{"id":"hardheadhackerhead-discord-mcp","name":"discord-mcp","homepage":"https://QuadsLab.io","repo_url":"https://github.com/HardHeadHackerHead/discord-mcp","category":"communication","subcategories":[],"tags":["mcp","discord","discord-admin","automation","chatops","bot","moderation","cli"],"what_it_does":"discord-mcp is an MCP server plus CLI that lets an AI assistant manage a Discord guild/server using natural language. It provides a large set of Discord administration tools (roles, channels, members, messages, moderation, events, automod, polls, webhooks, etc.), includes an interactive setup wizard (bot creation/token validation/invite generation and client config), and offers a health check/permission audit.","use_cases":["Automating Discord server administration via an AI assistant","Creating/modifying roles and channel structures","Moderation actions like kicks/bans/timeouts and automod rule management","Messaging operations including thread-aware sends/edits/deletes and reactions","Generating and auditing required Discord bot permissions before connecting an agent","Managing server events, forums, scheduled activities, and polls","Admin tasks like audit log viewing and server templates/integrations"],"not_for":["Unsupervised operation without human approval (many tools can irreversibly change server state)","Use in environments where exposing a Discord bot token to an agent runtime is unacceptable","Replacing Discord’s native permission model with overly broad bot privileges","Use cases requiring guaranteed idempotency for repeated agent retries"],"best_when":"You want a broad set of Discord admin capabilities available to an MCP-capable agent, and you can securely handle a Discord bot token and restrict the bot’s permissions to what’s needed.","avoid_when":"You cannot secure secrets, or you need strong guarantees around retries/idempotency and auditability of agent-initiated changes.","alternatives":["Direct Discord bot development with discord.js and a custom command layer","Other MCP tools that wrap Discord APIs (if available) with narrower scopes","Using Discord’s REST API directly for specific tasks (roles/channels/moderation) instead of a large tool surface"],"af_score":67.0,"security_score":58.8,"reliability_score":36.2,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T15:40:26.998007+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":true,"sdk_languages":["TypeScript","JavaScript"],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["Discord bot token via environment variable (DISCORD_TOKEN)","Discord bot OAuth/invite flow (implied by invite generation and required permissions)"],"oauth":false,"scopes":false,"notes":"Authentication is by a Discord bot token provided to the running process. The effective permissions are determined by the permissions granted to the bot via its OAuth invite URL; there is a CLI health check that audits required permissions."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing information is present in the provided README/repo metadata; it appears to be an npm package (MIT licensed)."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":67.0,"security_score":58.8,"reliability_score":36.2,"mcp_server_quality":70.0,"documentation_accuracy":70.0,"error_message_quality":null,"error_message_notes":"README mentions helpful error recovery (e.g., suggestions/Did you mean) and structured JSON responses, but the provided content does not include explicit error code schemas.","auth_complexity":80.0,"rate_limit_clarity":25.0,"tls_enforcement":90.0,"auth_strength":70.0,"scope_granularity":30.0,"dependency_hygiene":55.0,"secret_handling":45.0,"security_notes":"Uses a Discord bot token provided via environment variables and requires Discord permissions granted through the invite OAuth flow; this enables a health check/permission audit but does not evidence fine-grained scoping beyond Discord’s permission system. The provided content does not show secret-handling guarantees (e.g., redaction in logs) or dependency/version security posture. Rate-limit behavior and retry/backoff strategy are not documented in the provided excerpt, which can lead to accidental repeated actions under agent retries.","uptime_documented":0.0,"version_stability":45.0,"breaking_changes_history":40.0,"error_recovery":60.0,"idempotency_support":"false","idempotency_notes":"Many actions are inherently non-idempotent (create/send/delete/assign/kick/ban). No idempotency guarantees or deduplication mechanisms are described.","pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Large tool surface includes highly destructive operations (delete/bulk_delete/ban/kick). Ensure the agent is constrained and actions are approved.","Repeated tool calls after partial failure may create duplicates (e.g., sending messages, creating roles/channels) unless the agent checks state first.","Name-based fuzzy matching can select unintended targets if similarly named channels/roles/members exist.","Token + permission breadth: bot permissions granted via invite determine what the tools can do; over-permissioning increases blast radius."]}}