execute_powershell
Run PowerShell scripts and retrieve output securely via the Windows Command Line MCP Server, enabling controlled execution of complex operations and system tasks.
Instructions
Execute a PowerShell script and return its output. This allows for more complex operations and script execution. PowerShell must be in the allowed commands list.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| script | Yes | PowerShell script to execute | |
| timeout | No | Timeout in milliseconds | |
| workingDir | No | Working directory for the script |
Input Schema (JSON Schema)
{
"$schema": "http://json-schema.org/draft-07/schema#",
"additionalProperties": false,
"properties": {
"script": {
"description": "PowerShell script to execute",
"type": "string"
},
"timeout": {
"default": 30000,
"description": "Timeout in milliseconds",
"type": "number"
},
"workingDir": {
"description": "Working directory for the script",
"type": "string"
}
},
"required": [
"script"
],
"type": "object"
}
Implementation Reference
- index.ts:525-589 (handler)Handler function that validates the platform (Windows only), checks for dangerous patterns in the script, executes the PowerShell command using executeCommand, and returns the output or error.async ({ script, workingDir, timeout }) => { if (!isWindows) { return { content: [ { type: "text", text: "The PowerShell execution tool is only available on Windows. Current platform: " + platform(), }, ], }; } try { // Security check: Ensure no dangerous operations const scriptLower = script.toLowerCase(); // Block potentially dangerous commands const dangerousPatterns = [ 'new-user', 'add-user', 'remove-item -recurse -force', 'format-volume', 'reset-computer', 'stop-computer', 'restart-computer', 'stop-process -force', 'remove-item -force', 'set-executionpolicy', 'invoke-webrequest', 'start-bitstransfer', 'set-location', 'invoke-expression', 'iex', '& {', 'invoke-command', 'new-psdrive', 'remove-psdrive', 'enable-psremoting', 'new-service', 'remove-service', 'set-service' ]; // Check for dangerous patterns if (dangerousPatterns.some(pattern => scriptLower.includes(pattern.toLowerCase()))) { return { isError: true, content: [ { type: "text", text: "Script contains potentially dangerous operations and cannot be executed.", }, ], }; } const options: any = { timeout }; if (workingDir) { options.cwd = workingDir; } const stdout = executeCommand(`powershell.exe -Command "${script}"`, options); return { content: [ { type: "text", text: stdout.toString() || 'PowerShell script executed successfully (no output)', }, ], }; } catch (error) { return { isError: true, content: [ { type: "text", text: `Error executing PowerShell script: ${error}`, }, ], }; } }
- index.ts:520-524 (schema)Input schema using Zod for validating script (string), workingDir (optional string), and timeout (number, default 30000).{ script: z.string().describe("PowerShell script to execute"), workingDir: z.string().optional().describe("Working directory for the script"), timeout: z.number().default(30000).describe("Timeout in milliseconds"), },
- index.ts:516-590 (registration)Registration of the execute_powershell tool via server.tool(), including name, description, schema, and inline handler.// Register the execute_powershell tool server.tool( "execute_powershell", "Execute a PowerShell script and return its output. This allows for more complex operations and script execution. PowerShell must be in the allowed commands list.", { script: z.string().describe("PowerShell script to execute"), workingDir: z.string().optional().describe("Working directory for the script"), timeout: z.number().default(30000).describe("Timeout in milliseconds"), }, async ({ script, workingDir, timeout }) => { if (!isWindows) { return { content: [ { type: "text", text: "The PowerShell execution tool is only available on Windows. Current platform: " + platform(), }, ], }; } try { // Security check: Ensure no dangerous operations const scriptLower = script.toLowerCase(); // Block potentially dangerous commands const dangerousPatterns = [ 'new-user', 'add-user', 'remove-item -recurse -force', 'format-volume', 'reset-computer', 'stop-computer', 'restart-computer', 'stop-process -force', 'remove-item -force', 'set-executionpolicy', 'invoke-webrequest', 'start-bitstransfer', 'set-location', 'invoke-expression', 'iex', '& {', 'invoke-command', 'new-psdrive', 'remove-psdrive', 'enable-psremoting', 'new-service', 'remove-service', 'set-service' ]; // Check for dangerous patterns if (dangerousPatterns.some(pattern => scriptLower.includes(pattern.toLowerCase()))) { return { isError: true, content: [ { type: "text", text: "Script contains potentially dangerous operations and cannot be executed.", }, ], }; } const options: any = { timeout }; if (workingDir) { options.cwd = workingDir; } const stdout = executeCommand(`powershell.exe -Command "${script}"`, options); return { content: [ { type: "text", text: stdout.toString() || 'PowerShell script executed successfully (no output)', }, ], }; } catch (error) { return { isError: true, content: [ { type: "text", text: `Error executing PowerShell script: ${error}`, }, ], }; } } );