Related MCP Server Resources

Explore more AI models, providers, and integration options:

  • Explore AI Models
  • Explore AI Providers
  • Explore MCP Servers
  • LangDB Pricing
  • Documentation
  • AI Industry Blog
  • GHAS MCP server GitHub Advanced Security
  • Entscheidsuche MCP Server
  • IR Toolshed MCP Server
  • MCP Server
  • Vertex AI MCP Server
Back to MCP Servers
Super Windows CLI MCP Server

Super Windows CLI MCP Server

Public
Faucet94/super-win-cli-mcp-server

Provides unrestricted SYSTEM-level command-line access to Windows environments via Model Context Protocol, enabling full shell, file system control, persistent service installation, and configurable security for trusted, high-privilege use cases.

typescript
0 tools
May 29, 2025
Updated Jun 4, 2025

Supercharge Your AI with Super Windows CLI MCP Server

MCP Server

Unlock the full potential of Super Windows CLI MCP Server through LangDB's AI Gateway. Get enterprise-grade security, analytics, and seamless integration with zero configuration.

Unified API Access
Complete Tracing
Instant Setup
Get Started Now

Free tier available • No credit card required

Instant Setup
99.9% Uptime
10,000+Monthly Requests

Super Windows CLI MCP Server

An enhanced fork of the Windows CLI MCP Server providing unrestricted system access to Windows environments via a command-line interface (MCP).

Based on: win-cli-mcp-server by SimonB97.


⚠️ CRITICAL SECURITY WARNING ⚠️

This server is designed to run with SYSTEM-level privileges on Windows. This grants it complete and unrestricted access to the entire operating system, including all files, processes, and configuration settings.

  • DO NOT install or run this server unless you fully understand the implications of granting SYSTEM-level access.
  • ONLY use this server in highly trusted environments where you have full control over network access.
  • NETWORK SECURITY IS PARAMOUNT: Since application-level restrictions are minimal by design, rely heavily on firewalls, network segmentation, and strict access control lists (ACLs) to protect the machine running this server.
  • REVIEW THE CONFIGURATION CAREFULLY: Pay close attention to allowedPaths, blockedCommands, and other security settings in config.json. A misconfiguration can easily expose your system.

Use this software responsibly and at your own risk. The maintainers assume no liability for misuse or security breaches resulting from its use.


Features

  • Complete access to Windows shell environments (PowerShell, CMD, Git Bash - configurable).
  • Unrestricted command execution (configurable via config.json).
  • Full file system access (configurable via config.json).
  • SYSTEM-level service installation via NSSM for persistence and auto-recovery.
  • Automatic service recovery features provided by NSSM.
  • Network binding controls (intended, but primarily managed at the network/firewall level).
  • Disabled PowerShell telemetry for enhanced privacy.
  • Process reuse for performance (for shells).
  • Extended timeouts for long-running operations (configurable).

Prerequisites

Before you begin, ensure you have the following installed:

  1. Node.js: Version 18.0.0 or later. Download from nodejs.org. (Includes npm).
  2. NSSM (Non-Sucking Service Manager): Required for reliable service installation. Download the latest version from nssm.cc.

Installation (Using NSSM - Recommended)

This method installs the server as a persistent Windows service that runs with SYSTEM privileges and starts automatically.

  1. Clone or Download:

    • Clone this repository: git clone
    • Or download the source code .zip and extract it to a suitable location (e.g., C:\Servers\SuperWinCLIServer). Avoid user profile folders.
  2. Place NSSM:

    • Download NSSM from nssm.cc.
    • Extract the zip file.
    • Copy the nssm.exe file from the appropriate architecture folder (win32 or win64) into the root directory of this project (the same folder as install-service.ps1).
  3. Install Dependencies & Build:

    • Open a terminal (PowerShell or CMD) in the project's root directory.
    • Run: npm install
    • This command installs necessary Node.js packages and automatically runs npm run build to compile the TypeScript code into the dist folder.
  4. Configure config.json:

    • Copy: Make a copy of config.sample.json and name it config.json in the project's root directory.
    • Edit: Open config.json and carefully review and modify the settings:
      • security.allowedPaths: CRITICAL! Change this from the sample paths to the actual directories the server needs access to. For security, be as specific as possible. Start with the project directory itself if unsure (e.g., "C:\\Servers\\SuperWinCLIServer" - remember double backslashes \\). The service runs as SYSTEM, so paths must be valid for that account.
      • security.blockedCommands / blockedArguments: Review the default lists. Add or remove commands/arguments based on your security policy.
      • shells: Enable/disable shells (PowerShell, CMD, Git Bash) and verify the command path (especially for Git Bash).
      • ssh: Configure if you intend to use the SSH execution feature (disabled by default).
    • Save the config.json file.
  5. Run Installation Script:

    • Open PowerShell as Administrator.
    • Navigate to the project's root directory (cd C:\Servers\SuperWinCLIServer).
    • Execute the installation script: .\install-service.ps1
    • This script uses NSSM to install and configure the MCPServer service to run node.exe dist/index.js as LocalSystem, starting automatically.
  6. Verify Service Status:

    • In the same administrative PowerShell window, run: Get-Service MCPServer
    • The status should be Running. If it's Stopped, check the NSSM logs or Windows Event Viewer (Application and System logs) for errors.

