execute_command
Execute Windows commands like 'dir' or 'echo' and retrieve their output through a secure MCP server interface.
Instructions
Execute a Windows command and return its output. Only commands in the allowed list can be executed. This tool should be used for running simple commands like 'dir', 'echo', etc.
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| command | Yes | The command to execute | |
| workingDir | No | Working directory for the command | |
| timeout | No | Timeout in milliseconds |
Implementation Reference
- index.ts:454-513 (handler)The core handler logic for the 'execute_command' tool. It performs security checks to block dangerous commands, constructs the shell command using cmd.exe on Windows, sets execution options, calls the executeCommand helper, and returns stdout or an error.
async ({ command, workingDir, timeout }) => { try { // Security check: Ensure only allowed commands are executed const commandLower = command.toLowerCase(); // Block potentially dangerous commands const dangerousPatterns = [ 'net user', 'net localgroup', 'netsh', 'format', 'rd /s', 'rmdir /s', 'del /f', 'reg delete', 'shutdown', 'taskkill', 'sc delete', 'bcdedit', 'cacls', 'icacls', 'takeown', 'diskpart', 'cipher /w', 'schtasks /create', 'rm -rf', 'sudo', 'chmod', 'chown', 'passwd', 'mkfs', 'dd' ]; // Check for dangerous patterns if (dangerousPatterns.some(pattern => commandLower.includes(pattern.toLowerCase()))) { return { isError: true, content: [ { type: "text", text: "Command contains potentially dangerous operations and cannot be executed.", }, ], }; } const options: any = { timeout }; if (workingDir) { options.cwd = workingDir; } let cmdToExecute; if (isWindows) { cmdToExecute = `cmd.exe /c ${command}`; } else { // For non-Windows, try to execute the command directly cmdToExecute = command; } const stdout = executeCommand(cmdToExecute, options); return { content: [ { type: "text", text: stdout.toString() || 'Command executed successfully (no output)', }, ], }; } catch (error) { return { isError: true, content: [ { type: "text", text: `Error executing command: ${error}`, }, ], }; } } - index.ts:449-453 (schema)Input schema using Zod for the 'execute_command' tool, defining parameters: command (required string), workingDir (optional string), timeout (optional number with default).
{ command: z.string().describe("The command to execute"), workingDir: z.string().optional().describe("Working directory for the command"), timeout: z.number().default(30000).describe("Timeout in milliseconds"), }, - index.ts:446-514 (registration)MCP server registration of the 'execute_command' tool, including the tool name, description, input schema, and inline handler function.
server.tool( "execute_command", "Execute a Windows command and return its output. Only commands in the allowed list can be executed. This tool should be used for running simple commands like 'dir', 'echo', etc.", { command: z.string().describe("The command to execute"), workingDir: z.string().optional().describe("Working directory for the command"), timeout: z.number().default(30000).describe("Timeout in milliseconds"), }, async ({ command, workingDir, timeout }) => { try { // Security check: Ensure only allowed commands are executed const commandLower = command.toLowerCase(); // Block potentially dangerous commands const dangerousPatterns = [ 'net user', 'net localgroup', 'netsh', 'format', 'rd /s', 'rmdir /s', 'del /f', 'reg delete', 'shutdown', 'taskkill', 'sc delete', 'bcdedit', 'cacls', 'icacls', 'takeown', 'diskpart', 'cipher /w', 'schtasks /create', 'rm -rf', 'sudo', 'chmod', 'chown', 'passwd', 'mkfs', 'dd' ]; // Check for dangerous patterns if (dangerousPatterns.some(pattern => commandLower.includes(pattern.toLowerCase()))) { return { isError: true, content: [ { type: "text", text: "Command contains potentially dangerous operations and cannot be executed.", }, ], }; } const options: any = { timeout }; if (workingDir) { options.cwd = workingDir; } let cmdToExecute; if (isWindows) { cmdToExecute = `cmd.exe /c ${command}`; } else { // For non-Windows, try to execute the command directly cmdToExecute = command; } const stdout = executeCommand(cmdToExecute, options); return { content: [ { type: "text", text: stdout.toString() || 'Command executed successfully (no output)', }, ], }; } catch (error) { return { isError: true, content: [ { type: "text", text: `Error executing command: ${error}`, }, ], }; } } ); - index.ts:17-47 (helper)Supporting helper function executeCommand that performs the actual command execution using Node.js execSync, with platform-specific handling (direct exec on Windows, modified fallback on other platforms).
function executeCommand(command: string, options: any = {}) { if (isWindows) { return execSync(command, options); } else { // Log warning for non-Windows environments console.error(`Warning: Running in a non-Windows environment (${platform()}). Windows commands may not work.`); // For testing purposes on non-Windows platforms try { // For Linux/MacOS, we'll strip cmd.exe and powershell.exe references let modifiedCmd = command; // Replace cmd.exe /c with empty string modifiedCmd = modifiedCmd.replace(/cmd\.exe\s+\/c\s+/i, ''); // Replace powershell.exe -Command with empty string or a compatible command modifiedCmd = modifiedCmd.replace(/powershell\.exe\s+-Command\s+("|')/i, ''); // Remove trailing quotes if we removed powershell -Command if (modifiedCmd !== command) { modifiedCmd = modifiedCmd.replace(/("|')$/, ''); } console.error(`Attempting to execute modified command: ${modifiedCmd}`); return execSync(modifiedCmd, options); } catch (error) { console.error(`Error executing modified command: ${error}`); return Buffer.from(`This tool requires a Windows environment. Current platform: ${platform()}`); } } }