Windows CLI MCP Server

Command LineTypeScript

Secure command-line interface for Windows systems with multi-shell and SSH support

Available Tools

executeCommand

Execute a command in the specified shell (PowerShell, CMD, or Git Bash)

shellcommandworkingDirectory

executeSSHCommand

Execute a command on a remote system via SSH

connectionNamecommand

getCurrentDirectory

Get the current working directory

shell

changeDirectory

Change the current working directory

shelldirectory

Windows CLI provides a secure interface for executing commands across multiple shells on Windows systems, including PowerShell, CMD, and Git Bash. It enables controlled access to local command execution with robust security controls to prevent unauthorized operations. The server also supports remote system management through SSH connections, allowing you to execute commands on configured remote servers while maintaining security boundaries. With comprehensive configuration options, you can customize allowed paths, blocked commands, and connection profiles to match your specific security requirements.

Installation

You can install the Windows CLI MCP server using npm:

npm install -g @simonb97/server-win-cli

Alternatively, you can run it directly with npx:

npx -y @simonb97/server-win-cli

Configuration

The server uses a configuration file to control security settings, shell preferences, and SSH connections. You can create a custom configuration file in one of these locations:

config.json in the current working directory
%USERPROFILE%\.win-cli-mcp\config.json (Windows user directory)

Security Settings

Configure security parameters to control command execution:

{
  "security": {
    "allowedPaths": ["C:\\Users\\YourUsername", "D:\\Projects"],
    "blockedCommands": ["rm", "del", "format", "shutdown"],
    "maxCommandLength": 500,
    "restrictToConfiguredDirectories": true
  }
}

Shell Configuration

Customize shell-specific settings:

{
  "shells": {
    "powershell": {
      "enabled": true,
      "path": "powershell.exe",
      "blockedOperators": ["&", "|", ">", "<"]
    },
    "cmd": {
      "enabled": true,
      "path": "cmd.exe",
      "blockedOperators": ["&", "|", ">", "<"]
    },
    "gitbash": {
      "enabled": true,
      "path": "C:\\Program Files\\Git\\bin\\bash.exe",
      "blockedOperators": [";", "&&", "||", ">", "<"]
    }
  }
}

SSH Configuration

Set up SSH connections for remote command execution:

{
  "ssh": {
    "connections": [
      {
        "name": "development-server",
        "host": "dev.example.com",
        "port": 22,
        "username": "devuser",
        "privateKeyPath": "C:\\Users\\YourUsername\\.ssh\\id_rsa",
        "blockedCommands": ["sudo", "rm -rf"]
      }
    ]
  }
}

Usage

Once the server is running, it will listen for MCP client connections. You can use it with Claude Desktop or other MCP-compatible clients to:

Execute commands in different shells (PowerShell, CMD, Git Bash)
Run commands on remote systems via SSH
Navigate directories within allowed paths
View current working directory and configuration

The server enforces security boundaries based on your configuration, blocking dangerous commands and restricting operations to allowed paths.

Security Considerations

When using this MCP server, keep these security considerations in mind:

The server grants command execution access to your system
Configure allowedPaths to restrict file system access
Use blockedCommands to prevent dangerous operations
Enable restrictToConfiguredDirectories for additional security
Review SSH connection settings carefully
Consider running the server only when needed

For maximum security, create a dedicated user account with limited permissions for running the server.