Labsco
atlasfutures logo

Claude MCP Slack

β˜… 1

from atlasfutures

A GitHub Action that functions as a Slack MCP server, enabling secure image downloads and integrations with Slack.

πŸ”₯πŸ”₯βœ“ VerifiedAccount requiredNeeds API keys

Claude MCP Slack

A standalone GitHub Action that provides Slack MCP (Model Context Protocol) server functionality for Claude Code Action, enabling secure Slack image downloads and integrations.

Features

  • πŸ” Secure Slack Integration: Authenticated access to Slack files using Bot User OAuth tokens
  • πŸ“ Flexible File Management: Customizable download directories with security validation
  • 🐳 Docker Support: Run locally or in containers with proper security constraints
  • πŸ›‘οΈ Security First: Input validation, path traversal prevention, and secure token handling
  • πŸ§ͺ Comprehensive Testing: Unit, integration, and security test suites
  • ⚑ Easy Integration: Drop-in compatibility with claude-code-action

Available MCP Tools

slack_image_download

Downloads images from Slack with authentication.

Parameters:

  • url (required): Slack file URL (must start with https://files.slack.com/)
  • filename (optional): Custom filename (will be sanitized)

Example:

Copy & paste β€” that's it
{
  "tool": "slack_image_download",
  "arguments": {
    "url": "https://files.slack.com/files-tmb/T05EFSVDCLR-F08TC9CP9B8/screenshot_720.png",
    "filename": "screenshot.png"
  }
}

slack_health_check

Checks the health and configuration of the Slack MCP server.

Example:

Copy & paste β€” that's it
{
  "tool": "slack_health_check",
  "arguments": {}
}

Security Features

Input Validation

  • URL validation (must be Slack files domain)
  • Token format verification
  • Path traversal prevention
  • Filename sanitization

Secure Execution

  • Non-root container execution
  • Read-only filesystem (except download directory)
  • Resource limits (file size, timeout)
  • No shell metacharacter injection

Token Security

  • Environment variable isolation
  • No token logging or exposure
  • Secure token format validation

Development

Local Setup

Copy & paste β€” that's it
# Clone repository
git clone https://github.com/atlasfutures/claude-mcp-slack.git
cd claude-mcp-slack

# Install dependencies
bun install

# Run tests
bun test

# Type check
bun run typecheck

# Format code
bun run format

Docker Development

Copy & paste β€” that's it
# Build and run with docker-compose
docker-compose up claude-mcp-slack-dev

# Or build manually
docker build -t claude-mcp-slack .
docker run -e SLACK_TOKEN=your-token claude-mcp-slack

Testing

Copy & paste β€” that's it
# Run all tests
bun test

# Run specific test suites
bun run test:unit
bun run test:integration
bun run test:security

# Run with coverage
bun test --coverage

Contributing

  1. Fork the repository
  2. Create a feature branch (git checkout -b feature/amazing-feature)
  3. Make your changes
  4. Add tests for new functionality
  5. Ensure all tests pass (bun test)
  6. Commit your changes (git commit -m 'Add amazing feature')
  7. Push to the branch (git push origin feature/amazing-feature)
  8. Open a Pull Request

Development Guidelines

  • Follow TypeScript best practices
  • Add tests for all new features
  • Update documentation for API changes
  • Ensure security tests pass
  • Use conventional commit messages

License

This project is licensed under the MIT License - see the LICENSE file for details.

Support

Related Projects