PowerShell Exec MCP Server

Instructions

Input Schema

Input Schema (JSON Schema)

Implementation Reference

• src/server.py:79-90 (handler)

  The handler function for 'get_system_info' tool. Executes PowerShell 'Get-ComputerInfo' cmdlet with optional property filter, appends JSON formatting, and delegates execution to the shared execute_powershell helper.
  async def get_system_info(properties: Optional[List[str]] = None, timeout: Optional[int] = 60) -> str: """Get system information. Args: properties: List of ComputerInfo properties to retrieve (optional) timeout: Command timeout in seconds (1-300, default 60) """ code = "Get-ComputerInfo" if properties: properties_str = ",".join(properties) code = f"{code} -Property {properties_str}" return await execute_powershell(format_json_output(code), timeout)
• src/server.py:30-34 (helper)

  Helper function used by get_system_info to ensure PowerShell output is formatted as JSON by appending '| ConvertTo-Json' if missing.
  def format_json_output(code: str) -> str: """Add JSON formatting to PowerShell code if not present.""" if not code.strip().lower().endswith('| convertto-json'): code = f"{code} | ConvertTo-Json" return code
• src/server.py:850-909 (helper)

  Shared helper function that executes all PowerShell code securely, including validation against dangerous patterns, timeout handling, and subprocess management. Called by get_system_info.
  async def execute_powershell(code: str, timeout: Optional[int] = 60, ctx: Optional[Context] = None) -> str: """Execute PowerShell commands securely. Args: code: PowerShell code to execute timeout: Command timeout in seconds (1-300, default 60) ctx: MCP context for logging and progress reporting Returns: Command output as string """ # Validate timeout if not isinstance(timeout, int) or timeout < 1 or timeout > 300: raise ValueError("timeout must be between 1 and 300 seconds") # Validate code if not validate_powershell_code(code): raise ValueError("PowerShell code contains potentially dangerous commands") if ctx: await ctx.info("Validating PowerShell code...") # Create and run process if ctx: await ctx.info("Starting PowerShell process...") process = await asyncio.create_subprocess_exec( "powershell", "-NoProfile", # Don't load profiles "-NonInteractive", # No interactive prompts "-Command", code, stdout=subprocess.PIPE, stderr=subprocess.PIPE ) try: if ctx: await ctx.info("Executing command...") stdout, stderr = await asyncio.wait_for( process.communicate(), timeout=timeout ) except asyncio.TimeoutError: process.kill() if ctx: await ctx.error(f"Command timed out after {timeout} seconds") raise TimeoutError(f"Command timed out after {timeout} seconds") if process.returncode != 0: error_msg = stderr.decode() if stderr else "Command failed with no error output" if ctx: await ctx.error(f"PowerShell command failed: {error_msg}") raise RuntimeError(error_msg) result = stdout.decode() if stdout else "" if ctx: await ctx.info(f"Command completed successfully, returned {len(result)} characters") return result
• src/server.py:36-61 (helper)

  Security validation helper used by execute_powershell to block dangerous PowerShell commands before execution in get_system_info and other tools.
  def validate_powershell_code(code: str) -> bool: """ Validate PowerShell code for potentially harmful commands. Args: code: The PowerShell code to validate Returns: bool: True if code passes validation """ dangerous_patterns = [ r"rm\s+(-r|-f|/s)*\s*/", # Dangerous recursive deletes r"format\s+[a-z]:", # Drive formatting r"Stop-Computer", # System shutdown r"Restart-Computer", # System restart r"Remove-Item.*-Recurse", # Recursive deletion r"Invoke-Expression", # Dynamic code execution r"iex", # Alias for Invoke-Expression r"Start-Process", # Starting new processes r"New-Service", # Creating services r"Set-Service", # Modifying services r"net\s+user", # User account manipulation ] return not any(re.search(pattern, code, re.IGNORECASE) for pattern in dangerous_patterns)