screen2claude
Verified Safeby zetaphoenix888-byte
Overview
Captures the active window screenshot on Windows and facilitates its analysis by an AI, either by sending it to an external HTTP endpoint or directly to an MCP client (like Claude Code) for local LLM processing.
Installation
npm run startEnvironment Variables
- S2C_CONFIG
- PORT
- AUTH_TOKEN
- CLAUDE_MODEL
- MAX_TOKENS
- ANTHROPIC_API_KEY
- SAVE_IMAGE
Security Notes
The server's core screenshot capture mechanism (PowerShell -EncodedCommand) helps mitigate command injection risks from the script content itself. No obvious direct code injection vulnerabilities from user input were found. However, the SSE server in `sse-server.ts` uses `Access-Control-Allow-Origin: *`, which is a permissive CORS policy, potentially allowing any origin to connect, though MCP SDK handles the protocol. Configuration files (`config.json`) should be secured as they can contain sensitive `auth_token`s. The `save_screenshots` feature writes to a configurable directory, which if misconfigured, could lead to unintended file writes.
Similar Servers
claude-code-mcp
Provides an MCP server to allow LLMs to directly invoke Claude Code CLI for complex coding, file system, and Git operations, bypassing interactive permission prompts.
Peekaboo
The server acts as a wrapper for a Swift-based macOS automation tool that integrates with multiple AI providers (OpenAI, Anthropic, Grok, Ollama) for screen capture, UI interaction, and AI analysis, functioning as a Model Context Protocol (MCP) server.
MCPControl
A Windows control server for the Model Context Protocol, enabling AI models to programmatically control system operations such as mouse, keyboard, window management, and screen capture.
Windows-MCP.Net
Enabling AI assistants to automate tasks and interact with the Windows desktop environment.