How We Built an MCP Server That Lets Claude Manage YouTube Comments
Learn how we built a production MCP server on Cloudflare Workers and Supabase that lets Claude classify comments, detect spam, and generate audience intelligence reports.
Sandeep Bhara
Founder & CEO
NAWA's MCP server lets Claude classify YouTube comments, detect spam bots, generate audience intelligence reports, and reply to commenters. Here is exactly how we built it, what broke, and what you can steal for your own MCP server.
The Problem: 258 Comments, Zero Replies
A creator publishes a video. Within 24 hours, 258 comments appear. (We analyzed a real example: the DOAC audience intelligence report dissects 258 comments from a Steven Bartlett episode.) Questions from fans, spam from crypto bots, criticism that needs a response, praise that deserves a heart. The creator sees the number "258" and closes the tab.
This is not laziness. It is triage paralysis. Every comment requires a decision: reply, heart, skip, or flag. At two minutes per comment, that is eight hours of work for one video. Most creators do not have eight hours. So they do nothing, and their audience learns that commenting is shouting into a void.
We built NAWA to solve this. An AI engine that classifies every comment by intent and sentiment, drafts replies in the creator's voice, detects spam rings, and produces intelligence reports. The question was: how do we let Claude use NAWA directly?
What MCP Is (and Why It Matters)
The Model Context Protocol is an open standard from Anthropic that lets AI assistants call external tools. Think of it as a USB port for Claude. Instead of copying data between apps, Claude connects to your service and operates it directly.
Before MCP, integrating with Claude meant building a custom plugin, writing prompt engineering around API responses, or asking users to paste data into the chat. MCP replaces all of that with a standardized protocol. Your service declares its tools. Claude discovers them. The user says "classify my comments" and Claude calls NAWA's classify tool with the right parameters.
The protocol is JSON-RPC over HTTP. The server declares tools with names, descriptions, input schemas, and safety annotations (read-only vs destructive). Claude reads these declarations, decides which tools to call based on the user's request, and handles the response. No prompt engineering. No copy-pasting.
For NAWA, this means a creator can say "show me the spam bots in my latest video" and Claude will call the list_pending_comments tool, filter by spam classification, and present the results. The creator never leaves the conversation.
The Architecture: Why We Need Two Servers
Here is what we built:
The MCP server is a Supabase Edge Function (Deno runtime, 1,500 lines of TypeScript). It handles the MCP protocol, validates tokens, rate-limits requests, and implements 10 tools. It already worked.
The problem was authentication.
The OAuth Wall
The MCP spec requires OAuth 2.1 endpoints at the domain root. When your MCP server lives at https://example.com/functions/v1/mcp, Claude strips the path and looks for:
https://example.com/.well-known/oauth-authorization-serverhttps://example.com/authorizehttps://example.com/token
Our MCP server lived on Supabase at xemcegxkfkvkgmehllix.supabase.co/functions/v1/mcp. Supabase controls the domain root. When Claude tried to hit /authorize, Supabase returned {"error":"requested path is invalid"}.
This is the bug that took two hours to diagnose. The error message gives no hint that the problem is architectural, not code-level.
The Fix: A Cloudflare Worker as OAuth Proxy
The solution: a Cloudflare Worker at our own domain that handles OAuth at the root and proxies everything else to the Supabase Edge Function.
```
Claude -> nawa-mcp-oauth.nawalabs.workers.dev (CF Worker)
+-- /.well-known/... -> OAuth metadata
+-- /authorize -> Consent page
+-- /token -> Token exchange (PKCE)
+-- /register -> Client registration
+-- /* -> PROXY to Supabase Edge Function
```
The worker is 843 lines across 6 files. It handles OAuth metadata discovery (RFC 8414), dynamic client registration (RFC 7591), PKCE-secured authorization code flow, token rotation on refresh, and a branded consent page. Every other request is forwarded to Supabase with all headers intact.
The existing MCP Edge Function was not modified. The worker is a thin authentication layer in front.
What Claude Can Do Through NAWA
Ten tools, each with safety annotations (read-only or destructive):
Read-Only Tools
list_pending_comments returns comments awaiting moderation. Filters by platform, sentiment, intent, and priority. Returns up to 25 comments with AI classification metadata.
