explicit throttling/error semantics are not documented; dependency list includes libraries but no vulnerability/lockfile/CVE posture is provided here; allowlist logic explicitly states empty allowlist permits authentication by anyone, which can be risky if not configured immediately after deployment.","uptime_documented":20.0,"version_stability":30.0,"breaking_changes_history":25.0,"error_recovery":35.0,"idempotency_support":"false","idempotency_notes":"Not documented. Tools include send_message/reply_to_message; no stated guarantees about duplicate handling on retries/timeouts.","pagination_style":"page/limit style (read_messages described as 'with pagination'; exact cursor/format not specified in README)","retry_guidance_documented":false,"known_agent_gotchas":["OAuth/permission enforcement: the MCP client must complete Discord OAuth2 and be allowed via the allowlist (/admin).","Message/search content intent: enabling Message Content Intent is required for full message content in search results.","Empty allowlist behavior: described as 'anyone can authenticate until you add the first user'—agents using the service should assume access may expand if allowlist isn’t configured.","Pagination details not fully specified in README—agents may need to probe tool responses to find the exact pagination mechanism/cursor.","Token handling model: the client receives an MCP token containing encrypted user OAuth token; agents should not assume server stores user tokens server-side."]}}