screen2claude
Verified Safeby zetaphoenix888-byte
Overview
Captures the active window screenshot on Windows and facilitates its analysis by an AI, either by sending it to an external HTTP endpoint or directly to an MCP client (like Claude Code) for local LLM processing.
Installation
npm run startEnvironment Variables
- S2C_CONFIG
- PORT
- AUTH_TOKEN
- CLAUDE_MODEL
- MAX_TOKENS
- ANTHROPIC_API_KEY
- SAVE_IMAGE
Security Notes
The server's core screenshot capture mechanism (PowerShell -EncodedCommand) helps mitigate command injection risks from the script content itself. No obvious direct code injection vulnerabilities from user input were found. However, the SSE server in `sse-server.ts` uses `Access-Control-Allow-Origin: *`, which is a permissive CORS policy, potentially allowing any origin to connect, though MCP SDK handles the protocol. Configuration files (`config.json`) should be secured as they can contain sensitive `auth_token`s. The `save_screenshots` feature writes to a configurable directory, which if misconfigured, could lead to unintended file writes.
Similar Servers
Peekaboo
macOS automation server that integrates AI for screen capture analysis, UI interaction, and agentic workflows.
MCPControl
A Windows control server for the Model Context Protocol, enabling AI models to programmatically control system operations such as mouse, keyboard, window management, and screen capture.
ExpoSnap
Enables AI assistants to view and analyze screenshots from React Native/Expo applications for AI-powered mobile UI development.
mcp-screenshot
Provides cross-platform screenshot capabilities for AI agents, including full screen, window, and region capture, with built-in PII masking and security controls.