// SCAN REPORT

VSCode Automation MCP

61 tools. 26 can modify or destroy data without limits.

1 destructive tool with no built-in limits. Policy required.

Last updated: 12 Jun 2026

26 can modify or destroy data

35 read-only

61 tools total

Community server · catalogue entry verified 12/06/2026

How to control VSCode Automation MCP ↓

TOOL MAP

What VSCode Automation MCP exposes to your agents

Read (35) Write / Execute (25) Destructive / Financial (1)

Running more than one server? Check your whole stack →

MOST DANGEROUS TOOLS

Critical Risk

The most dangerous VSCode Automation MCP tools

Destructive · Low vscode_clear_console Clearing console logs is irreversible — once cleared, the captured log data is gone. Execute · High vscode_execute_command This tool directly executes VSCode commands with arbitrary scope. Execute · Critical vscode_execute_script This tool permits execution of arbitrary JavaScript in the VSCode application context, which can inspect and modify any data accessible to VSCode, read file contents, manipulate the DOM, trigger VSCode commands, and pote Execute · High vscode_go_to_definition Although 'go to definition' itself is a navigation operation (Read-like), it is executed programmatically via the MCP automation interface to control VSCode's UI and application state.

26 of VSCode Automation MCP's 61 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

POLICY

How to control VSCode Automation MCP

PolicyLayer is an MCP gateway — it sits between your AI agents and VSCode Automation MCP, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations

{
  "vscode_clear_console": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations

{
  "vscode_dump_dom_to_file": {
    "limits": [
      {
        "counter": "vscode_dump_dom_to_file_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations

{
  "vscode_wait_for_text": {
    "limits": [
      {
        "counter": "vscode_wait_for_text_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

Create a free account and register VSCode Automation MCP — nothing to install.
Add these rules — paste them, or build them visually. Tune the limits to your setup.
Point your MCP client (Claude, Cursor, anything) at your gateway URL.

ENFORCE POLICY ON VSCODE AUTOMATION →

Free to start. No card required.

FULL CATALOGUE

All 61 VSCode Automation MCP tools

DESTRUCTIVE 1 tools

Destructive vscode_clear_console Clear captured console logs.

EXECUTE 24 tools

Execute vscode_execute_command Execute a VSCode command programmatically. Use this to trigger any command available in the Command Palette. Execute vscode_execute_script Execute arbitrary JavaScript code in the VSCode window context (like DevTools console). Has full access to doc Execute vscode_go_to_definition Trigger Go to Definition (F12) on the current cursor position. Execute vscode_hover Hover over an element for a specified duration to trigger hover effects. Execute vscode_initialize Initialize the VSCode automation driver. This is called automatically on first tool use, but can be called exp Execute vscode_trigger_completion Trigger IntelliSense/code completion (Ctrl+Space) and optionally wait for items. Execute vscode_trigger_hover Trigger hover on an element and optionally wait for tooltip to appear. Returns tooltip content if found. Execute vscode_trigger_signature_help Trigger signature help (Ctrl+Shift+Space) and get parameter info. Execute vscode_wait_for_element Wait for an element to appear or disappear. Useful for waiting for UI updates after actions. Execute vscode_wait_for_idle Wait for VSCode to become idle (no pending operations, document ready, no busy indicators). Execute vscode_dismiss_notification Dismiss a notification by clicking its close button. Can target by index or message text. Execute vscode_focus_element Focus a UI element by CSS selector. Optionally scrolls the element into view first. Execute vscode_click_element Click a UI element in VSCode by CSS selector, XPath, accessibility label, or text content. Supports single cli Execute vscode_click_menu_item Click a menu item by its text label. Execute vscode_drag_drop Drag an element and drop it onto another element. Useful for reordering tabs, tree items, etc. Execute vscode_handle_dialog Handle modal dialogs like InputBox, QuickPick, or confirmation dialogs. Can submit text or dismiss. Execute vscode_open_context_menu Open a context menu (right-click menu) on an element. Execute vscode_open_file Open a file in the VSCode editor. Optionally navigate to a specific line and column position. Execute vscode_open_webview Open a webview panel by its title or command. Webviews are used by extensions for custom UI. Execute vscode_press_keys Press keyboard keys or key combinations (e.g., Execute vscode_scroll Scroll an element or the page in a specified direction or to a position (top/bottom). Execute vscode_select_completion_item Select and accept a completion item by its label. Execute vscode_select_quick_pick_item Select an item from the QuickPick by text or index. Execute vscode_type_text Type text into VSCode. Can type into the currently focused element or target a specific input by selector.

