slack-mcp-server

Session-based Slack MCP for Claude and MCP clients: local-first workflows, secure-default HTTP.

ai-agents automation claude claude-code claude-desktop cli developer-tools javascript llm model-context-protocol

Why this rank:Strong adoptionRecent releaseHealthy release cadence

Description

Session-based Slack MCP for Claude and MCP clients: local-first workflows, secure-default HTTP.

README

Slack MCP Server

Give your AI agent full Slack access. No app registration, no admin approval, no OAuth. One command, 16 tools, works with any MCP client.

npx -y @jtalk22/slack-mcp --setup

▶ Watch the demo — 7 scenarios, from 47 unreads to inbox zero, without opening Slack.

Ask your AI to catch you up on #engineering from the last 24 hours. Search for that deployment thread from last week. Find the printer admin PIN nobody can remember. Send a reply. All from your editor.

Interactive demo · Latest release

Why This Exists

Slack's official MCP server requires a registered app, admin approval, and doesn't work with Claude Code or GitHub Copilot due to OAuth/DCR incompatibility. Screenshotting messages is not a workflow.

This server uses your browser's session tokens instead. If you can see it in Slack, your AI agent can see it too. No app install, no scopes, no admin.

Stealth Mode: Session tokens leave zero footprint in your workspace admin panel. No bot user appears, no app install shows up, no audit trail. Your AI agent operates with the same invisibility as your browser tab.

	Slack Official MCP	This Server
OAuth app required	Yes	No
Admin approval	Yes	No
Works with Claude Code	No (DCR incompatible)	Yes
Works with Cursor	No	Yes
Works with Copilot	No	Yes
Works with Windsurf	No	Yes
Works with Gemini CLI	No	Yes
Works with Codex CLI	No	Yes
Setup time	~30 min	~2 min
Tools	Limited	16
Visible to admins	Yes	No — Stealth Mode

Quick Start per Client

Claude Desktop / Claude Code

Add to ~/.claude.json or Claude Desktop settings:

{
  "mcpServers": {
    "slack": { "command": "npx", "args": ["-y", "@jtalk22/slack-mcp"] }
  }
}

Cursor

Add to .cursor/mcp.json:

{
  "mcpServers": {
    "slack": { "command": "npx", "args": ["-y", "@jtalk22/slack-mcp"] }
  }
}

Windsurf

Add to ~/.codeium/windsurf/mcp_config.json:

{
  "mcpServers": {
    "slack": { "command": "npx", "args": ["-y", "@jtalk22/slack-mcp"] }
  }
}

Gemini CLI

Add to ~/.gemini/settings.json:

{
  "mcpServers": {
    "slack": { "command": "npx", "args": ["-y", "@jtalk22/slack-mcp"] }
  }
}

Codex CLI

Add to ~/.codex/config.toml:

[mcp_servers.slack]
command = "npx"
args = ["-y", "@jtalk22/slack-mcp"]

Or via CLI: codex mcp add slack -- npx -y @jtalk22/slack-mcp

Tools

Tool	Description	Safety
`slack_health_check`	Verify token validity and workspace info	read-only
`slack_token_status`	Token age, health, and cache stats	read-only
`slack_refresh_tokens`	Auto-extract fresh tokens from Chrome	read-only*
`slack_list_conversations`	List DMs and channels	read-only
`slack_conversations_history`	Get messages from a channel or DM	read-only
`slack_get_full_conversation`	Export full history with threads	read-only
`slack_search_messages`	Search across workspace	read-only
`slack_get_thread`	Get thread replies	read-only
`slack_users_info`	Get user details	read-only
`slack_list_users`	List workspace users (paginated, 500+)	read-only
`slack_users_search`	Search users by name, display name, or email	read-only
`slack_conversations_unreads`	Get channels/DMs with unread messages	read-only
`slack_send_message`	Send a message to any conversation	destructive
`slack_add_reaction`	Add an emoji reaction to a message	destructive
`slack_remove_reaction`	Remove an emoji reaction from a message	destructive
`slack_conversations_mark`	Mark a conversation as read	destructive

12 read-only, 4 write-path. All carry MCP safety annotations.

* slack_refresh_tokens modifies local token file only.

Install

Node.js 20+

npx -y @jtalk22/slack-mcp --setup

The setup wizard handles token extraction and validation.

