Security & Safety
How mIRCscord protects servers, users, and data from malicious bots and abuse. Every layer is enforced server-side — bots cannot bypass these protections.
Permission System
Only server owners and admins (users with the Administrator permission bit) can:
- Install or remove bots from a server
- Configure bot settings (blocked words, welcome messages, AI prompts)
- Set or remove API keys for AI bots
- Enable or disable installed bots
Regular members cannot modify bot configuration. This is enforced server-side — the API rejects unauthorized requests with 403 Forbidden.
Bot Sandboxing
What bots CAN do:
- Read messages in channels they're configured for
- Send messages as bot responses
- Delete messages (AutoMod only, for moderation)
- React to messages
What bots CANNOT do:
- Access other servers — bots are scoped per-server installation
- Read DMs or encrypted messages
- Modify server settings, roles, or channels
- Access user passwords, tokens, or API keys from other bots
- Make external network requests (except AI bots to their configured provider)
- Execute code or access the filesystem
- Mention @everyone or @here (stripped automatically)
AI Bot Safety
Input Sanitization AUTO-ENFORCED
All user messages are sanitized before being sent to the AI provider. Common prompt injection patterns are filtered:
ignore previous instructionsdisregard previousyou are nowsystem: / assistant: role injections[INST] / <<SYS>> template injections
Output Sanitization AUTO-ENFORCED
- AI responses are capped at 2000 characters
@everyone and @here mentions are neutralized with zero-width spaces- Responses are posted as the bot user, never as a real user
Rate Limiting AUTO-ENFORCED
- Max 1 AI response per 5 seconds per channel
- Max 3 API key changes per hour per server
- Every AI call is logged with timestamp and token count
API Key Security
- Keys are stored encrypted in the database
- Keys are never displayed in the UI after entry (only last 4 chars shown as hint)
- Each server's key is isolated — one server's key cannot be used by another
- Keys are validated on entry: format checks, minimum length, provider-specific prefixes
- Usage is tracked per key (call count, last used timestamp)
AutoMod Safety
- AutoMod never moderates server owners or admins — admin messages always pass through
- Every moderation action is logged to the audit trail with: timestamp, channel, target user, reason
- Config validation enforced: max 500 blocked words, each max 100 chars
Config Validation
All bot configuration is validated server-side before saving:
| Field | Limit | Validation |
|---|
blocked_words | 500 items | Array of strings, each max 100 chars |
welcome_message | 1000 chars | String with {username} placeholder |
system_prompt | 4000 chars | String (AI bots only) |
active_channels | 20 channels | Array of valid UUID strings |
block_links | — | Boolean only |
block_caps | — | Boolean only |
api_key | — | Min length, provider prefix validation |
provider | — | Must be: openrouter, openai, anthropic, google, mistral, groq |
Audit Trail
Every bot action is logged to bot_actions_log with:
- Bot install ID (which bot on which server)
- Action type (automod_spam, automod_blocked_word, ai_response, etc.)
- Channel ID where the action occurred
- Target user ID (who was moderated)
- Details (JSON with specifics: word matched, caps ratio, etc.)
- Timestamp
Server admins will be able to view the audit log in server settings (coming soon).
Platform-Level Security
These protections apply to the entire platform, including bots:
- Per-IP rate limiting — Auth: 5/min, General: 120/min, Uploads: 10/min
- WebSocket rate limiting — Max 30 messages/second per connection, 64KB max frame
- Body size guard — 256KB max for non-upload requests
- JWT authentication — All API calls require valid tokens (7-day expiry)
- bcrypt password hashing — Default cost factor
- Parameterized SQL — All queries use bind parameters (no SQL injection)
- CORS restricted — Only mircscord.com and localhost origins
- Security headers — X-Frame-Options, CSP, X-Content-Type-Options, Referrer-Policy