Windows Command Line MCP Server

Executes arbitrary Windows command-line operations (PowerShell, cmd.exe, batch scripts) through MCP tool bindings with built-in allowlist/blocklist filtering and execution context isolation. Commands are validated against configurable security policies before execution, preventing access to sensitive system operations. The server maintains separate execution contexts per command to prevent state leakage between invocations.

Generates new project structures and boilerplate code for common Windows development patterns (console apps, web services, scripts) by invoking dotnet CLI or custom template engines. Templates are stored as configuration files or embedded resources and expanded with variable substitution for project names, namespaces, and paths. The server coordinates directory creation, file generation, and initial dependency installation in a single atomic operation.

Queries Windows system metadata (OS version, installed software, environment variables, disk usage, running processes, network configuration) through WMI, Registry, or PowerShell cmdlets. Results are parsed into structured JSON objects with normalized field names and units. The server caches frequently-accessed data (e.g., OS version) to reduce repeated WMI queries, with configurable TTL for cache invalidation.

Registers Windows command execution and project scaffolding as MCP tools with JSON Schema definitions that describe parameters, return types, and constraints. The server implements the MCP tool_call protocol, exposing tools to compatible clients (Claude Desktop, custom implementations) with full schema introspection. Tool definitions are generated at startup from configuration files and can include usage examples, error handling guidance, and security policies.

Enforces command execution policies by maintaining configurable allowlist (permitted commands) and blocklist (forbidden commands/patterns) that are evaluated before OS invocation. Policies can be specified as exact command matches, regex patterns, or command prefixes. The server logs all command invocations (permitted and denied) with timestamps and source context for audit trails. Policy evaluation happens synchronously in the request path with minimal overhead.

Captures command exit codes, stdout, stderr, and execution exceptions, normalizing them into a consistent JSON response format with error classification (success, user-error, system-error, timeout, permission-denied). The server includes structured error messages with remediation suggestions and context about what failed. Stderr is parsed to extract common error patterns (file-not-found, permission-denied, syntax-error) and mapped to standard error codes.

Reads, sets, and modifies Windows environment variables (user and system scopes) through Registry or SetEnvironmentVariable API calls. The server maintains a session-local environment context that persists across multiple command invocations within the same MCP session, enabling workflows where one command sets variables for subsequent commands. Changes can be scoped to the current process (temporary) or persisted to the Registry (permanent).

Executes multiple commands in sequence with automatic dependency resolution and conditional execution based on previous command results. Commands can be marked as dependent on prior commands, and execution halts on first failure unless configured to continue. The server tracks execution state (pending, running, succeeded, failed) for each command and provides a summary report with timing information. Commands can reference outputs from previous steps using template syntax (e.g., ${step1.stdout}).