// SCAN REPORT

Kwin

30 tools. 23 can modify or destroy data without limits.

23 write tools that can modify data. Rate limits recommended.

Last updated:

23 can modify or destroy data
7 read-only
30 tools total

Community server · catalogue entry verified 11/06/2026

How to control Kwin ↓

TOOL MAP

What Kwin exposes to your agents

Read (7) Write / Execute (23) Destructive / Financial (0)

Running more than one server? Check your whole stack →

MOST DANGEROUS TOOLS
High Risk

The most dangerous Kwin tools

Execute · High launch_app launch_app triggers execution of external programs whose behavior and side effects depend on the arguments (which application to run and its parameters). Execute · High session_start This tool starts a KWin session (either isolated or connecting to a live desktop), which is an executable action that triggers desktop GUI automation. Execute · High session_stop session_stop triggers termination of a KWin session—an external operation whose effects depend on which session is targeted. Execute · High wait_for_element This tool waits for UI elements to appear before proceeding with automation actions.

23 of Kwin's 30 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

POLICY

How to control Kwin

PolicyLayer is an MCP gateway — it sits between your AI agents and Kwin, and nothing reaches the server without passing your rules. These are the rules we recommend:

Rate limit write operations
{
  "clipboard_set": {
    "limits": [
      {
        "counter": "clipboard_set_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "clipboard_get": {
    "limits": [
      {
        "counter": "clipboard_get_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Kwin — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON KWIN →

Free to start. No card required.

FULL CATALOGUE

All 30 Kwin tools

EXECUTE 22 tools
Execute launch_app launch_app Execute session_start session_start Execute session_stop session_stop Execute wait_for_element wait_for_element Execute dbus_call dbus_call Execute focus_window Attempt to focus a window by application name. Execute keyboard_key keyboard_key Execute keyboard_key_down Press and hold a key without releasing. Execute keyboard_key_up Release a previously held key. Execute keyboard_type keyboard_type Execute keyboard_type_unicode keyboard_type_unicode Execute mouse_button_down mouse_button_down Execute mouse_button_up mouse_button_up Execute mouse_click mouse_click Execute mouse_drag mouse_drag Execute mouse_move mouse_move Execute mouse_scroll mouse_scroll Execute session_connect session_connect Execute touch_multi_swipe touch_multi_swipe Execute touch_pinch touch_pinch Execute touch_swipe touch_swipe Execute touch_tap touch_tap
WRITE 1 tools
Write clipboard_set Set the clipboard content in the isolated session.
READ 7 tools
Read clipboard_get Read the current clipboard content in the isolated session. Read find_ui_elements find_ui_elements Read list_windows List accessible application windows in the isolated session. Read read_app_log read_app_log Read screenshot Capture a screenshot of the isolated session. Read wayland_info List Wayland protocols available in the isolated session. Read accessibility_tree accessibility_tree
EXPLORE

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Sperax Ecosystem Crypto & DeFI MCP Server 1318 tools
automation
Mcp Afip 1300 tools
automation
Mcp Ap2 1300 tools
automation
BNB Chain MCP 1240 tools
automation
Nodebench 824 tools
automation
Amazon Bedrock Knowledge Base Retrieval MCP Server 805 tools
automation
Amazon Data Processing MCP Server 805 tools
automation
Amazon ECS MCP Server 805 tools
automation
FAQ

Questions about Kwin

How do I prevent bulk modifications through Kwin? +

The Kwin server has 1 write tools including clipboard_set. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Kwin.

How many tools does the Kwin MCP server expose? +

30 tools across 3 categories: Execute, Read, Write. 7 are read-only. 23 can modify, create, or delete data.

How do I enforce a policy on Kwin? +

Register the Kwin MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Kwin tool call.

Deterministic rules across all 30 Kwin tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

ENFORCE POLICY ON KWIN →

Free to start. No card required.

30 Kwin tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.