@cmdop/bot
Advanced tools
Multi-channel bot framework for CMDOP — run /exec, /agent, /skills, and /files commands from Telegram, Discord, and Slack.
pnpm add @cmdop/bot
import { IntegrationHub } from '@cmdop/bot';
const hub = await IntegrationHub.create({
apiKey: process.env.CMDOP_API_KEY,
});
await hub.addTelegram({ token: process.env.TELEGRAM_TOKEN });
await hub.start();
That's it. Your bot now responds to /exec, /agent, /skills, /files, and /help.
pnpm add grammy @grammyjs/transformer-throttler
await hub.addTelegram({ token: 'YOUR_BOT_TOKEN' });
Get a token from @BotFather.
pnpm add discord.js @discordjs/rest @discordjs/builders
await hub.addDiscord({
token: 'YOUR_BOT_TOKEN',
clientId: 'YOUR_APPLICATION_ID',
guildId: 'OPTIONAL_GUILD_ID', // omit for global slash commands
});
Get tokens from the Discord Developer Portal.
pnpm add @slack/bolt @slack/web-api
await hub.addSlack({
token: 'xoxb-YOUR-BOT-TOKEN',
appToken: 'xapp-YOUR-APP-TOKEN',
});
Requires Socket Mode enabled in your Slack app settings. See examples/slack.ts for full setup.
| Command | Usage | Required permission |
|---|---|---|
/exec | /exec <shell command> | EXECUTE |
/agent | /agent <prompt> | EXECUTE |
/skills | /skills list | show <name> | run <name> <prompt> | EXECUTE |
/files | /files [read] <path> | READ |
/help | /help | none |
Commands use a / or ! prefix. Example: /exec ls -la, !agent list running processes.
Users default to NONE (no access). Grant levels programmatically:
const hub = await IntegrationHub.create({
adminUsers: ['telegram:123456789'], // always ADMIN
});
// Grant a specific user READ access
await hub.permissions.setLevel('telegram:987654321', 'READ');
Permission levels (ordered, each includes all levels below):
| Level | Access |
|---|---|
NONE | No commands (only /help) |
READ | /files |
EXECUTE | /exec, /agent, /skills |
FILES | (reserved for future write operations) |
ADMIN | All commands |
Link a Telegram user to their Discord account so permissions apply on both platforms:
hub.linkIdentities('telegram', '12345', 'discord', '67890');
// Now granting EXECUTE to either ID applies to both
await hub.permissions.setLevel('telegram:12345', 'EXECUTE');
const hub = await IntegrationHub.create({
// CMDOP connection
apiKey: 'cmdop_live_xxx', // cloud; omit for local IPC
defaultMachine: 'my-server', // pre-select a machine
// Permissions
adminUsers: ['telegram:123'],
permissionStore: myRedisStore, // custom store (see PermissionStoreProtocol)
// Startup behaviour
channelStartMode: 'isolated', // 'isolated' (default) | 'strict'
// 'isolated' — a failing channel is logged; others continue
// 'strict' — any channel failure throws and aborts hub.start()
// Logging
logger: myLogger, // any { info, warn, error, debug } object
});
Register a handler for a new command:
import { BaseHandler, ok, err, CommandArgsError } from '@cmdop/bot';
import type { CommandContext, HandlerResult, LoggerProtocol } from '@cmdop/bot';
import type { CMDOPClient } from '@cmdop/node';
class PingHandler extends BaseHandler {
readonly name = 'ping';
readonly description = 'Check if the bot is alive';
readonly usage = '/ping';
readonly requiredPermission = 'NONE' as const;
async handle(_ctx: CommandContext): Promise<HandlerResult> {
return ok({ type: 'text', text: 'pong 🏓' });
}
}
hub.registerHandler(new PingHandler(hub.cmdop, logger));
Implement ChannelProtocol (or extend BaseChannel) to add any messaging platform:
import { BaseChannel } from '@cmdop/bot';
class MyChannel extends BaseChannel {
constructor(permissions, dispatcher, logger) {
super('my-channel', 'My Platform', permissions, dispatcher, logger);
}
async start() {
// connect to platform, register event listeners
myPlatform.on('message', async (msg) => {
await this.processMessage({
id: msg.id,
userId: msg.authorId,
channelId: this.id,
text: msg.text,
timestamp: new Date(),
attachments: [],
});
});
}
async stop() { await myPlatform.disconnect(); }
async send(userId: string, message: OutgoingMessage) {
// format and send message to platform
}
onMessage(handler) { /* store handler for hub use */ }
}
hub.registerChannel(new MyChannel(hub.permissions, /* dispatcher */, logger));
See examples/custom-channel.ts for a complete working example.
const hub = await IntegrationHub.create({ apiKey: '...', channelStartMode: 'isolated' });
await hub.addTelegram({ token: process.env.TELEGRAM_TOKEN });
await hub.addDiscord({ token: process.env.DISCORD_TOKEN, clientId: process.env.DISCORD_CLIENT_ID });
await hub.addSlack({ token: process.env.SLACK_BOT_TOKEN, appToken: process.env.SLACK_APP_TOKEN });
await hub.start();
console.log(`Running: ${hub.runningChannelIds.join(', ')}`);
console.log(`Failed: ${hub.failedChannelIds.join(', ')}`);
async function shutdown() {
await hub.stop(); // stops all channels, closes CMDOP client
process.exit(0);
}
process.once('SIGINT', shutdown);
process.once('SIGTERM', shutdown);
All errors extend BotError and expose a code string:
| Class | Code | When |
|---|---|---|
PermissionDeniedError | PERMISSION_DENIED | User lacks required level |
CommandNotFoundError | COMMAND_NOT_FOUND | Unknown command |
CommandArgsError | COMMAND_ARGS | Invalid arguments |
CMDOPError | CMDOP_ERROR | CMDOP client failure |
MachineNotFoundError | MACHINE_NOT_FOUND | Machine hostname unknown |
MachineOfflineError | MACHINE_OFFLINE | No active session on machine |
ConfigError | CONFIG_ERROR | Missing / invalid configuration |
| Variable | Description |
|---|---|
CMDOP_API_KEY | CMDOP cloud API key (omit for local IPC) |
CMDOP_MACHINE | Default machine hostname |
BOT_LOG_LEVEL | debug | info | warn | error (default: info) |
BOT_MAX_OUTPUT | Max characters returned by /exec (default: 4000) |
TELEGRAM_TOKEN | Telegram bot token |
DISCORD_TOKEN | Discord bot token |
DISCORD_CLIENT_ID | Discord application ID |
SLACK_BOT_TOKEN | Slack bot OAuth token (xoxb-...) |
SLACK_APP_TOKEN | Slack app-level token for Socket Mode (xapp-...) |
@cmdop/node (peer dependency, installed automatically)MIT
FAQs
CMDOP multi-channel bot integrations — Telegram, Discord, Slack, Teams, and more
The npm package @cmdop/bot receives a total of 425 weekly downloads. As such, @cmdop/bot popularity was classified as not popular.
We found that @cmdop/bot demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
The worm-enabled campaign hit @emilgroup and @teale.io, then used an ICP canister to deliver follow-on payloads.
Research
/Security News
Attackers compromised Trivy GitHub Actions by force-updating tags to deliver malware, exposing CI/CD secrets across affected pipelines.
Security News
ENISA’s new package manager advisory outlines the dependency security practices companies will need to demonstrate as the EU’s Cyber Resilience Act begins enforcing software supply chain requirements.