registry
Perform Windows Registry operations to read keys and values, search entries, list subkeys, retrieve startup programs, installed applications, and system information from the registry.
Instructions
Windows Registry operations including reading registry keys, values, and searching registry entries
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| action | Yes | The registry operation to perform | |
| key_path | No | Registry key path (e.g., HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion) | |
| value_name | No | Registry value name to read | |
| search_term | No | Search term for finding registry keys or values | |
| hive | No | Registry hive to search in (default: HKLM) | HKLM |
| max_depth | No | Maximum depth for recursive operations (default: 2) |
Implementation Reference
- src/tools/registry.ts:44-80 (handler)Main handler function (run method) that dispatches registry operations based on the 'action' parameter.async run(args: { action: string; key_path?: string; value_name?: string; search_term?: string; hive?: string; max_depth?: number; }) { try { switch (args.action) { case "read_key": return await this.readKey(args.key_path!); case "read_value": return await this.readValue(args.key_path!, args.value_name!); case "search_keys": return await this.searchKeys(args.search_term!, args.hive); case "list_subkeys": return await this.listSubkeys(args.key_path!, args.max_depth); case "get_startup_programs": return await this.getStartupPrograms(); case "get_installed_programs": return await this.getInstalledPrograms(); case "get_system_info_from_registry": return await this.getSystemInfoFromRegistry(); default: throw new Error(`Unknown action: ${args.action}`); } } catch (error: any) { return { content: [{ type: "text", text: `❌ Registry operation failed: ${error.message}` }], isError: true }; } },
- src/tools/registry.ts:9-42 (schema)Input schema defining parameters for different registry operations.parameters: { type: "object", properties: { action: { type: "string", enum: ["read_key", "read_value", "search_keys", "list_subkeys", "get_startup_programs", "get_installed_programs", "get_system_info_from_registry"], description: "The registry operation to perform" }, key_path: { type: "string", description: "Registry key path (e.g., HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion)" }, value_name: { type: "string", description: "Registry value name to read" }, search_term: { type: "string", description: "Search term for finding registry keys or values" }, hive: { type: "string", enum: ["HKLM", "HKCU", "HKCR", "HKU", "HKCC"], description: "Registry hive to search in (default: HKLM)", default: "HKLM" }, max_depth: { type: "number", description: "Maximum depth for recursive operations (default: 2)", default: 2 } }, required: ["action"] },
- src/index.ts:42-46 (registration)Registration of the registry tool in the MCP server's tool list response.{ name: registryTool.name, description: registryTool.description, inputSchema: registryTool.parameters },
- src/index.ts:77-78 (registration)Dispatch handler for calling the registry tool in the MCP server.case "registry": return await registryTool.run(args as any);
- src/tools/registry.ts:82-96 (helper)Example helper: reads properties of a registry key using PowerShell.async readKey(keyPath: string) { try { const command = `Get-ItemProperty -Path "Registry::${keyPath}" -ErrorAction Stop | Format-List`; const { stdout } = await execAsync(`powershell -Command "${command}"`); return { content: [{ type: "text", text: `# Registry Key: ${keyPath}\n\n\`\`\`\n${stdout}\n\`\`\`` }] }; } catch (error: any) { throw new Error(`Failed to read registry key ${keyPath}: ${error.message}`); } },