Claude Desktop (macOS)

Edit ~/Library/Application Support/Claude/claude_desktop_config.json:

{
  "mcpServers": {
    "slack": {
      "command": "npx",
      "args": ["-y", "@jtalk22/slack-mcp"]
    }
  }
}

Claude Desktop (Windows/Linux)

Edit %APPDATA%\Claude\claude_desktop_config.json:

{
  "mcpServers": {
    "slack": {
      "command": "npx",
      "args": ["-y", "@jtalk22/slack-mcp"],
      "env": {
        "SLACK_TOKEN": "xoxc-your-token",
        "SLACK_COOKIE": "xoxd-your-cookie"
      }
    }
  }
}

Windows/Linux users must provide tokens via env since auto-refresh is macOS-only.

Claude Code

Add to ~/.claude.json:

{
  "mcpServers": {
    "slack": {
      "type": "stdio",
      "command": "npx",
      "args": ["-y", "@jtalk22/slack-mcp"]
    }
  }
}

Cursor / Copilot / Other MCP clients

Any client that supports stdio MCP servers works. Add to your client's MCP config:

{
  "slack": {
    "command": "npx",
    "args": ["-y", "@jtalk22/slack-mcp"],
    "env": {
      "SLACK_TOKEN": "xoxc-your-token",
      "SLACK_COOKIE": "xoxd-your-cookie"
    }
  }
}

On macOS, tokens are auto-extracted from Chrome — env block is optional.

Claude Web / Remote MCP

Hosted version with permanent OAuth tokens coming soon. See mcp.revasserlabs.com for updates.

Docker

docker pull ghcr.io/jtalk22/slack-mcp-server:latest

{
  "mcpServers": {
    "slack": {
      "command": "docker",
      "args": ["run", "-i", "--rm",
               "-v", "~/.slack-mcp-tokens.json:/root/.slack-mcp-tokens.json",
               "ghcr.io/jtalk22/slack-mcp-server"]
    }
  }
}

Restart your client after configuration. Full setup: docs/SETUP.md

How It Works

Session tokens (xoxc- + xoxd-) from your browser. If you can see it in Slack, this server can see it too.

Token persistence — four-layer fallback:

Environment variables (SLACK_TOKEN, SLACK_COOKIE)
Token file (~/.slack-mcp-tokens.json, chmod 600)
macOS Keychain (encrypted)
Chrome auto-extraction (macOS)

Tokens expire. The server notices before you do — proactive health monitoring, automatic refresh on macOS, warnings when tokens age out. File writes are atomic (temp file → chmod → rename) to prevent corruption. Concurrent refresh attempts are mutex-locked.

Hosted HTTP Mode

For remote MCP endpoints (Cloudflare Worker, VPS, etc.):

SLACK_TOKEN=xoxc-... \
SLACK_COOKIE=xoxd-... \
SLACK_MCP_HTTP_AUTH_TOKEN=change-this \
SLACK_MCP_HTTP_ALLOWED_ORIGINS=https://claude.ai \
node src/server-http.js

Details: docs/DEPLOYMENT-MODES.md

Troubleshooting

Tokens expired: Run npx -y @jtalk22/slack-mcp --setup or use slack_refresh_tokens (macOS).

DMs not showing: Use slack_list_conversations with discover_dms=true.

Client not seeing tools: Check JSON syntax in config, restart client fully.

More: docs/TROUBLESHOOTING.md

Docs

Security

Token files: chmod 600 (owner-only)
macOS Keychain encrypted backup
Web server binds to localhost only
API keys: crypto.randomBytes
See SECURITY.md

Contributing

PRs welcome. Run node --check on modified files before submitting.

License

MIT — See LICENSE

Disclaimer

Not affiliated with Slack Technologies, Inc. Uses browser session credentials — check your workspace's acceptable use policy.

