macOS-MCP is a lightweight, open-source Model Context Protocol server that bridges AI agents and the macOS operating system. It enables seamless automation of macOS through LLMs via tasks such as file navigation, application control, UI interaction, browser automation, and system operations.
- macOS 12 (Monterey)
- macOS 13 (Ventura)
- macOS 14 (Sonoma)
- macOS 15 (Sequoia)
-
Works with Any LLM (Vision Optional)
Unlike traditional automation tools, macOS-MCP doesn't require computer vision, fine-tuned models, or specialized setup. Works seamlessly with any LLM—Claude, GPT, Gemini, or others. -
Native macOS Integration
Interacts natively with macOS UI elements using the Accessibility API. Opens apps, controls windows, simulates user input, and captures desktop state without workarounds. -
Rich Toolset for Automation
Complete toolkit for keyboard/mouse operations, window management, UI state capture, interactive element extraction from the accessibility tree, and AppleScript execution. -
Lightweight and Open-Source
Minimal dependencies with full source code available under MIT license. Easy setup and deployment. -
Smart Context Awareness
Automatically detects application state (Launchpad, Control Center, Spotlight). Scans menu bar, dock, desktop, and system UI elements intelligently. -
Customizable and Extensible
Easily extend with custom tools or modify behavior to suit your specific automation needs.
- Python: 3.11 or later
- UV Package Manager: Install with
pip install uvorcurl -LsSf https://astral.sh/uv/install.sh | sh - macOS: 12 (Monterey) or later
- Accessibility Permissions: Required for UI element interaction
Run the server directly:
uvx macos-mcp
# Or with SSE/Streamable HTTP for network access
uvx macos-mcp --transport sse --host localhost --port 8000
uvx macos-mcp --transport streamable-http --host localhost --port 8000Run it as a background service that starts now and at every login:
macos-mcp install
# Or choose the HTTP transport and bind address explicitly
macos-mcp install --transport sse --host 127.0.0.1 --port 8000This installs a launchd Launch Agent at ~/Library/LaunchAgents/com.macos-mcp.server.plist.
Use macos-mcp uninstall to remove it. Logs are written to ~/.macos-mcp/server.log
and ~/.macos-mcp/server.error.log.
| Transport | Flag | Use Case |
|---|---|---|
stdio (default) |
--transport stdio |
Direct connection from MCP clients like Claude Desktop, Cursor, etc. |
sse |
--transport sse --host HOST --port PORT |
Network-accessible via Server-Sent Events |
streamable-http |
--transport streamable-http --host HOST --port PORT |
Network-accessible via HTTP streaming (recommended for production) |
macOS-MCP requires Accessibility and Screen Recording permissions to function properly.
- Open System Settings → Privacy & Security → Accessibility
- Click the lock icon and authenticate
- Add the following applications:
- Your terminal application (Terminal, iTerm2, VS Code, etc.)
- Python (typically
/usr/bin/python3or the Python version managed by UV) - UV (
~/.local/bin/uvif installed locally, or the Python environment UV manages)
- Restart the terminal after granting permissions
For uvx users: Grant permissions to your terminal application and Python, as uvx runs Python packages from UV's cache.
The Snapshot tool requires Screen Recording permissions to capture screenshots:
- Open System Settings → Privacy & Security → Screen Recording
- Click the lock icon and authenticate
- Add the same applications as above (terminal, Python, UV)
- Restart the terminal after granting permissions
Note: If the Snapshot tool fails, verify both permissions are granted in System Settings.
Claude Desktop
-
Install Claude Desktop
-
Edit
~/Library/Application Support/Claude/claude_desktop_config.json:
{
"mcpServers": {
"macos-mcp": {
"command": "uvx",
"args": ["macos-mcp"]
}
}
}- Restart Claude Desktop
Gemini CLI
- Install Gemini CLI:
npm install -g @google/gemini-cli-
Navigate to
~/.geminiand opensettings.json -
Add the server config:
{
"theme": "Default",
"mcpServers": {
"macos-mcp": {
"command": "uvx",
"args": ["macos-mcp"]
}
}
}- Restart Gemini CLI
Claude Code
-
Install Claude Code
-
Add to your project configuration or use the MCP marketplace integration
Pi Agent
Pi does not ship with built-in MCP support, but macOS-MCP can be installed as a Pi package. The package starts this MCP server over stdio and exposes convenient Pi tools that wrap the existing macOS-MCP tools.