Configuration (config.json) Details

  • security:
    • maxCommandLength: Max characters allowed in a command string.
    • blockedCommands: Array of command names (without extension) to block (case-insensitive).
    • blockedArguments: Array of exact arguments to block (case-insensitive).
    • allowedPaths: Crucial setting. Array of absolute paths. If restrictWorkingDirectory is true, commands can only be executed if their working directory starts with one of these paths. Paths are compared case-insensitively after normalization. Use double backslashes (e.g., "C:\\Tools\\Scripts").
    • restrictWorkingDirectory: Boolean. If true, enforce the allowedPaths check for the working directory. Highly recommended to keep true.
    • logCommands: Boolean. If true, executed commands and their output (truncated) are stored in memory (up to maxHistorySize).
    • maxHistorySize: Max number of commands to keep in the in-memory history.
    • commandTimeout: Seconds before a running command is killed automatically.
    • enableInjectionProtection: Boolean. If true, attempts to block shell operators (&, |, ;, etc. defined per shell) in commands.
  • shells: Configure available local shells (powershell, cmd, gitbash).
    • enabled: Boolean. Allow use of this shell.
    • command: Path to the shell executable.
    • args: Array of default arguments passed to the shell before the user's command.
    • blockedOperators: Array of strings/characters to block within commands for this specific shell (used if enableInjectionProtection is true).
  • ssh: Configure remote command execution via SSH.
    • enabled: Boolean. Enable the ssh_execute and ssh_disconnect tools.
    • connections: Object containing named connection configurations (host, port, username, password/privateKeyPath).
  • Configuration Merging: When config.json is loaded, if it contains a security or shells section, that entire section replaces the default configuration for that section. It does not merge individual fields within security or shells. The ssh section is merged more granularly. Ensure your config.json includes all necessary fields for these sections if you customize them.

Service Management (NSSM)

Once installed via install-service.ps1, you can manage the service using standard Windows tools or NSSM commands from an administrative PowerShell/CMD in the project directory:

  • Start: Start-Service MCPServer or . ssm.exe start MCPServer
  • Stop: Stop-Service MCPServer or . ssm.exe stop MCPServer
  • Restart: Restart-Service MCPServer or . ssm.exe restart MCPServer
  • Status: Get-Service MCPServer or . ssm.exe status MCPServer
  • Edit Configuration (Advanced): . ssm.exe edit MCPServer (Opens the NSSM GUI editor)
  • View Configuration: . ssm.exe dump MCPServer

Uninstallation (NSSM)

  1. Open PowerShell as Administrator.
  2. Navigate to the project's root directory.
  3. Execute the uninstallation script: .\uninstall-service.ps1
  4. This uses NSSM to stop and remove the MCPServer service.

Alternative Execution (Manual/Debug)

You can run the server directly without installing it as a service for testing or debugging purposes:

  1. Ensure you have run npm install.
  2. Ensure config.json exists and is configured.
  3. Open a normal terminal (PowerShell/CMD) in the project root.
  4. Run: npm run start
  5. The server will run in the foreground. Press Ctrl + C to stop it.

License

This project is licensed under the MIT License - see the LICENSE file for details.

Publicly Shared Threads0

Discover shared experiences

Shared threads will appear here, showcasing real-world applications and insights from the community. Check back soon for updates!

Share your threads to help others
Related MCPs5
  • GHAS MCP server GitHub Advanced Security
    GHAS MCP server GitHub Advanced Security

    Provides Model Context Protocol (MCP) integration for GitHub Advanced Security by enabling read-only...

    Added May 30, 2025
  • Entscheidsuche MCP Server
    Entscheidsuche MCP Server

    Provides standardized access to Swiss legal decisions via the Model Context Protocol, enabling searc...

    Added May 30, 2025
  • IR Toolshed MCP Server
    IR Toolshed MCP Server

    Provides a Model Context Protocol (MCP) service offering advanced network incident response tools in...

    Added May 30, 2025
  • MCP Server
    MCP Server

    Provides greeting-related tools, resources, and prompts via Model Context Protocol (MCP), enabling p...

    Added May 30, 2025
  • Vertex AI MCP Server
    Vertex AI MCP Server

    Provides a Model Context Protocol server enabling advanced interaction with Google Cloud's Vertex AI...

    20 tools
    Added May 30, 2025