CommunityActive· 9d★ 4.3by wonderwhy-er
Desktop Commander
Terminal and filesystem access for Claude Desktop. Execute shell commands, edit files (Excel/PDF/Word), run code in memory.
D
Safety & Trust
Delv Safety Grade: D
Score 42/100 · assessed 2026-04-28
Maintainer45
Permissions15
Supply chain65
Transparency70
Incidents100
Desktop Commander is a community MCP server by solo developer wonderwhy-er that grants Claude Desktop unrestricted shell execution, full filesystem access, and in-memory code execution. The package is distributed via npm with a straightforward npx setup requiring no environment variables. The repository is open source with reasonable documentation. However, the permission scope is extraordinarily broad: arbitrary shell commands, filesystem writes anywhere, and code execution without sandboxing. This is maximum trust territory. A compromised prompt or malicious instruction could delete files, exfiltrate data, or execute arbitrary code on your machine. The maintainer appears active but this is a solo project with limited review. Suitable only for users who fully understand the security implications and trust Claude's judgement completely. No known incidents, but the attack surface is vast.
Lethal Trifecta (prompt-injection exposure)
TWO OF THREEPrivate dataYes
Reads secrets, credentials, private files
Untrusted inputNo
Ingests web pages, PRs, issues, emails
External commsYes
Can send data outbound
Local desktop control = local private state + outbound capability via apps it can drive.
Green flags
- Open source with clear documentation and active repository
- Distributed via npm with standard package management
- No environment variables required reduces credential exposure risk
- Straightforward setup with single npx command
- Transparent about capabilities and risks in documentation
Red flags
- Unrestricted shell execution with no sandboxing or command filtering
- Full filesystem read/write/delete access across entire system
- In-memory code execution (Python/Node) without isolation
- Solo maintainer with limited community review or security audit
- Single compromised prompt could cause catastrophic system damage
Permissions requested
Shell executeRead filesWrite filesDelete filesOutbound network
Assessed by Delv Editorial using public metadata. Grades are advisory and update as the ecosystem changes. They do not replace your own review of permissions and code before granting an agent access to sensitive systems.
Install
npx @wonderwhy-er/desktop-commander@latest setup
Review
Desktop Commander gives Claude Desktop direct access to your shell, filesystem, and in-memory code execution. It's a single MCP server that bundles terminal commands, file editing (including Excel, Word, PDF), and ad-hoc Python or Node scripts that run without touching disk. The setup is one npx command, no environment variables, no fiddling.
I've used it most for local automation tasks that don't warrant a full script file. Need to batch-rename files based on a pattern Claude suggests? It can shell out and do it. Want to parse a CSV, transform it, and write it back without opening Excel? It handles that. The in-memory code execution is surprisingly handy: you can ask Claude to prototype a data transformation in Python, run it, see the output, iterate, all without leaving the chat. It's faster than bouncing between terminal and editor for throwaway tasks.
The file editing tools work across formats. I've had it update Excel formulas, extract text from PDFs, and edit Word docs. It's not a replacement for a proper office suite, but for programmatic edits it's far quicker than opening the file yourself. The shell command tool is the real workhorse. It's cross-platform (Windows, macOS, Linux), so the same prompts work everywhere. I've used it to manage Docker containers, run git commands, and kick off build scripts without switching contexts.
Quirks: it's powerful, which means it's also dangerous. Claude can delete files, run arbitrary commands, overwrite things. You need to trust your prompts and review what it's about to do. The in-memory execution is sandboxed to the extent that it doesn't persist, but it still has access to your filesystem if you tell it to. There's no undo button. The repo is community-maintained, so updates depend on one developer's time. Documentation is sparse; you'll learn by trying.
Who shouldn't bother: if you're already comfortable in the terminal and have a good editor workflow, this might feel redundant. If you don't use Claude Desktop, it's not for you (Cursor support exists but is less polished). If you're nervous about giving an LLM shell access, skip it entirely. For everyone else, especially those who want Claude to handle local tasks end-to-end, it's a productivity unlock.
Verdict
Install it if you want Claude to run shell commands, edit Office files, or execute code without leaving the chat. Skip it if you're not comfortable giving an LLM direct filesystem and terminal access, or if you don't use Claude Desktop regularly. It's a power tool, not a safety blanket.
Good at
- Single npx command setup with no environment variables or manual config.
- In-memory code execution lets you prototype Python or Node scripts without touching disk.
- Cross-platform shell access works the same on Windows, macOS, and Linux.
- Handles Excel, Word, and PDF edits programmatically, which is rare in MCP servers.
- Fast iteration loop for local automation tasks that don't need a full IDE.
Watch out
- Giving Claude shell access is inherently risky; one bad prompt can delete or overwrite files.
- Documentation is minimal; you'll need to experiment to learn what works.
- Community-maintained by a single developer, so updates and support are not guaranteed.
- Cursor support exists but is less polished than Claude Desktop integration.
- No built-in undo or rollback for file or shell operations.
Use cases
- Running shell commands without an IDE plugin
- Editing Excel/Word files without a Skill
- Running ad-hoc Python or Node in memory
- Cross-platform local automation
Getting started
1. Run `npx @wonderwhy-er/desktop-commander@latest setup` in your terminal. This installs the server and auto-configures Claude Desktop.
2. Restart Claude Desktop. The server should appear in the MCP settings or be active automatically.
3. Test it by asking Claude to run a simple shell command like `ls` or `dir`, or to create a text file in a temp directory.
4. Watch out: Claude can execute any command you approve. Review its proposed actions carefully before confirming, especially file deletions or system-level commands.
5. For in-memory code execution, try asking Claude to write and run a Python snippet that prints the current date. It should execute without creating a file.
Works with
Claude DesktopCursor
Similar MCPs
- GitHubFull GitHub API access - manage repos, issues, PRs, and code search. One of the most useful MCPs for any developer workflow.
- GrafanaGrafana Labs' official MCP. Read dashboards, datasources, alerts, and run Loki/Prometheus queries from inside your agent.
- SentryPull live errors, issues, and replays from Sentry into Claude. Great for debugging sessions where the model can see what actually broke in prod.
- MCP CLIInteractive CLI inspector for MCP servers supporting OAuth, tool calls, resource reads, and prompt runs.