One-line global setup:
pi install git:github.com/CursorTouch/MacOS-MCPAfter install, restart Pi or run:
/reload
Try without installing:
pi -e git:github.com/CursorTouch/MacOS-MCPLocal checkout setup:
git clone https://github.com/CursorTouch/MacOS-MCP.git
cd MacOS-MCP
uv sync
npm install
piIf you copied only the extension into another Pi project, run Pi from the macOS-MCP checkout or set:
export MACOS_MCP_ROOT=/path/to/MacOS-MCPThe extension exposes these Pi tools:
| Pi Tool | Purpose |
|---|---|
mac_snapshot |
Read current macOS UI state through the existing Snapshot tool. |
mac_app |
Launch, switch, move, or resize macOS applications/windows. |
mac_click |
Click coordinates returned by mac_snapshot. |
mac_type |
Type text at coordinates returned by mac_snapshot. |
mac_shortcut |
Run keyboard shortcuts such as command+c or command+space. |
mac_scroll |
Scroll at the current pointer or coordinates. |
mac_wait |
Wait for UI changes/loading. |
Recommended agent workflow:
- Call
mac_snapshotfirst. - Use the coordinates returned by Snapshot with
mac_click,mac_type, andmac_scroll. - Use screenshots/vision only when Accessibility data is missing or ambiguous.
The extension auto-detects the macOS-MCP checkout when installed as a Pi package. If you use a manually copied extension, set MACOS_MCP_ROOT=/path/to/MacOS-MCP.
Other Integrations
Any client supporting the Model Context Protocol can integrate macOS-MCP by configuring the uvx macos-mcp command in their MCP server settings.
macOS-MCP provides a comprehensive toolset for desktop automation:
| Tool | Purpose |
|---|---|
| Click | Click at coordinates with support for left, right, and double-click |
| Type | Type text at cursor position, optionally clearing existing text |
| Scroll | Scroll vertically or horizontally in focused window or regions |
| Move | Move mouse pointer or drag to coordinates |
| Shortcut | Press keyboard shortcuts (Cmd+C, Cmd+Tab, etc.) |
| App | Launch applications, manage windows (resize/move), switch between apps. Supports app names and bundle IDs |
| Shell | Execute commands or AppleScript. Use mode='osascript' for AppleScript |
| Scrape | Extract and convert webpage content to Markdown format |
| Wait | Pause execution for a defined duration |
- Accessibility Requirements: Manual permission grant required in System Preferences
- App Compatibility: Some applications have limited or no Accessibility API support
- Performance Variance: Complex UIs with many elements may have slower traversal
- Text Input: Some specialized input fields may not properly receive keystrokes
- Authentication: Cannot interact with system authentication dialogs
macos-mcp --transport sse --host 0.0.0.0 --auth-key "your_token"Requires Authorization: Bearer your_token header on all requests.
macos-mcp --auth-key "token" --ip-allowlist "203.0.113.0/24,198.51.100.5"Restricts connections to specified CIDR ranges.
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes
macos-mcp --ssl-certfile cert.pem --ssl-keyfile key.pemFor MCP clients that use OAuth (e.g. Claude Desktop) instead of a static API key:
macos-mcp --transport streamable-http --host 0.0.0.0 \
--ssl-certfile ~/.macos-mcp/cert.pem \
--ssl-keyfile ~/.macos-mcp/key.pem \
--oauth-client-id my-client \
--oauth-client-secret my-secretClaude Desktop config:
{
"mcpServers": {
"macos-mcp": {
"type": "http",
"url": "https://<host>:8000/mcp/",
"oauth": {
"clientId": "my-client",
"clientSecret": "my-secret"
}
}
}
}The OAuth server exposes:
GET /.well-known/oauth-authorization-server— server metadata (RFC 8414)GET /oauth/authorize— Authorization Code + PKCE (S256required)POST /oauth/token— token exchange (client secret required)POST /oauth/register— disabled; clients must be pre-provisioned
Dynamic client registration is disabled. Redirect URIs must be loopback http(s) only.
Auth key and OAuth can coexist — both are accepted as valid Bearer tokens.
The Scrape tool blocks: private IPs, loopback, link-local, credentials-in-URLs, non-HTTP schemes.
Instead of passing flags every time, store your configuration in ~/.macos-mcp/config.toml. CLI flags always override config file values.
