Windows Command Line MCP Server

Instructions

Implementation Reference

• index.ts:525-589 (handler)

  The core handler function for the 'execute_powershell' tool. It checks the platform, performs security validation by blocking dangerous PowerShell patterns, constructs the command using powershell.exe, executes it via the executeCommand helper with optional working directory and timeout, and returns the stdout or formatted error response.
  async ({ script, workingDir, timeout }) => { if (!isWindows) { return { content: [ { type: "text", text: "The PowerShell execution tool is only available on Windows. Current platform: " + platform(), }, ], }; } try { // Security check: Ensure no dangerous operations const scriptLower = script.toLowerCase(); // Block potentially dangerous commands const dangerousPatterns = [ 'new-user', 'add-user', 'remove-item -recurse -force', 'format-volume', 'reset-computer', 'stop-computer', 'restart-computer', 'stop-process -force', 'remove-item -force', 'set-executionpolicy', 'invoke-webrequest', 'start-bitstransfer', 'set-location', 'invoke-expression', 'iex', '& {', 'invoke-command', 'new-psdrive', 'remove-psdrive', 'enable-psremoting', 'new-service', 'remove-service', 'set-service' ]; // Check for dangerous patterns if (dangerousPatterns.some(pattern => scriptLower.includes(pattern.toLowerCase()))) { return { isError: true, content: [ { type: "text", text: "Script contains potentially dangerous operations and cannot be executed.", }, ], }; } const options: any = { timeout }; if (workingDir) { options.cwd = workingDir; } const stdout = executeCommand(`powershell.exe -Command "${script}"`, options); return { content: [ { type: "text", text: stdout.toString() || 'PowerShell script executed successfully (no output)', }, ], }; } catch (error) { return { isError: true, content: [ { type: "text", text: `Error executing PowerShell script: ${error}`, }, ], }; } }
• index.ts:520-524 (schema)

  Zod schema defining the input parameters for the execute_powershell tool: required 'script' string, optional 'workingDir' string, and 'timeout' number with default 30000.
  { script: z.string().describe("PowerShell script to execute"), workingDir: z.string().optional().describe("Working directory for the script"), timeout: z.number().default(30000).describe("Timeout in milliseconds"), },
• index.ts:517-590 (registration)

  Registration of the 'execute_powershell' tool using server.tool(), including name, description, schema, and inline handler function.
  server.tool( "execute_powershell", "Execute a PowerShell script and return its output. This allows for more complex operations and script execution. PowerShell must be in the allowed commands list.", { script: z.string().describe("PowerShell script to execute"), workingDir: z.string().optional().describe("Working directory for the script"), timeout: z.number().default(30000).describe("Timeout in milliseconds"), }, async ({ script, workingDir, timeout }) => { if (!isWindows) { return { content: [ { type: "text", text: "The PowerShell execution tool is only available on Windows. Current platform: " + platform(), }, ], }; } try { // Security check: Ensure no dangerous operations const scriptLower = script.toLowerCase(); // Block potentially dangerous commands const dangerousPatterns = [ 'new-user', 'add-user', 'remove-item -recurse -force', 'format-volume', 'reset-computer', 'stop-computer', 'restart-computer', 'stop-process -force', 'remove-item -force', 'set-executionpolicy', 'invoke-webrequest', 'start-bitstransfer', 'set-location', 'invoke-expression', 'iex', '& {', 'invoke-command', 'new-psdrive', 'remove-psdrive', 'enable-psremoting', 'new-service', 'remove-service', 'set-service' ]; // Check for dangerous patterns if (dangerousPatterns.some(pattern => scriptLower.includes(pattern.toLowerCase()))) { return { isError: true, content: [ { type: "text", text: "Script contains potentially dangerous operations and cannot be executed.", }, ], }; } const options: any = { timeout }; if (workingDir) { options.cwd = workingDir; } const stdout = executeCommand(`powershell.exe -Command "${script}"`, options); return { content: [ { type: "text", text: stdout.toString() || 'PowerShell script executed successfully (no output)', }, ], }; } catch (error) { return { isError: true, content: [ { type: "text", text: `Error executing PowerShell script: ${error}`, }, ], }; } } );
• index.ts:17-47 (helper)

  Shared helper function executeCommand used by the tool (and others) to synchronously execute the constructed PowerShell command via execSync on Windows, with fallback logic for non-Windows platforms.
  function executeCommand(command: string, options: any = {}) { if (isWindows) { return execSync(command, options); } else { // Log warning for non-Windows environments console.error(`Warning: Running in a non-Windows environment (${platform()}). Windows commands may not work.`); // For testing purposes on non-Windows platforms try { // For Linux/MacOS, we'll strip cmd.exe and powershell.exe references let modifiedCmd = command; // Replace cmd.exe /c with empty string modifiedCmd = modifiedCmd.replace(/cmd\.exe\s+\/c\s+/i, ''); // Replace powershell.exe -Command with empty string or a compatible command modifiedCmd = modifiedCmd.replace(/powershell\.exe\s+-Command\s+("|')/i, ''); // Remove trailing quotes if we removed powershell -Command if (modifiedCmd !== command) { modifiedCmd = modifiedCmd.replace(/("|')$/, ''); } console.error(`Attempting to execute modified command: ${modifiedCmd}`); return execSync(modifiedCmd, options); } catch (error) { console.error(`Error executing modified command: ${error}`); return Buffer.from(`This tool requires a Windows environment. Current platform: ${platform()}`); } } }
• index.ts:8-8 (helper)

  Platform detection constant used throughout the handler to restrict PowerShell execution to Windows.
  const isWindows = platform() === 'win32';