{"id":"dfinke-mcp-powershell-exec","name":"mcp-powershell-exec","homepage":null,"repo_url":"https://github.com/dfinke/mcp-powershell-exec","category":"devtools","subcategories":[],"tags":["mcp","powershell","automation","devtools","api","agent-tools","scripting"],"what_it_does":"Provides an MCP server that accepts PowerShell scripts as strings, executes them, and returns the execution output to the caller/agent in real time.","use_cases":["Enable AI assistants/agents to run PowerShell commands for automation","Globus of infrastructure automation tasks where PowerShell is the execution language","Local or self-hosted ops workflows controlled via MCP tool calls"],"not_for":["Executing untrusted or user-supplied scripts without strong sandboxing/allowlisting","Production environments requiring strict auditing, least-privilege, and hardened execution controls (as documentation does not show these)","Use as a general-purpose remote code execution service exposed broadly"],"best_when":"Used in a controlled, self-hosted environment where the agent can only run approved commands/scripts and operators can inspect/limit impact.","avoid_when":"Avoid when the MCP server is reachable by untrusted users or when script inputs are not sanitized/validated and execution is not constrained.","alternatives":["MCP servers for specific PowerShell tasks (command allowlists) rather than free-form script execution","Local automation tooling (PowerShell modules + constrained wrappers) invoked via an HTTP API with strict authorization","Workflow engines (e.g., GitHub Actions/Build pipelines) that accept parameters rather than arbitrary script strings"],"af_score":34.2,"security_score":22.2,"reliability_score":27.5,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T15:18:56.331247+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":[],"oauth":false,"scopes":false,"notes":"No authentication/authorization mechanism is described in the provided README content; MCP servers are typically configured locally, but security properties are not documented here."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"Open-source (MIT) with no pricing details provided."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":34.2,"security_score":22.2,"reliability_score":27.5,"mcp_server_quality":55.0,"documentation_accuracy":35.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":60.0,"rate_limit_clarity":0.0,"tls_enforcement":20.0,"auth_strength":10.0,"scope_granularity":5.0,"dependency_hygiene":45.0,"secret_handling":40.0,"security_notes":"README indicates arbitrary PowerShell script execution, which is effectively remote code execution within the host environment. No authentication, authorization, scoping/allowlisting, sandboxing, TLS requirements, auditing, or secret-handling/logging protections are documented in the provided content. Treat as high-risk unless the implementation enforces strict controls (not evidenced here).","uptime_documented":0.0,"version_stability":45.0,"breaking_changes_history":40.0,"error_recovery":25.0,"idempotency_support":"false","idempotency_notes":"No idempotency semantics are described. Script execution likely has side effects depending on the script content.","pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Free-form script execution is inherently risky; agents may unintentionally run destructive commands.","Output size/streaming and timeouts are not documented in the provided content; long-running scripts may cause failures or hangs.","No documented allowlist/denylist or sandboxing guidanceā€”agents need operational guardrails outside the tool."]}}