```json
{
"name": "list_pending_comments",
"description": "List YouTube comments awaiting moderation",
"inputSchema": {
"type": "object",
"properties": {
"limit": { "type": "number", "default": 10 },
"sentiment": { "enum": ["positive", "negative", "neutral"] },
"intent": { "enum": ["question", "praise", "complaint", "spam"] }
}
}
}
```
get_channel_stats returns subscriber count, total comments, reply rate, sentiment distribution, and superfan count. One call gives Claude a complete picture of a creator's audience health.
get_top_fans identifies repeat commenters with consistently positive sentiment. Superfans are the 10% of an audience that drives 90% of engagement.
morning_briefing generates a daily intelligence summary: new comments overnight, sentiment shifts, spam detected, and one recommended action.
Write Tools (Require Confirmation)
generate_reply drafts an AI reply matching the creator's voice. Claude can ask NAWA to generate a reply, show it to the user, and only post it after approval.
post_reply publishes a reply to YouTube via the platform API. This is a destructive operation: once posted, it is public. The tool requires explicit user confirmation.
skip_comment marks a comment as "no reply needed" and removes it from the pending queue.
Read vs Write: Why Access Control Matters
We use OAuth scopes to separate read and write access:
read:commentslets Claude view comments and analyticswrite:commentslets Claude post replies and moderate
Most users grant both. But the separation matters for trust. A creator connecting NAWA to Claude for the first time sees a consent page listing exactly what Claude can do. If they only want analytics, they can grant read-only access. No reply will ever be posted without their explicit scope approval.
The consent page itself is served by the Cloudflare Worker at /authorize. It is a simple HTML page with NAWA branding, showing the requesting client name, the scopes requested, and Approve/Deny buttons. On approval, the worker generates a PKCE-secured authorization code, stores it in Supabase (single-use, 10-minute expiry), and redirects back to Claude with the code.
What We Learned Building It
1. The MCP spec strips your path. OAuth endpoints must live at the domain root. If your MCP server is on a subpath (Supabase, Vercel API routes, AWS Lambda), you need a proxy at a domain you control. This is not documented clearly in the spec.
2. Supabase REST API column names matter. Our oauth_authorization_codes table had scopes (plural, array) but our worker code used scope (singular, string). The insert failed silently. Supabase PostgREST returns a generic error. We lost 30 minutes debugging a typo.
3. Query builder chain order in Cloudflare Workers. When building a lightweight Supabase REST client for the worker (to avoid the full supabase-js bundle), .eq().update() and .update().eq() are not the same. The terminal operation must come last. update() returns a Promise. eq() returns a QueryBuilder. Chaining them wrong crashes silently.
4. PKCE is mandatory, not optional. The MCP spec requires PKCE (Proof Key for Code Exchange) for all clients. We implemented S256 challenge/verification using the Web Crypto API (crypto.subtle.digest). If you skip PKCE, Claude will reject your server.
5. Token rotation prevents session hijacking. On every refresh token use, we revoke the old token and issue a new pair. This means a stolen refresh token becomes useless after its first use.
Connect NAWA's MCP Server
NAWA's MCP server is a community-built, third-party integration. It is not made or endorsed by Anthropic. It follows the open MCP standard, which means any MCP-compatible client (Claude Code, Claude Desktop, claude.ai) can connect to it.
Prerequisites: A NAWA account with at least one YouTube channel connected. No account yet? Start your 7-day trial.
Claude Code (Terminal)
If you have Claude Code installed, one command registers the server:
```bash
claude mcp add nawa --transport sse https://nawa-mcp-oauth.nawalabs.workers.dev/sse
```
Verify it registered:
```bash
claude mcp list
```
You should see nawa in the output. Now start a conversation and try a tool:
```bash
claude "Give me a morning briefing of my YouTube comments"
```
Claude will prompt you to authenticate on first use. A consent page opens in your browser asking you to sign in with your NAWA account and approve scopes (read, write, or both). After approval, Claude can call NAWA tools for the rest of your session.
To remove the server later:
```bash
claude mcp remove nawa
```
Claude Desktop App
Open Claude Desktop, go to Settings, then Developer, then Edit Config. Add this block to your claude_desktop_config.json:
```json
{
"mcpServers": {
"nawa": {
"url": "https://nawa-mcp-oauth.nawalabs.workers.dev/sse"
}
}
}
```
Restart Claude Desktop. The NAWA tools appear in the tools menu (the hammer icon at the bottom of the chat input). Click it to see all 10 tools listed.
Claude.ai (Web)
- Go to claude.ai and sign in
- Click your profile icon (bottom left), then Settings, then Integrations
- Click Add Integration and enter:
https://nawa-mcp-oauth.nawalabs.workers.dev - Claude redirects you to NAWA's consent page
- Sign in with your NAWA account and approve the requested scopes
- Return to Claude. Start a new conversation and ask about your comments
Troubleshooting
If the connection fails, check these:
- "OAuth error" or blank consent page: Make sure you are using the full URL including
https://. The server requires HTTPS. - "No tools found" after connecting: Restart your client (quit and reopen Claude Desktop, or run
claude mcp listto verify in Claude Code). - "Unauthorized" when calling a tool: Your NAWA session may have expired. Remove and re-add the server to re-authenticate.
