Desktop Commander is a free, open-source Model Context Protocol server that hands Claude Desktop real control of your terminal, file system, and running processes, and it is the hottest tool on GitHub trending today with around 900 new stars in a day on top of 7,600 total. It turns a chat window into a working dev environment: Claude can run commands, search and diff-edit your code, and analyze files in place, all billed against your existing Claude subscription instead of API tokens. Setup takes about five minutes and one command.

  • One install command wires it into Claude Desktop, Claude Code, Cursor, VS Code, or Codex: npx @wonderwhy-er/desktop-commander@latest setup, then restart your client.
  • It runs against your Claude Pro subscription, not the API, so long agentic sessions do not rack up per-token bills.
  • MIT licensed and cross-platform, with an optional Docker install that sandboxes it away from your host filesystem.
  • The tradeoff is trust: it can execute terminal commands on your machine, and its directory guardrails can be bypassed, so scope it deliberately.
How Desktop Commander connects an AI client to your machine An AI client such as Claude Desktop speaks the Model Context Protocol to the Desktop Commander server running locally, which then executes terminal commands, searches and diff-edits files, and manages processes on your own computer. No API tokens are consumed. AI CLIENT Claude Desktop Claude Code Cursor / VS Code Codex host subscription MCP DESKTOP COMMANDER Run terminal commands Search & read files Diff-edit code Manage processes YOUR MACHINE Shell Files Procs One MCP server, whole-OS reach, no API tokens spent genztech.blog
Fig 1 Desktop Commander sits between your AI client and your operating system, translating chat requests into real terminal, file, and process actions on your own machine.

What is Desktop Commander and why is it trending?

Desktop Commander is an MCP server built by Eduards Ruzga (wonderwhy-er) that gives an AI client terminal control, whole-system file search, and surgical diff-based file editing. Under the hood it extends the reference MCP Filesystem Server with search-and-replace editing, then adds command execution, background processes, and session management on top. The result is that Claude stops being a code suggestion box and starts being an operator: it can clone a repo, run the build, read the error, patch the file, and rerun, all inside one chat. The trending spike tracks a broader shift toward MCP as the standard plug for AI tools, plus a cost argument the README makes bluntly: because it works through Claude Desktop's subscription rather than API calls, a long autonomous session that would burn real money on API tokens costs nothing extra here. The repo sits near 7,700 stars under an MIT license, and the latest release, v0.2.44, shipped on July 9, 2026.

RelatedClaude Video Setup: Let Claude Watch Any Video

How do you install Desktop Commander?

The fastest path works on Windows, macOS, and Linux and needs only Node.js installed. Open a terminal and run the setup command, which configures Claude Desktop for you, then restart Claude if it is running:


# one-line setup for Claude Desktop (needs Node.js)
npx @wonderwhy-er/desktop-commander@latest setup

If you use a coding agent instead of Claude Desktop, add it there directly. For Claude Code, the CLI registers the server in one command; the OpenAI Codex CLI uses its own equivalent:


# Claude Code (user scope; drop --scope user for project-only)
claude mcp add --scope user desktop-commander -- npx -y @wonderwhy-er/desktop-commander@latest
# OpenAI Codex
codex mcp add desktop-commander -- npx -y @wonderwhy-er/desktop-commander@latest

Prefer to wire it up by hand? Any MCP-compatible client (Cursor, Windsurf, VS Code with Copilot, Cline, Roo Code) takes the same JSON. Add this to the client's MCP config file, for Claude Desktop that is claude_desktop_config.json, then restart:

{
  "mcpServers": {
    "desktop-commander": {
      "command": "npx",
      "args": ["-y", "@wonderwhy-er/desktop-commander@latest"]
    }
  }
}

How do you run it sandboxed with Docker?

If you would rather not give a chat assistant raw access to your host, the Docker install runs the server in an isolated container with a persistent work environment and needs no Node.js at all. It requires Docker Desktop installed and running. On Windows PowerShell, one line pulls the image and configures Claude Desktop:


# Windows PowerShell: sandboxed Docker install
iex ((New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/wonderwhy-er/DesktopCommanderMCP/refs/heads/main/install-docker.ps1'))

On macOS or Linux, the equivalent installer runs from bash. Docker mode only sees the folders you explicitly mount, which is the cleanest way to keep the assistant inside a project and out of the rest of your disk:


# macOS / Linux: sandboxed Docker install
bash <(curl -fsSL https://raw.githubusercontent.com/wonderwhy-er/DesktopCommanderMCP/refs/heads/main/install-docker.sh)

Whichever route you pick, verify it worked by opening a fresh chat and asking Claude to list the files in a folder. When it returns a real directory listing, the server is live. To remove it later, run npx @wonderwhy-er/desktop-commander@latest remove.

RelatedPhotoGIMP Setup: Make GIMP Feel Like Photoshop

How does it compare with IDE agents like Cursor?

Trait Desktop Commander Cursor Windsurf
Scope Whole operating system Inside the editor Inside the editor
Billing model Host AI subscription Own subscription + limits Own subscription + limits
Runs terminal commands Yes Yes Yes
Works outside a code editor Yes No No
Open source Yes, MIT No No
Reads whole files Yes Chunks / retrieval Chunks / retrieval

The IDE agents still win when your work lives entirely inside a code editor and you want inline completions and a tight edit loop. Desktop Commander wins when the job spills outside the editor: organizing a Downloads folder, running a data analysis on a CSV, managing background servers, or driving several projects from one conversation. They are not really the same category, which is why plenty of developers run both.

What are the gotchas before you rely on it?

Four things to understand before it becomes part of your daily workflow. First, this tool executes terminal commands on your machine, so treat every autonomous session with the same caution you would a script you did not write; the safest posture for sensitive machines is the Docker install. Second, the guardrails are softer than they look: the maintainers state plainly that directory restrictions and command blocking can be bypassed through symlinks, command substitution, and absolute paths, and that allowedDirectories currently limits only file operations, not terminal commands, which can still reach outside the allowed paths. Third, an empty allowedDirectories array grants file access to your entire filesystem, so set explicit paths rather than leaving it blank. Fourth, change configuration in a separate chat from your real work, because the assistant may try to widen its own allowedDirectories when it hits an access wall. None of these are dealbreakers, but they are the difference between a controlled setup and an over-permissioned one.

What to watch · 2026
  • Remote MCP maturing. The project now exposes a hosted remote endpoint for ChatGPT and Claude web; how well it holds up versus the local server is the thing to test.
  • The desktop app. A beta app promises any-model support and live file previews; whether it stays as open as the server is the open-core question here too.
  • Tighter sandboxing defaults. Given the documented bypasses, sane out-of-the-box directory limits would remove the biggest reason to hesitate.

Our take

Desktop Commander is the clearest demonstration yet of why MCP matters: a single small server converts a chat assistant into something that can actually operate your computer, and it does it without a new subscription or a per-token meter running in the background. The install genuinely is one command, the whole-OS reach is the feature IDE agents structurally cannot match, and the MIT license means you can read exactly what it does. The catch is the flip side of the same power. A tool that can run any terminal command, with guardrails its own authors admit are bypassable, deserves a deliberate scope, and for anything sensitive that means the Docker sandbox rather than raw host access. Set it up with intent and it is the most capable free way to let Claude work on real files today; set it up carelessly and you have handed a chat window the keys to your disk.

Primary sources

Original analysis by GenZTech. Tool documentation: wonderwhy-er/DesktopCommanderMCP on GitHub.