Model Context Protocol moderate risk

Line Bot

This MCP server connects AI agents to LINE Official Accounts, enabling them to send messages, manage rich menus, and retrieve user profiles via the LINE Messaging API.

Connections & Capabilities

Connects To

GitHubDocker

Capabilities

readwriteexecadmin

Quickstart

Install

npm install
```

Config

{
  "mcpServers": {
    "line-bot": {
      "command": "npx",
      "args": [
        "@line/line-bot-mcp-server"
      ],
      "env": {
        "CHANNEL_ACCESS_TOKEN" : "FILL_HERE",
        "DESTINATION_USER_ID" : "FILL_HERE"
      }
    }
  }
}

Exposed MCP Tools (11)

moderate

push_text_message

Sends a simple text message to a specified user via LINE.

Can be used to send unwanted messages if userId is not properly validated.

moderate

push_flex_message

Sends a customizable flex message to a user via LINE.

Flex messages allow complex content, increasing the risk of phishing or malicious content.

high

broadcast_text_message

Broadcasts a simple text message to all users who follow the LINE Official Account.

Can be used for spam or to spread misinformation to a large audience.

high

broadcast_flex_message

Broadcasts a customizable flex message to all users who follow the LINE Official Account.

Flex messages allow complex content, increasing the risk of phishing or malicious content to a large audience.

safe

get_profile

Retrieves the profile information of a specified LINE user.

Read-only operation that retrieves publicly available user information.

safe

get_message_quota

Retrieves the message quota and consumption of the LINE Official Account.

Read-only operation that retrieves account usage information.

safe

get_rich_menu_list

Retrieves a list of rich menus associated with the LINE Official Account.

Read-only operation that retrieves configuration data.

high

delete_rich_menu

Deletes a specified rich menu from the LINE Official Account.

Destructive operation that can impact user experience if deleted incorrectly.

high

set_rich_menu_default

Sets a specified rich menu as the default for the LINE Official Account.

Can disrupt user experience if set to an incorrect or broken rich menu.

moderate

cancel_rich_menu_default

Cancels the default rich menu setting for the LINE Official Account.

Can temporarily disrupt user experience by removing the default rich menu.

high

create_rich_menu

Creates a rich menu based on the given actions, uploads an image, and sets it as default.

Can disrupt user experience if set to an incorrect or broken rich menu, and image upload could introduce vulnerabilities.

Safety Assessment

This server offers a mix of read and write operations on a LINE Official Account. While it doesn't provide direct system-level access, the ability to send messages and modify rich menus carries a moderate risk if the CHANNEL_ACCESS_TOKEN is compromised or the tools are misused. It is safe when used with explicit user IDs and carefully crafted messages, but risky when broadcasting or manipulating rich menus without proper testing.

Requires CHANNEL_ACCESS_TOKEN for authentication.
Most tools require explicit user or message IDs.
No direct filesystem access.
Limited execution capabilities beyond LINE API calls.

CHANNEL_ACCESS_TOKEN grants broad access to the LINE Official Account.
Potential for abuse if DESTINATION_USER_ID is not properly managed.
Some tools allow broadcasting messages to all followers.
Flex messages allow for complex content that could be used for phishing.
Rich menu manipulation can impact user experience if misconfigured.