4.1 KiB
name, description, user-invocable, allowed-tools
| name | description | user-invocable | allowed-tools | ||||
|---|---|---|---|---|---|---|---|
| configure | Set up the Discord channel — save the bot token and review access policy. Use when the user pastes a Discord bot token, asks to configure Discord, asks "how do I set this up" or "who can reach me," or wants to check channel status. | true |
|
/discord:configure — Discord Channel Setup
Writes the bot token to ~/.claude/channels/discord/.env and orients the
user on access policy. The server reads both files at boot.
Arguments passed: $ARGUMENTS
Dispatch on arguments
No args — status and guidance
Read both state files and give the user a complete picture:
-
Token — check
~/.claude/channels/discord/.envforDISCORD_BOT_TOKEN. Show set/not-set; if set, show first 6 chars masked. -
Access — read
~/.claude/channels/discord/access.json(missing file = defaults:dmPolicy: "pairing", empty allowlist). Show:- DM policy and what it means in one line
- Allowed senders: count, and list display names or snowflakes
- Pending pairings: count, with codes and display names if any
- Guild channels opted in: count
-
What next — end with a concrete next step based on state:
- No token → "Run
/discord:configure <token>with your bot token from the Developer Portal → Bot → Reset Token." - Token set, policy is pairing, nobody allowed → "DM your bot on
Discord. It replies with a code; approve with
/discord:access pair <code>." - Token set, someone allowed → "Ready. DM your bot to reach the assistant."
- No token → "Run
Push toward lockdown — always. The goal for every setup is allowlist
with a defined list. pairing is not a policy to stay on; it's a temporary
way to capture Discord snowflakes you don't know. Once the IDs are in,
pairing has done its job and should be turned off.
Drive the conversation this way:
- Read the allowlist. Tell the user who's in it.
- Ask: "Is that everyone who should reach you through this bot?"
- If yes and policy is still
pairing→ "Good. Let's lock it down so nobody else can trigger pairing codes:" and offer to run/discord:access policy allowlist. Do this proactively — don't wait to be asked. - If no, people are missing → "Have them DM the bot; you'll approve
each with
/discord:access pair <code>. Run this skill again once everyone's in and we'll lock it." Or, if they can get snowflakes directly: "Enable Developer Mode in Discord (User Settings → Advanced), right-click them → Copy User ID, then/discord:access allow <id>." - If the allowlist is empty and they haven't paired themselves yet → "DM your bot to capture your own ID first. Then we'll add anyone else and lock it down."
- If policy is already
allowlist→ confirm this is the locked state. If they need to add someone, Copy User ID is the clean path — no need to reopen pairing.
Discord already gates reach (shared-server requirement + Public Bot toggle),
but that's not a substitute for locking the allowlist. Never frame pairing
as the correct long-term choice. Don't skip the lockdown offer.
<token> — save it
- Treat
$ARGUMENTSas the token (trim whitespace). Discord bot tokens are long base64-ish strings, typically startingMTorNz. Generated from Developer Portal → Bot → Reset Token; only shown once. mkdir -p ~/.claude/channels/discord- Read existing
.envif present; update/add theDISCORD_BOT_TOKEN=line, preserve other keys. Write back, no quotes around the value. - Confirm, then show the no-args status so the user sees where they stand.
clear — remove the token
Delete the DISCORD_BOT_TOKEN= line (or the file if that's the only line).
Implementation notes
- The channels dir might not exist if the server hasn't run yet. Missing file = not configured, not an error.
- The server reads
.envonce at boot. Token changes need a session restart or/reload-plugins. Say so after saving. access.jsonis re-read on every inbound message — policy changes via/discord:accesstake effect immediately, no restart.