- Not seeing your comments: Make sure you have connected a YouTube channel in the NAWA dashboard first. The MCP server reads from your linked platforms.
What to Test
Once connected, try these prompts. Each one maps to a specific NAWA tool:
| What to say to Claude | What happens behind the scenes |
|---|---|
| "Give me a morning briefing" | Calls `morning_briefing`. Returns overnight activity, sentiment shifts, spam count, and one recommended action. |
| "Show me negative comments from this week" | Calls `list_pending_comments` with a sentiment filter. Shows complaints and criticism needing replies. |
| "Who are my superfans?" | Calls `get_top_fans`. Lists your most engaged, positive repeat commenters. |
| "What are my channel stats?" | Calls `get_channel_stats`. Returns reply rate, sentiment breakdown, subscriber count, superfan count. |
| "Draft a reply to this comment" | Calls `generate_reply`. Returns a voice-matched draft. You approve before it posts. |
| "Post that reply" | Calls `post_reply`. Publishes to YouTube. Claude always asks for confirmation first. |
| "Skip all spam comments" | Calls `skip_comment` on spam-classified comments. Cleans your moderation queue. |
NAWA never posts a reply without your explicit approval. The post_reply tool is marked as destructive in the MCP spec, so Claude always asks "are you sure?" before executing it.
What Comes Next
NAWA currently supports YouTube. Instagram, LinkedIn, and X are on the roadmap. Each platform adds new tools to the MCP server: list_instagram_comments, reply_to_tweet, get_linkedin_engagement.
Arabic dialect intelligence is the next frontier. NAWA detects Gulf, Egyptian, Levantine, and Maghreb Arabic and replies in the same dialect. When Claude asks NAWA to draft a reply to a Gulf Arabic comment, the response uses Gulf markers and vocabulary, not Modern Standard Arabic. This is built on IBM's ALLaM model, the most advanced Arabic language model available.
Real-time monitoring is planned: a watch_comments tool that streams new comments as they arrive, letting Claude react to audience activity in real time.
The MCP server is live. See what it produces with real data. Follow the connection guide above to try it with your own channel.
FAQ
What is MCP?
The Model Context Protocol is an open standard from Anthropic that lets AI assistants like Claude connect to external services. It uses JSON-RPC over HTTP with OAuth 2.1 authentication. Think of it as giving Claude hands to operate your tools directly.
How do I build my own MCP server?
You need three things: (1) an HTTP server that handles JSON-RPC requests, (2) OAuth 2.1 endpoints at your domain root, and (3) tool definitions with input schemas. Start with the MCP SDK at modelcontextprotocol.io. If your backend is on Supabase or a subpath, add a proxy at the domain root for OAuth.
Can Claude manage YouTube comments through NAWA?
Yes. NAWA's MCP server gives Claude 10 tools: list pending comments, classify by sentiment and intent, generate voice-matched replies, post replies to YouTube, detect spam bots, and produce audience intelligence reports. See the connection guide above for step-by-step setup.
Is this an official Anthropic integration?
No. NAWA's MCP server is a third-party, community-built integration. It uses the open MCP standard published by Anthropic, but it is built and maintained by NAWA Labs. Anthropic does not endorse or certify third-party MCP servers. You grant access through OAuth scopes and can revoke it at any time.
How do I connect in Claude Code?
Run claude mcp add nawa --transport sse https://nawa-mcp-oauth.nawalabs.workers.dev/sse in your terminal. Verify with claude mcp list. Claude will prompt you to authenticate on first use.
Is it safe to let Claude post replies?
NAWA uses OAuth scopes to separate read and write access. The write:comments scope must be explicitly granted. Claude shows you the draft reply before posting and requires your confirmation. The creator stays in control.
Does NAWA support Arabic comments?
Yes. NAWA detects Gulf, Egyptian, Levantine, and Maghreb Arabic automatically and generates replies in the same dialect. This is powered by IBM ALLaM, the most advanced Arabic language model available.
Tags
About Sandeep Bhara
Founder & CEO
Founder of NAWA. 17+ years at Microsoft, LinkedIn, Deliveroo, NEOM.
Was this helpful?
On this page
Share this article
Want smarter engagement?
Transform your social media engagement with AI-powered responses that match your tone and voice.
Try NAWA AI for free