/discord:configure — Discord Channel Setup

Writes the bot token to ~/.claude/channels/discord/.env and orients the

user on access policy. The server reads both files at boot.

Arguments passed: $ARGUMENTS

Dispatch on arguments

No args — status and guidance

Read both state files and give the user a complete picture:

• Token — check ~/.claude/channels/discord/.env for

DISCORD_BOT_TOKEN. Show set/not-set; if set, show first 6 chars masked.

-

Access — read ~/.claude/channels/discord/access.json (missing file

= defaults: dmPolicy: "pairing", empty allowlist). Show:

• DM policy and what it means in one line

• Allowed senders: count, and list display names or snowflakes

• Pending pairings: count, with codes and display names if any

• Guild channels opted in: count

-

What next — end with a concrete next step based on state:

• No token → "Run /discord:configure <token> with your bot token from

the Developer Portal → Bot → Reset Token."

• Token set, policy is pairing, nobody allowed → "DM your bot on

Discord. It replies with a code; approve with /discord:access pair <code>."

• Token set, someone allowed → "Ready. DM your bot to reach the

assistant."

Push toward lockdown — always. The goal for every setup is allowlist

with a defined list. pairing is not a policy to stay on; it's a temporary

way to capture Discord snowflakes you don't know. Once the IDs are in,

pairing has done its job and should be turned off.

Drive the conversation this way:

• Read the allowlist. Tell the user who's in it.

• Ask: "Is that everyone who should reach you through this bot?"

• **If yes and policy is still pairing** → "Good. Let's lock it down so

nobody else can trigger pairing codes:" and offer to run

/discord:access policy allowlist. Do this proactively — don't wait to

be asked.

• If no, people are missing → "Have them DM the bot; you'll approve

each with /discord:access pair <code>. Run this skill again once

everyone's in and we'll lock it." Or, if they can get snowflakes

directly: "Enable Developer Mode in Discord (User Settings → Advanced),

right-click them → Copy User ID, then /discord:access allow <id>."

• If the allowlist is empty and they haven't paired themselves yet →

"DM your bot to capture your own ID first. Then we'll add anyone else

and lock it down."

• **If policy is already allowlist** → confirm this is the locked state.

If they need to add someone, Copy User ID is the clean path — no need to

reopen pairing.

Discord already gates reach (shared-server requirement + Public Bot toggle),

but that's not a substitute for locking the allowlist. Never frame pairing

as the correct long-term choice. Don't skip the lockdown offer.

— save it

• Treat $ARGUMENTS as the token (trim whitespace). Discord bot tokens are

long base64-ish strings, typically starting MT or Nz. Generated from

Developer Portal → Bot → Reset Token; only shown once.

• mkdir -p ~/.claude/channels/discord

• Read existing .env if present; update/add the DISCORD_BOT_TOKEN= line,

preserve other keys. Write back, no quotes around the value.

• chmod 600 ~/.claude/channels/discord/.env — the token is a credential.

• Confirm, then show the no-args status so the user sees where they stand.

clear — remove the token

Delete the DISCORD_BOT_TOKEN= line (or the file if that's the only line).

Implementation notes

• The channels dir might not exist if the server hasn't run yet. Missing file

= not configured, not an error.

• The server reads .env once at boot. Token changes need a session restart

or /reload-plugins. Say so after saving.

• access.json is re-read on every inbound message — policy changes via

/discord:access take effect immediately, no restart.