Hosted version with semantic search, AI summaries, and permanent OAuth — coming soon at mcp.revasserlabs.com

Release History

Version	Changes	Urgency	Date
v4.3.0	## Added - `--refresh-tokens` CLI flag — `npx -y @jtalk22/slack-mcp --refresh-tokens` now runs the Chrome auto-extract path (equivalent to `npm run tokens:auto`). Closes the gap between the wizard-only `--setup` flag and the unscheduled-by-default token-refresh capability. Designed to be called from a LaunchAgent, cron, or CI to keep tokens fresh while Claude is closed for weeks at a time. - Token-refresh LaunchAgent docs (`docs/SETUP.md`) — Optional macOS LaunchAgent template that runs	High	5/12/2026
v4.2.2	Patch release. Hardens the shell-exec surface to clear AgentScore advisory [AGENTSCORE-2026-0016](https://dev.to/) (90→80, LOW→MODERATE). ## Why this exists AgentScore flagged v4.2.0 for `command_injection: shell execution with template literal input`. Two surfaces matched: \| File \| Line \| Variable \| Source \| \|---\|---\|---\|---\| \| `scripts/token-cli.js` \| 146-147 \| `KEYCHAIN_SERVICE` \| Hardcoded `"slack-mcp-server"` (lib/token-store.js:18) \| \| `lib/handlers.js` \| 58 \| `tempPath` \| Internal	High	4/26/2026
v4.1.0	## Chrome DB Decryption. Stealth Mode. Zero OAuth. v4.1.0 reads Slack session cookies directly from Chrome's encrypted SQLite store — PBKDF2 + AES-128-CBC via macOS Keychain. No DevTools. No manual copy-paste. No OAuth app install. ### What's New - Chrome DB decryption — `npm run tokens:auto` extracts the `d` cookie from Chrome's encrypted cookie jar. The `d` cookie is HttpOnly (invisible to `document.cookie`), so this is the only path that doesn't require manual intervention. - **Ste	Medium	3/31/2026
v4.0.0	16 tools, one-command setup, works where Slack's official MCP server doesn't. Slack's official MCP requires a registered app and admin approval, and [doesn't work with Claude Code or GitHub Copilot](https://github.com/anthropics/claude-code/issues/30564) due to OAuth/DCR incompatibility. This server uses your browser session instead — no app registration, no admin, no OAuth. ### What you get - 16 tools — search, messages, threads, DMs, reactions, unreads, user lookup, send messages.	Medium	3/30/2026
v3.2.5	## v3.2.5 — metadata, discovery, and company-led Cloud routing Align public metadata, release proof, and hosted buyer-routing around the current company-led Slack MCP Cloud surface. ### Improved - aligned `package.json`, `package-lock.json`, `server.json`, and `glama.json` on `3.2.5` - refreshed public README, Pages, and docs so Cloud routing points to pricing, workflows, Gemini CLI, readiness, procurement, deployment review, and support - added a checked distribution ledger for MCP Registry, G	Low	3/12/2026
v3.2.4	## v3.2.4 — Distribution Parity and Support Paths `v3.2.4` restores version parity across the shipped runtime, Docker smoke path, registry metadata, and current public trust surfaces while aligning support paths for self-hosted and managed deployment modes. ```bash npx -y @jtalk22/slack-mcp@latest --version npx -y @jtalk22/slack-mcp@latest --doctor ``` ### Improved - Runtime version integrity — CLI, setup wizard, HTTP transport, web mode, and Docker smoke output now derive their release	Low	3/11/2026
v3.2.3	Replace personal email with role-based `@revasserlabs.com` addresses across all customer-facing surfaces. ### Changes - Author/support email → `support@revasserlabs.com` - Privacy/GDPR/CCPA contact → `privacy@revasserlabs.com` - Social preview card: email → URL (`mcp.revasserlabs.com`) ### What's NOT changed - CI/attribution scripts — structural git identity - Historical release notes — frozen records - All MCP tools and API behavior unchanged ```bash npx -y @jtalk22/slack-mcp@3.2.3 --version	Low	3/11/2026
v3.2.2	## What's Changed ### Security - Patched 5 npm audit vulnerabilities (3 high, 1 moderate, 1 low) - hono 4.12.2 → 4.12.7 (cookie injection, SSE injection, arbitrary file access) - @hono/node-server 1.19.9 → 1.19.11 (auth bypass via encoded slashes) - express-rate-limit 8.2.1 → 8.3.1 (IPv4-mapped IPv6 rate limit bypass) - ajv 8.17.1 → 8.18.0 (ReDoS) - qs 6.14.1 → 6.14.2 (DoS) ### Registry & Ecosystem - Homepage URL → `mcp.revasserlabs.com` (canonical cloud landing page) - server.json,	Low	3/10/2026
v3.2.0	## v3.2.0 — Reactions, Unreads, User Search `v3.2.0` adds 5 new tools across all three transports: emoji reactions, mark-as-read, unread inbox, and user search. Tool count moves from 11 to 16. ```bash npx -y @jtalk22/slack-mcp@latest --version npx -y @jtalk22/slack-mcp@latest --doctor ``` ### New Tools \| Tool \| Purpose \| \|------\|---------\| \| `slack_add_reaction` \| Add emoji reactions to messages \| \| `slack_remove_reaction` \| Remove emoji reactions from messages \| \| `slack_conversations_mark`	Low	3/10/2026
v3.1.0	## v3.1.0 — Cloud + Key Delivery `v3.1.0` adds the Cloud product surface and post-checkout key delivery page. ```bash npx -y @jtalk22/slack-mcp@latest --version npx -y @jtalk22/slack-mcp@latest --doctor ``` ### What Changed - Cloud landing page — `cloud.html` introduces Slack MCP Cloud: a hosted MCP endpoint with one URL, 13 tools, encrypted token storage, and zero local config. Solo ($19/mo) and Team ($49/mo) plans with Stripe checkout. - Post-checkout key delivery — `success.html`	Low	3/10/2026
