Skip to content

jtalk22/slack-mcp-server

v4.1.0 Breaking

This release includes breaking changes for platform teams planning a safe upgrade.

Published 2mo MCP SaaS Integrations
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

platform-commercial status-live

Affected surfaces

auth breaking_upgrade

Summary

AI summary

Chrome DB decryption extracts Slack session cookies automatically, adding Stealth Mode with zero audit footprint.

Full changelog

Chrome DB Decryption. Stealth Mode. Zero OAuth.

v4.1.0 reads Slack session cookies directly from Chrome's encrypted SQLite store — PBKDF2 + AES-128-CBC via macOS Keychain. No DevTools. No manual copy-paste. No OAuth app install.

What's New

  • Chrome DB decryptionnpm run tokens:auto extracts the d cookie from Chrome's encrypted cookie jar. The d cookie is HttpOnly (invisible to document.cookie), so this is the only path that doesn't require manual intervention.
  • Stealth Mode — Session-token auth leaves zero footprint in Slack workspace admin. No bot user, no app install, no audit trail. IT admins see nothing.
  • Codex CLI support — Confirmed compatibility with OpenAI Codex CLI alongside Claude Code, Cursor, Copilot, Windsurf, and Gemini CLI.
  • Video + asset overhaul — Full demo re-encoded at CRF 18 with color grading, sharpening, and vignette. 5 format variants (MP4, WebM, GIF, HQ cut, mobile portrait). All assets rebranded to demo-slack-mcp-*.

Demo

Watch the full 7-scenario demo: demo-slack-mcp.mp4

Triage 47 unreads, find a lost printer PIN, reply to incidents, export for post-mortems — without opening Slack once.

Install

npx -y @jtalk22/slack-mcp --setup

One command. Works with Claude Code, Cursor, Copilot, Windsurf, Gemini CLI, and Codex CLI.

16 Tools

health_check · token_status · refresh_tokens · list_conversations · conversations_history · get_full_conversation · search_messages · send_message · get_thread · users_info · list_users · add_reaction · remove_reaction · conversations_mark · conversations_unreads · users_search

No tools added or removed. Fully backwards-compatible with v4.0.0.

Links

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track jtalk22/slack-mcp-server

Get notified when new releases ship.

Sign up free

About jtalk22/slack-mcp-server

Your complete Slack context for Claude—DMs, channels, threads, search. No OAuth apps, no admin approval. `--setup` and done, 11 tools, auto-refresh.

All releases →

Related context

Beta — feedback welcome: [email protected]