mcp-screenshot
Verified Safeby Digital-Defiance
Overview
Provides cross-platform screenshot capabilities for AI agents, including full screen, window, and region capture, with built-in PII masking and security controls.
Installation
npx -y @ai-capabilities-suite/mcp-screenshotEnvironment Variables
- NODE_ENV
- TESSDATA_PREFIX
- DISPLAY
- ENABLE_VNC
Security Notes
The server uses `child_process.exec` to run platform-specific commands (e.g., `screencapture` on macOS, `import`/`grim` on Linux, `powershell.exe` on Windows/WSL) for screen and window capture. While necessary for its functionality, direct execution of external commands introduces an inherent risk of command injection if input is not meticulously sanitized. The `SecurityManager` implements robust path validation to prevent unauthorized file access and path traversal for save operations, and it includes rate limiting. The PowerShell scripts for Windows/WSL engines attempt to escape special characters, mitigating some injection vectors. Docker deployment includes `no-new-privileges` and non-root execution, which are good practices. However, the conditional `ENABLE_VNC` flag exposes port 5900, which can be a network risk if enabled in production. Overall, while conscious security efforts are made, the reliance on external command execution for core functionality means a moderate inherent risk.
Similar Servers
Peekaboo
macOS automation server that integrates AI for screen capture analysis, UI interaction, and agentic workflows.
toolhive-studio
ToolHive is a desktop application (Electron UI) for discovering, deploying, and managing Model Context Protocol (MCP) servers in isolated containers, and connecting them to AI agents and clients.
scrapegraph-mcp
Provides AI-powered web scraping, structured data extraction, multi-page crawling, and agentic automation capabilities for language models.
luma-mcp
Provides multi-model vision understanding capabilities to AI assistants that lack native image understanding.