v3.0.0	## v3.0.0 - Secure-Default Hosted HTTP, Local-First Paths Unchanged `v3.0.0` flips hosted `/mcp` from permissive to secure-default without breaking local workflows. Post-release note (February 28, 2026): mobile/public demo surfaces were polished on `main` with no runtime contract changes. ```bash npx -y @jtalk22/slack-mcp --setup npx -y @jtalk22/slack-mcp@latest --version npx -y @jtalk22/slack-mcp@latest --doctor npx -y @jtalk22/slack-mcp@latest --status ``` Quick demo proof: - Share card: h	Low	2/28/2026
v2.0.0	> [!IMPORTANT] > Superseded by [`v3.0.0`](https://github.com/jtalk22/slack-mcp-server/releases/latest). Current install path: https://jtalk22.github.io/slack-mcp-server/ > > Install + Verify: > ```bash > npx -y @jtalk22/slack-mcp --setup > npx -y @jtalk22/slack-mcp@latest --version > npx -y @jtalk22/slack-mcp@latest --doctor > npx -y @jtalk22/slack-mcp@latest --status > ``` ## v2.0.0 — Deterministic Diagnostics and Distribution Parity This release hardens install diagnostics, standardizes status	Low	2/26/2026
v1.2.4	> [!IMPORTANT] > Superseded by [`v3.0.0`](https://github.com/jtalk22/slack-mcp-server/releases/latest). Current install path: https://jtalk22.github.io/slack-mcp-server/ > > Install + Verify: > ```bash > npx -y @jtalk22/slack-mcp --setup > npx -y @jtalk22/slack-mcp@latest --version > npx -y @jtalk22/slack-mcp@latest --doctor > npx -y @jtalk22/slack-mcp@latest --status > ``` ## v1.2.4 — No-Surprise Diagnostics for Slack MCP Operators This release removes diagnostic side effects and makes setup/au	Low	2/26/2026
v1.2.3	## v1.2.3 — Install Flow and Diagnostics ### Improved - Added concise issue/release follow-up templates and communication style guidance for faster bug-response loops. - Expanded setup reliability surfaces: README compatibility check, docs index, and demo CTA/meta alignment. - Added install verifier script and CI coverage to catch install regressions early. - Added `--doctor` CLI diagnostics with deterministic exit codes and one clear next action. ### Compatibility - No API/tool schema changes	Low	2/25/2026
v1.2.2	### Improved - Aligned CLI/setup guidance to `npx -y @jtalk22/slack-mcp` - Removed stale token-refresh command references in runtime messaging - Added deployment mode, support-boundary, and use-case recipe docs - Added demo CTA strip and deployment intake issue template No API/tool schema changes.	Low	2/25/2026
v1.2.1	> [!IMPORTANT] > Superseded by [`v3.0.0`](https://github.com/jtalk22/slack-mcp-server/releases/latest). Use the latest release for current install/migration guidance. ## v1.2.1 — Reliability + Installer Fixes This patch resolves two high-friction paths: - `slack_get_thread` / search calls returning `invalid_arguments` - downstream `npx @jtalk22/slack-mcp` executable resolution failures ### Fixed - Form-encoded request bodies for Slack endpoints that require them (`conversations.replies`, `sea	Low	2/24/2026
v1.2.0	# v1.2.0 Simplifies setup. Hardens runtime. Drops Node 18. [▶️ Watch the demo](https://github.com/jtalk22/slack-mcp-server/blob/main/docs/videos/demo-claude-v1.2.webm) --- ## Setup Wizard ```bash npx @jtalk22/slack-mcp --setup ``` macOS: Tokens extracted from Chrome via AppleScript. Linux/Windows: Guided entry with API validation before save. --- ## Session Mirroring Slack official API path: create app, request scopes, wait for admin approval. DM access requires per-conversation conse	Low	1/22/2026
v1.1.9	Include HTTP transport (server-http.js) for Smithery hosted deployments.	Low	1/9/2026
v1.1.8	Add mcpName for official MCP registry compatibility.	Low	1/9/2026
v1.1.7	Trauma response to context overload. Built a context protocol. Stable now (v1.1.7). --- What's Changed - Reliability and error handling improvements - Documentation accuracy fixes - Cleaner project structure Full Changelog: https://github.com/jtalk22/slack-mcp-server/compare/v1.1.6...v1.1.7	Low	1/8/2026
v1.1.6	### Changed - Web server binds to `127.0.0.1` (localhost only) - CORS accepts localhost origins only - File exports write to `~/.slack-mcp-exports/` Upgrade: ```bash npm update -g @jtalk22/slack-mcp ```	Low	1/8/2026
v1.1.5	### Changed - README badges use pure markdown for mobile compatibility - Simplified glama.json configuration Install: ```bash npm install -g @jtalk22/slack-mcp ```	Low	1/8/2026
v1.1.4	### Changed - Expanded npm keywords for search discoverability - Added Open Graph meta tags to demo page - Enhanced Dockerfile with OCI labels Install: ```bash npm install -g @jtalk22/slack-mcp ```	Low	1/8/2026
v1.1.2	### Changed - Homepage now points to live demo for npm discoverability Install: ```bash npm install -g @jtalk22/slack-mcp ``` Links: - [Live Demo](https://jtalk22.github.io/slack-mcp-server/public/demo.html) - [Documentation](https://github.com/jtalk22/slack-mcp-server#readme)	Low	1/8/2026
v1.0.3	## What's Changed - Fix npm publish workflow to use correct secret configuration - Enable provenance attestation for package verification Full Changelog: https://github.com/jtalk22/slack-mcp-server/compare/v1.0.0...v1.0.3	Low	1/3/2026
v1.0.2	- Fixed OIDC trusted publishing workflow - Now publishes with provenance attestation	Low	1/3/2026
v1.0.1	- Added trusted publishing workflow for automated npm releases - Minor maintenance update	Low	1/3/2026
v1.0.0	## Slack MCP Server v1.0.0 First stable release of the Slack MCP Server - giving Claude full access to your Slack workspace including DMs, channels, and message history. ### Features - Read Messages - Fetch history from any DM or channel - Full Export - Export conversations with threads and resolved usernames - Search - Search messages across your workspace - Send Messages - Send to DMs or channels - Auto Token Recovery - Refreshes expired tokens from Chrome automatically	Low	1/3/2026

