Looked in this forum and on GitHub Discourse for an official Discourse Model Context Protocol (MCP) and did not find anything.
While there are unofficial Discourse MCP (ref), would much prefer an official one. Yes I am considering creating my own if needed.
Update:
DeepLearning.AI just released a free online class taught by Elie Schoppik from Anthropic
We don’t have an official MCP server or client. We have been “waiting and seeing” for now to see how adoption of the protocol emerges.
Would love to have an MCP for Discourse API Docs and Dev Docs. That would help a lot since we have been tweaking some Theme Components and we want to make sure that the code is always compatible to our and future Discourse versions and follow best practice.
Sometimes it is the ideas that you do not think of that are some of the best. 
Thanks for posting.
The “note” seems to be empty when expanded…
It isn’t necessarily an industry standard yet (like JSON, REST, etc) therefore early adopters (organizations/companies included) may end up paying the price of something shinier and better coming along after this original MCP. With that being said, it’s understandable that Discourse may want to wait this one out a bit
For a quick and dirty test I started using GitMCP: https://gitmcp.io/
If anyone else wants to give it a shot, check it out:
My current thinking roadmap wise is is along this… still needs lots of refinement but it helps paint a picture of how I think about this.
Allow admin to select a collection of tools (either custom or built-in) and publish to a particular endpoint. /discourse-ai/mcp/NAME
Use Bearer for authentication - in particular a user API key
Key can be scoped to a particular MCP service
Milestone
Allow admin to consume an MCP service, which adds a list of tools to the available tool list that can then be consumed by personas.
Use Bearer for authentication
Milestone
Milestone
This is a more complex auth mechanism especially registration
Milestone
milestone
leaving this here as a possible way of modularizing it , glad to see a conversation on this topic.
A security issue one should be advised of/know/understand related to MCPs.
Stop Running Your MCP Tools via npx/uvx Right Now by Bob Dickinson
The gist of the issue is that by using npx or uvx you are essentially telling your tool-using platform to go get whatever code is registered with the package name provided and run it (the “x” is for “execute”), updating whenever the package changes. And the code that is then run on your machine has root access — it can see your entire machine, environment variables, the file system, it can open ports to listen or to exfiltrate data. This code, which just got pulled down fresh from the registry, can do ANYTHING it wants.
For example in learning to use MCPs grabbed the time MCP from
The install instructions note one possible option
e.g.
uvx actually downloaded all of the code in milliseconds into a temporary directory and ran it as needed. When the MCP client was done (closed in the case of Claude Desktop), the temporary files were deleted.
Yes you should get a warning before the code is executed as in the case with Claude Desktop
but how many users really know how to check and just click an allow option.
Announcements such as these are common.
Destructive malware available in NPM repo went unnoticed for 2 years
Creating MCP Servers via vibe coding is relatively easy, getting the security correct is not.
