civyk-winwright

WinWright is a Windows-only automation server that exposes ~59 tool endpoints to AI agents via Model Context Protocol (MCP) for controlling and inspecting Windows desktop applications (WPF/WinForms/Win32 via UI Automation) and Chrome/Edge (via CDP). It supports recording actions into portable JSON scripts for deterministic replay (winwright run) and can attempt self-healing of broken selectors (winwright heal).

Evaluated Mar 30, 2026 (21d ago)
Homepage ↗ Repo ↗ Automation windows mcp playwright-style automation ui-automation rpa wpf winforms win32 cdp testing desktop security-guards
⚙ Agent Friendliness
59
/ 100
Can an agent use this?
🔒 Security
40
/ 100
Is it safe for agents?
⚡ Reliability
24
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
70
Documentation
70
Error Messages
0
Auth Simplicity
85
Rate Limits
20

🔒 Security

TLS Enforcement
20
Auth Strength
40
Scope Granularity
60
Dep. Hygiene
30
Secret Handling
50

README describes dangerous operations disabled by default via winwright.json permissions (e.g., allowRegistryWrite, allowProcessKill, allowFileWrite, allowServiceControl, allowBrowserEval, allowNetworkProbe). It also mentions 'runtime permission guards' and audit.jsonl logging. However, transport-layer security details for the MCP HTTP mode (TLS, auth) are not provided in the supplied content. Dependency hygiene and secret-handling practices are not verifiable from the provided README/metadata alone.

⚡ Reliability

Uptime/SLA
0
Version Stability
30
Breaking Changes
20
Error Recovery
45
AF Security Reliability

Best When

You need an MCP-compatible tool server that can drive the Windows desktop UI (plus optional Chrome/Edge via CDP) and you want deterministic replay via recorded scripts.

Avoid When

You cannot run Windows 10/11, or you need primarily web-only testing, or you require strict, documented enterprise-grade security (authn/z, TLS, and operational guarantees) beyond a local tool-server model.

Use Cases

  • AI-assisted scripted UI test creation for Windows desktop (WPF/WinForms/Win32) and mixed desktop+browser workflows
  • Record-and-replay deterministic UI automation in CI without ongoing LLM calls
  • Self-healing/reparation of selectors when UI layout changes
  • Legacy app data extraction via UI Automation (read values from apps without APIs)
  • Accessibility auditing by traversing UIA element trees and validating labels/names/keyboard paths
  • Automating repetitive desktop tasks and multi-app workflows
  • Operational health checks of running desktop applications (process/service/UI status)
  • Remote administration over HTTP for processes/services/registry/tasks (per README security claims)

Not For

  • Linux or macOS automation
  • Browser-only testing where Playwright is more mature
  • High-throughput data pipelines (UI automation reads controls serially; not a bulk data API)
  • Environments requiring strong network security guarantees without local/controlled access

Interface

REST API
No
GraphQL
No
gRPC
No
MCP Server
Yes
SDK
No
Webhooks
No

Authentication

Methods: Local/stdio MCP server (no mention of authentication in README) HTTP MCP server (README does not document authentication; only claims about remote administration security controls)
OAuth: No Scopes: No

README shows local MCP server configuration for Claude Code/VSCode (stdio) and an HTTP mode (serve --port 8765). It does not clearly document authN/authZ for the MCP transport itself; it does describe runtime permission guards in winwright.json and includes a 'five-layer security' claim for remote administration, but details are not fully specified in the provided content.

Pricing

Free tier: No
Requires CC: No

License is described as Freeware/Free to use for any purpose; pricing for usage is not presented as a metered service. There may be indirect cost from AI agent usage during recording, but replay is described as deterministic without LLM/token costs.

Agent Metadata

Pagination
none
Idempotent
False
Retry Guidance
Not documented

Known Gotchas

  • Tool server is Windows-only and relies on UIA/desktop state; agent actions may fail if the UI is not ready or focus is different.
  • For HTTP MCP mode, ensure you control network exposure; README examples use localhost.
  • Statefulness: launching apps and interacting with UIs is not naturally idempotent—retries may cause duplicated actions unless the caller uses appropriate guards.

Alternatives

Playwright (browser automation only) UiPath / Power Automate Desktop (visual RPA tools and orchestration) WinAppDriver (Windows desktop automation alternative) Custom UI Automation + scripting (UIA3) without an MCP tool server

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for civyk-winwright.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

$3

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-30.

8642
Packages Evaluated
17761
Need Evaluation
586
Need Re-evaluation
Community Powered