Dependencies & License Audit

Loading dependencies...

Similar Packages

everything-claude-codeThe agent harness performance optimization system. Skills, instincts, memory, security, and research-first development for Claude Code, Codex, Opencode, Cursor and beyond.v1.10.0

sandboxed.shSelf-hosted orchestrator for AI autonomous agents. Run Claude Code & Open Code in isolated linux workspaces. Manage your skills, configs and encrypted secrets with a git repo.v0.12.0

claude-code-statusline⚡ Real-time token, context & agent dashboard for Claude Code — zero polling, pure stdinv1.2.0

BashiTurn Claude Code into a structured development team. 600+ skills via Cortex MCP, 12 agents, 20 commands. Built for people who can direct but don't write code. npx create-bashi-appv3.3.0

sawzhang_skillsClaude Code skills collection — CCA study guides, Twitter research, MCP review, auto-iteration tools0.0.0

More in MCP Servers

AstrBotAgentic IM Chatbot infrastructure that integrates lots of IM platforms, LLMs, plugins and AI feature, and can be your openclaw alternative. ✨

agentscopeBuild and run agents you can see, understand and trust.

claude-plugins-officialOfficial, Anthropic-managed directory of high quality Claude Code Plugins.

langchain4jLangChain4j is an open-source Java library that simplifies the integration of LLMs into Java applications through a unified API, providing access to popular LLMs and vector databases. It makes impleme