Delv
Official (Anthropic)Abandoned· 1.1y3,800t4.3by Anthropic

Slack

Slack messages, channels, DMs from Claude. Note: this server has been archived; consider community alternatives or hosted Slack MCPs.

View repo
B
Safety & Trust

Delv Safety Grade: B

Score 72/100 · assessed 2026-04-22

Maintainer95
Permissions60
Supply chain85
Transparency70
Incidents100

This is Anthropic's official Slack MCP server, which carries strong maintainer credentials and proper npm distribution. However, it has been archived by Anthropic, meaning no further updates or security patches will be provided. The server requires a Slack bot token with broad workspace access, enabling message reading across channels and DMs plus message sending capabilities. This creates a meaningful permissions surface: Claude gains read access to potentially sensitive internal communications and write access to post on your behalf. The archival status is the primary concern—you're running unmaintained code that won't receive fixes if vulnerabilities emerge. Supply chain is solid via npm with standard installation, and transparency is reasonable with open source code, though documentation may be thin given the archived state. Consider migrating to maintained community alternatives.

Lethal Trifecta (prompt-injection exposure)

TRIFECTA RISK
All three axes present. This server can read private data, ingest attacker-controlled content, and send data outbound. A poisoned input (a GitHub issue, an email, a webpage) can exfiltrate secrets via this chain. Only install with auditing; avoid on shared or cloud agents.
Private dataYes
Reads secrets, credentials, private files
Untrusted inputYes
Ingests web pages, PRs, issues, emails
External commsYes
Can send data outbound

Reads channels and DMs (private), ingests messages from anyone in the workspace (untrusted), can post and DM (outbound). Trifecta.

Green flags

  • Official Anthropic server with strong provenance
  • Distributed via npm with standard package management
  • Open source code available for inspection
  • Scoped to Slack API, no filesystem or shell access

Red flags

  • Archived by Anthropic - no further maintenance or security updates
  • Requires bot token with broad workspace access to channels and DMs
  • Read access to potentially sensitive internal company communications
  • Write access allows posting messages on your behalf across workspace

Permissions requested

Outbound networkAccess secretsRead messagesSend messages
Assessed by Delv Editorial using public metadata. Grades are advisory and update as the ecosystem changes. They do not replace your own review of permissions and code before granting an agent access to sensitive systems.

Install

npx -y @modelcontextprotocol/server-slack
Env vars needed: SLACK_BOT_TOKENSLACK_TEAM_ID

Review

This is Anthropic's official MCP server for Slack, and it does exactly what you'd expect: lets Claude read channels, send messages, and pull DM threads without you switching windows. I've used it to build workflows where Claude monitors a support channel, drafts replies based on context from other tools, then posts them back. It's also handy for status updates during long-running tasks—Claude can drop a message in your team channel when a data pipeline finishes or a deployment completes. The setup requires a Slack bot token and team ID, which means you'll spend ten minutes in Slack's app console if you haven't done it before. Once configured, the server exposes tools for posting messages, listing channels, fetching threads, and searching message history. It's read-write, so Claude can both monitor and respond. The real value shows up in cross-tool workflows: pull data from a database MCP, summarise it, then post the summary to a project channel. Or grab the last twenty messages from a thread, pass them to a reasoning model, and reply with a decision. Quirks: it's designed for bot tokens, not user tokens, so you'll see messages posted as your bot, not as you. That's fine for automation but feels odd if you're used to personal Slack integrations. The server also doesn't handle Slack's block kit UI—messages are plain text or basic markdown. If you need rich formatting or interactive buttons, you'll hit the ceiling fast. And like most MCP servers, it's stateless, so Claude won't remember which channels you care about unless you tell it every time. Who shouldn't bother: if you're just sending the occasional message, Slack's own API or a webhook is simpler. This is for people who want Claude to participate in Slack as part of a larger workflow, not as a one-off notification tool. If your team doesn't live in Slack, or you're looking for a quick way to ping yourself, skip it.
Verdict

Install this if you're building workflows where Claude needs to read or write Slack messages as part of a multi-step process. Skip it if you just want to send yourself a notification—webhooks are faster. It's a solid, well-maintained server that does one thing well, but only if Slack is already central to your work.

Good at

  • Official Anthropic server, so it's maintained and works reliably with Claude Desktop out of the box.
  • Read-write access means Claude can both monitor channels and post replies, which is rare for communication tools.
  • Works well in multi-tool workflows where Slack is the output layer for data pulled from databases or APIs.
  • Supports DMs and threads, not just channel posts, so you can build more nuanced interactions.

Watch out

  • Requires a Slack bot token and team ID, which means a trip to Slack's app console and some permission wrangling.
  • Messages post as a bot, not as you, which feels impersonal if you're used to user-based integrations.
  • No support for Slack's block kit UI, so you're stuck with plain text or basic markdown.
  • Stateless design means Claude won't remember which channels matter unless you specify them every time.

Getting started

1. Create a Slack app at api.slack.com/apps, add a bot token with scopes for channels:read, chat:write, and users:read, then install it to your workspace and copy the bot token and team ID. 2. Run `npx -y @modelcontextprotocol/server-slack` to install, then add it to your Claude Desktop config with `SLACK_BOT_TOKEN` and `SLACK_TEAM_ID` as environment variables. 3. Restart Claude Desktop, open a conversation, and ask Claude to list your Slack channels—it should return a list if the token is valid. 4. Test by asking Claude to post a message to a channel you've invited the bot to. If it fails, check the bot's permissions and make sure it's actually in the channel. 5. Watch out: the bot token gives Claude write access to any channel the bot is in, so don't use a token with admin privileges or add the bot to sensitive channels unless you trust the workflow.

Works with

Claude DesktopClaude CodeCursorWindsurfClineZed

Similar MCPs