MCP server
The MCP tab turns the app into a local Model Context Protocol server, so an AI coding agent can inspect your machine's live state and scan results as first-class tools — and, with your explicit approval, request actions.
Everything lives in one self-contained panel: toggle the server on, see the endpoint and token, copy ready-to-use setup snippets for each client, and approve/deny the operations a client requests.
Security model — safe by default
- Localhost only. The server binds to
127.0.0.1and the host is not configurable. Nothing is exposed to your network. - Bearer token. Every request must send
Authorization: Bearer <token>. The token is generated once and can be copied or regenerated from the tab. - Off by default. You flip Enable server yourself; the choice is remembered.
- Read-only data, human-approved actions. Data tools only observe. Any mutating operation is gated behind an in-app approval — see Human-in-the-loop.
What it exposes
| Kind | Tools |
|---|---|
| Read-only data | get_system_metrics, list_processes, get_process, list_connections |
| Read-only scans | scan_threats, scan_disk_cleanup, scan_appdata, scan_registry, scan_broken_links |
| Operation requests (human-in-the-loop) | request_kill_process, request_disk_cleanup, request_registry_cleanup, request_link_cleanup |
| Polling | get_operation_status, list_pending_operations |
Full descriptions are in the Tools reference.
Turning it on
- Open the MCP tab.
- Set a Port (default
8765) if you like. - Check Enable server. The status flips to ● Listening and the status-bar
indicator turns green (
MCP ●). - Copy the Endpoint and Token, then wire up your client — see Connect an agent.
The endpoint is always http://127.0.0.1:<port>/mcp (Streamable HTTP).
Operations are currently mocked — approving one records what it would have
done (e.g. MOCK: would have killed PID 1234) and changes nothing on your system.
The full human-in-the-loop path is real; only the final effect is a no-op.