What does multiplayer MCP look like? (eg Discord)

[adamavenir]

Pre-submission Checklist

• I have verified that this discussion would not be more appropriate as an issue in a specific repository
• I have searched existing discussions to avoid duplicates

Discussion Topic

I'm interested in hearing from client implementers who have been thinking about the challenges of MCP in collaborative environments.

The spec currently assumes a single-player model where files, tools, and context belong to one user, which make it a little harder to reason about implementing MCP in multi-user environments like Discord bots, collaborative editors, or shared workspaces.

My context: I couldn't find a Discord client implementation so I've been working on one which I'm building for my own use in a private server, but it seems like it'd quite obviously be useful for multi-user servers. As such, I'm trying to wrap my head around what it means from a security perspective to use tools in the context of a shared/collab environment like Discord. Obviously some things are fine in that context (making fetch happen is fine, as is connecting info services all Discord server users would have access to, etc) but it gets a bit weird. (I also recognize that if this was an easy question, we'd probably already have multiplayer Claude chats.)

Current thinking: create separate MCP configs per channel rather than per server. This lets channel access control serve as the permission boundary—if you can see the channel, you can access its MCP tools and resources. Not perfect, but probably good enough.

What do you think?