Search order:
--config /path/to/config.toml~/.macos-mcp/config.toml
stdio — local only, no security needed:
[server]
transport = "stdio"SSE — network access with auth and IP restriction:
[server]
transport = "sse"
host = "0.0.0.0"
port = 8000
auth_key = "your-secret-key"
[security]
ip_allowlist = ["192.168.1.0/24"]Streamable HTTP — network access with auth and TLS (recommended for production):
[server]
transport = "streamable-http"
host = "0.0.0.0"
port = 8000
auth_key = "your-secret-key"
ssl_certfile = "cert.pem" # resolved relative to ~/.macos-mcp/
ssl_keyfile = "key.pem"
[security]
ip_allowlist = ["192.168.1.0/24"]
oauth_client_id = "my-client" # optional — enables OAuth 2.0 + PKCE
oauth_client_secret = "my-secret"
[tools]
exclude = ["Shell", "Scrape"] # disable specific toolsAvailable tool names: App, Shell, Snapshot, Click, Type, Scroll, Move, Shortcut, Wait, Scrape, Notification
Place your cert and key files in the same directory:
~/.macos-mcp/
├── config.toml
├── cert.pem
└── key.pem
Generate a self-signed cert directly into that directory:
mkdir -p ~/.macos-mcp
openssl req -x509 -newkey rsa:4096 \
-keyout ~/.macos-mcp/key.pem \
-out ~/.macos-mcp/cert.pem \
-days 365 -nodesAll variables are optional. Set them via the env key in claude_desktop_config.json.
| Variable | Default | Description |
|---|---|---|
ANONYMIZED_TELEMETRY |
true |
Set to false to disable anonymous usage telemetry. No personal data, tool arguments, or outputs are ever collected. |
MACOS_MCP_AUTH_KEY |
(none) | Bearer token required on all HTTP requests. Alternative to --auth-key CLI flag. |
MACOS_MCP_IP_ALLOWLIST |
(none) | Comma-separated list of allowed client IPs or CIDR ranges. Alternative to --ip-allowlist CLI flag. |
MACOS_MCP_SSL_CERTFILE |
(none) | Path to TLS certificate file (.pem). Must be provided with MACOS_MCP_SSL_KEYFILE. |
MACOS_MCP_SSL_KEYFILE |
(none) | Path to TLS private key file (.pem). Must be provided with MACOS_MCP_SSL_CERTFILE. |
Example claude_desktop_config.json (remote with auth + TLS):
{
"mcpServers": {
"macos-mcp": {
"command": "uvx",
"args": ["macos-mcp", "--transport", "sse", "--host", "0.0.0.0"],
"env": {
"MACOS_MCP_AUTH_KEY": "your_token",
"MACOS_MCP_IP_ALLOWLIST": "203.0.113.0/24",
"MACOS_MCP_SSL_CERTFILE": "/path/to/cert.pem",
"MACOS_MCP_SSL_KEYFILE": "/path/to/key.pem"
}
}
}
}macOS-MCP collects anonymous usage data to help improve the server. No personal information, tool arguments, or outputs are tracked.
To disable telemetry, set ANONYMIZED_TELEMETRY to false:
{
"mcpServers": {
"macos-mcp": {
"command": "uvx",
"args": ["macos-mcp"],
"env": { "ANONYMIZED_TELEMETRY": "false" }
}
}
}Before using macOS-MCP:
- ✅ Grant Accessibility permissions only to trusted applications
- ✅ Understand that Shell commands execute with full user privileges
- ✅ Review AI-generated action plans before execution
- ✅ Use only in virtual machines or isolated environments with valueless data
- ✅ Create backups before testing in production-like scenarios
⛔ Do NOT use on:
- Systems with irreplaceable data
- Production machines or shared systems
- Compliance-regulated environments (HIPAA, PCI, etc.)
For detailed security guidance, see SECURITY.md.
We welcome contributions! Please see CONTRIBUTING.md for:
- Development setup and code standards
- Testing requirements
- Pull request process
- Coding conventions (Ruff formatting, 100 char line length)
macOS-MCP is licensed under the MIT License - see LICENSE for details.
macOS-MCP is built with excellent open-source projects:
- PyObjC - Python to Objective-C bridge
- Pillow - Python Imaging Library
- FastMCP - MCP framework
- macOS Accessibility API (ApplicationServices)
If you use macOS-MCP in your research or project, please cite:
@software{macos-mcp,
author = {Jeomon George},
title = {macOS-MCP: Lightweight MCP Server for macOS Automation},
year = {2025},
publisher = {GitHub},
url = {https://github.com/Jeomon/macos-mcp}
}Questions or Issues? Open an issue or check SECURITY.md for security concerns.