BrowseFull catalogOutcomesSolve a specific problemRolesStack by teamTrustFilter by risk tier
← Back to the Claude Observatory

Desktop Commander MCP

Connector Infrastructure Solid
Solid Reviewed

The most popular community MCP server for terminal control. Persistent shell sessions are the key differentiator vs.

MCP server giving Claude persistent terminal sessions, filesystem search, and diff-based file editing., MIT license. Trended on Hacker News and Product Hunt. Developer community reports switching from Windsurf/Cursor because of it.

5,854 starsMIT (commercial OK)FreeNo code needed

The most popular community MCP server for terminal control. Persistent shell sessions are the key differentiator vs. Claude Code's built-in terminal — processes survive between messages.

Developers who need Claude to manage long-running processes, search large codebases, and edit files across projects.

Claude Code Claude Cowork Claude Chat

https://github.com/wonderwhy-er/DesktopCommanderMCP

By wonderwhy-er

How to Get It

Option 1: Claude Desktop AppOpen the Customize panel in the sidebar → browse connectors → search and add. Works in Claude Code, Claude Cowork, and Claude Chat.
Option 2: Paste into Claude CodeCopy the command below and paste it into a Claude Code conversation. Claude will run it for you.
Command
npx @wonderwhy-er/desktop-commander@latest setup

Tip: Paste this into a Claude Code conversation. Verify command matches your Claude Code version.

PrerequisitesNode.js 18+, Claude Desktop appTime to functional5 minutesCostFree — $0

Trust Signals Reviewed

Stars5,854Contributors31Last updated2026-04-01LicenseMIT (OK for commercial use)Known CVEsNone foundSources: GitHub Advisory Database + OSV.dev · Scanned 2026-04-06 · scanner v1
⚠ Data last scanned 2026-04-06 (88 days ago) — may not reflect the tool's current state.

Data & Access

Data processingPrompts sent to Anthropic API. Enterprise/Team plans exclude training.

Community Pulse Active

Discussed on Hacker News, Reddit

3 mentions across 1 sources

Reviewer notes

Reviewed review. These are observations, not a security certification.

5.8K stars, active development. Docker sandboxing available. Security hardening built in. 87 open issues — monitor reliability.

Terminal access by design. Blocklists and symlink protection. Docker isolation option. Single maintainer. RESTRICTED: Full terminal + filesystem access. Shell execution capability. Requires compensating controls (sandboxing, separate accounts, restricted profiles) before team deployment.

2026-05-10: The persistent shell sessions are the real differentiator here—if you need Claude to spin up a dev server, leave it running, and come back to it three messages later, this is what makes that work where Claude Code's built-in terminal falls short. Solid traction (5.8k stars, active contributor base) and the HN/Product Hunt buzz appears to reflect genuine use rather than hype, with developers migrating off Cursor/Windsurf specifically for this capability. The security posture is blunt: it executes whatever it's told on your local machine, so this is a trusted-developer-on-trusted-input tool only—don't put it anywhere near automated pipelines or user-supplied prompts.

2026-04-02: LIMITATION: Full terminal access with no sandboxing by default — can execute anything on your machine. Single maintainer. Pin to a specific version rather than @latest for team deployments.

2026-03-29: Source: Multiple X posts including Nate_Google_ thread. GitHub repo: https://github.com/wonderwhy-er/DesktopCommanderMCP. Install command: npx @wonderwhy-er/desktop-commander@latest setup. Provides terminal access, file read/write, process management, code diff editing. Works with both Claude Desktop (Cowork) and Claude Code.

2026-03-29: SECURITY NOTE: Grants full file system and terminal access. Should be Tier 2 at best — evaluate permissions carefully before client deployment. Key risk: shell execution + file writes = high blast radius.

How to evaluate tools before deploying →

Data shown here comes from public APIs and automated scanning. Reviewer notes reflect one person's experience. This is not a security certification or legal recommendation. Always evaluate tools according to your own organization's policies.

Evaluation

Ease of Use
5/5
Versatility
4/5
Reliability
4/5
Security
4/5
Overall score4.35 / 5.00 SolidEvaluatedApr 2026
5.8K stars, active development. Docker sandboxing available. Security hardening built in. 87 open issues — monitor reliability.

Related Outcomes

This tool shows up in these problem-focused recommendations.

← Back to the Claude Observatory

Rolling Claude out in your org? Let's talk.

Start a conversation →