WSL Exec
Enables Claude Desktop on Windows to securely execute commands and gather information from Windows Subsystem for Linux (WSL). Includes safety features like dangerous command detection and confirmation prompts.
Provides secure command execution in WSL with built-in safety features like path validation, timeouts, and error handling.
What it does
- Execute commands in WSL environments
- Browse WSL directory contents
- Monitor running processes in WSL
- Check disk usage and system information
- View WSL environment variables
- Confirm dangerous operations before execution
Best for
About WSL Exec
WSL Exec is a community-built MCP server published by spences10 that provides AI assistants with tools and capabilities via the Model Context Protocol. WSL Exec enables secure command execution in WSL with advanced safety features like path validation, timeouts, and robus It is categorized under auth security, developer tools. This server exposes 7 tools that AI clients can invoke during conversations and coding sessions.
How to install
You can install WSL Exec in your AI client of choice. Use the install panel on this page to get one-click setup for Cursor, Claude Desktop, VS Code, and other MCP-compatible clients. This server runs locally on your machine via the stdio transport.
License
WSL Exec is released under the MIT license. This is a permissive open-source license, meaning you can freely use, modify, and distribute the software.
Tools (7)
Execute a command in WSL (use read-only tools when possible)
Confirm dangerous command execution
Get WSL system information
Get WSL environment variables
List running processes in WSL
mcp-wsl-exec
A Model Context Protocol (MCP) server for Windows + Claude Desktop users to interact with Windows Subsystem for Linux (WSL). Provides both read-only information gathering and secure command execution capabilities.
⚠️ Important: Who Should Use This?
✅ You SHOULD use this if:
- You're using Claude Desktop on Windows
- You need to interact with your WSL environment
- You want to provide WSL context to Claude (system info, processes, files, etc.)
❌ You DON'T need this if:
- You're using Claude Code (it has native bash access)
- You're on Linux/macOS (use native tools instead)
- You only need Windows PowerShell/CMD (use a different MCP server)
Features
📊 Information Gathering (Read-Only)
- 🖥️ Get system information (OS, kernel, hostname)
- 📁 Browse directory contents
- 💾 Check disk usage
- ⚙️ List environment variables
- 🔄 Monitor running processes
🔧 Command Execution (With Safety)
- 🔒 Secure command execution in WSL environments
- ⚡ Built-in safety features:
- Dangerous command detection
- Command confirmation system
- Path traversal prevention
- Command sanitization
- 📁 Working directory support
- ⏱️ Command timeout functionality
- 🛡️ Protection against shell injection
Configuration
This server requires configuration through your MCP client. Here are examples for different environments:
Cline Configuration
Add this to your Cline MCP settings:
{
"mcpServers": {
"mcp-wsl-exec": {
"command": "npx",
"args": ["-y", "mcp-wsl-exec"]
}
}
}
Claude Desktop Configuration
Add this to your Claude Desktop configuration:
{
"mcpServers": {
"mcp-wsl-exec": {
"command": "npx",
"args": ["-y", "mcp-wsl-exec"]
}
}
}
API
The server provides 7 MCP tools:
Information Gathering (Read-Only) 📊
These tools provide context about your WSL environment without making changes:
get_system_info
Get system information (OS version, kernel, hostname).
Parameters: None
get_directory_info
Get directory contents and file information.
Parameters:
path(string, optional): Directory path (defaults to current directory)details(boolean, optional): Show detailed information (permissions, sizes, etc.)
get_disk_usage
Get disk space information.
Parameters:
path(string, optional): Specific path to check (defaults to all filesystems)
get_environment
Get environment variables.
Parameters:
filter(string, optional): Filter pattern to search for specific variables
list_processes
List running processes.
Parameters:
filter(string, optional): Filter by process name
Command Execution (Potentially Destructive) 🔧
Use these tools when you need to make changes or run custom commands:
execute_command
Execute a command in WSL with safety checks and validation.
Parameters:
command(string, required): Command to executeworking_dir(string, optional): Working directory for command executiontimeout(number, optional): Timeout in milliseconds
Note: Dangerous commands will require confirmation via confirm_command.
confirm_command
Confirm execution of a dangerous command that was flagged by safety checks.
Parameters:
confirmation_id(string, required): Confirmation ID received from execute_commandconfirm(boolean, required): Whether to proceed with the command execution
Safety Features
Dangerous Command Detection
The server maintains a list of potentially dangerous commands that require explicit confirmation before execution, including:
- File system operations (rm, rmdir, mv)
- System commands (shutdown, reboot)
- Package management (apt, yum, dnf)
- File redirections (>, >>)
- Permission changes (chmod, chown)
- And more...
Command Sanitization
All commands are sanitized to prevent:
- Shell metacharacter injection
- Path traversal attempts
- Home directory references
- Dangerous command chaining
Development
Setup
- Clone the repository
- Install dependencies:
pnpm install
- Build the project:
pnpm build
- Run in development mode:
pnpm dev
Publishing
The project uses changesets for version management. To publish:
- Create a changeset:
pnpm changeset
- Version the package:
pnpm changeset version
- Publish to npm:
pnpm release
Contributing
Contributions are welcome! Please feel free to submit a Pull Request.
License
MIT License - see the LICENSE file for details.
Acknowledgments
- Built on the Model Context Protocol
- Designed for secure WSL command execution
Alternatives
Related Skills
Browse all skillsUse when working with the OpenAI API (Responses API) or OpenAI platform features (tools, streaming, Realtime API, auth, models, rate limits, MCP) and you need authoritative, up-to-date documentation (schemas, examples, limits, edge cases). Prefer the OpenAI Developer Documentation MCP server tools when available; otherwise guide the user to enable `openaiDeveloperDocs`.
Google Workspace administration via the gws CLI. Install, authenticate, and automate Gmail, Drive, Sheets, Calendar, Docs, Chat, and Tasks. Run security audits, execute 43 built-in recipes, and use 10 persona bundles. Use for Google Workspace admin, gws CLI setup, Gmail automation, Drive management, or Calendar scheduling.
Execute this skill enables AI assistant to conduct a security-focused code review using the security-agent plugin. it analyzes code for potential vulnerabilities like sql injection, xss, authentication flaws, and insecure dependencies. AI assistant uses this skill wh... Use when assessing security or running audits. Trigger with phrases like 'security scan', 'audit', or 'vulnerability'.
Security audit and validation tools for the Agent Skills ecosystem. Scan skill packages for common vulnerabilities like credential leaks, unauthorized file access, and Git history secrets. Use when you need to audit skills for security before installation, validate skill packages against Agent Skills standards, or ensure your skills follow best practices.
Guidance for bypassing HTML/JavaScript sanitization filters in security testing contexts. This skill should be used when tasked with finding XSS filter bypasses, testing HTML sanitizers, or exploiting parser differentials between server-side filters and browsers. Applies to CTF challenges, authorized penetration testing, and security research involving HTML injection and JavaScript execution through sanitization bypasses.
This is the required documentation for agents operating on the CloudBase Relational Database. It lists the only four supported tools for running SQL and managing security rules. Read the full content to understand why you must NOT use standard Application SDKs and how to safely execute INSERT, UPDATE, or DELETE operations without corrupting production data.