WRITE 1 tools

Write vscode_dump_dom_to_file Dump the full DOM structure to a file (JSON, HTML, or tree format). The AI can then read sections of this file

READ 35 tools

Read vscode_wait_for_text Wait for specific text to appear or disappear in an element or the page. Read vscode_assert_text Assert that specific text appears in the editor or a UI element. Supports exact match or contains check. Read vscode_check_file_open Check if a file with the specified name is currently open in the editor. Read vscode_find_interactive_elements Find all interactive elements (buttons, inputs, links, tabs, etc.) within a container. Great for discovering w Read vscode_get_accessibility_tree Get the accessibility tree of the VSCode window. Provides a semantic, role-based view of the UI that is often Read vscode_get_completion_items Get items from the currently visible IntelliSense/completion widget. Read vscode_get_console_logs Get captured console logs (log, info, warn, error, debug). Logs are captured after first call. Read vscode_get_devtools_info Get DevTools-style information about the window, document, navigator, and VSCode-specific APIs. Read vscode_get_diagnostics Get diagnostic messages (errors, warnings, info) from the Problems panel. Useful for checking compilation erro Read vscode_get_dom Get the full DOM structure of the VSCode window or a specific element. Returns the DOM tree in a format suitab Read vscode_get_editor_content Get the full text content of the currently active editor along with metadata like file name, line count, and d Read vscode_get_element Get detailed information about a UI element including its text, visibility, enabled state, position, size, and Read vscode_get_element_by_id Get an element by its ID (document.getElementById wrapper). Fast lookup for elements with known IDs. Read vscode_get_element_children Get the direct children (or descendants) of an element. Use this for incremental DOM exploration - start with Read vscode_get_element_parents Get the parent chain (ancestors) of an element up to the body. Useful for understanding element context and bu Read vscode_get_element_siblings Get sibling elements at the same level as the target element. Useful for understanding list items, tabs, or ot Read vscode_get_elements_by_class Get all elements with a specific class name (document.getElementsByClassName wrapper). Read vscode_get_elements_by_tag Get all elements of a specific tag type like Read vscode_get_extension_logs Get extension-related console logs. Can filter by extension ID. Read vscode_get_menu_items Get items from a visible menu (context menu or dropdown). Read vscode_get_notifications Get all visible notifications with their type, message, actions, and source. Read vscode_get_output_channel_content Get content from a specific output channel. Read vscode_get_output_channels Get list of available output channels in VSCode. Read vscode_get_performance_metrics Get performance metrics including memory, timing, DOM stats, and resource loading. Read vscode_get_problems_panel Get problems/diagnostics from the Problems panel with severity, message, source, and location. Read vscode_get_quick_pick_items Get items from the currently visible QuickPick/Command Palette. Read vscode_get_status Get the current status of the VSCode automation driver. Read vscode_get_ui_structure Get the structure of a specific VSCode UI region (sidebar, editor, panel, etc.). Provides a focused, clean vie Read vscode_list_commands List available VSCode commands. Optionally filter by a search string to find specific commands. Read vscode_query_elements Find all elements matching a CSS selector and get information about each. Useful for discovering interactive e Read vscode_query_selector Direct wrapper for document.querySelector() or querySelectorAll(). Simple and fast element lookup by CSS selec Read vscode_search_dom Search the DOM for elements by text content, ID, class, aria-label, title, or role. Returns matching elements Read vscode_take_screenshot Take a screenshot of the VSCode window. The screenshot is saved to a file and optionally returned as base64 da Read vscode_verify_element Verify the presence and state of a UI element. Check if it exists, is visible, is enabled, or contains specifi

EXPLORE

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

FAQ

Questions about VSCode Automation MCP

Can an AI agent delete data through the VSCode Automation MCP server? +

Yes. The VSCode Automation MCP server exposes 1 destructive tools including vscode_clear_console. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through VSCode Automation MCP? +

The VSCode Automation MCP server has 1 write tools including vscode_dump_dom_to_file. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach VSCode Automation MCP.

How many tools does the VSCode Automation MCP server expose? +

61 tools across 4 categories: Destructive, Execute, Read, Write. 35 are read-only. 26 can modify, create, or delete data.

How do I enforce a policy on VSCode Automation MCP? +

Register the VSCode Automation MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every VSCode Automation MCP tool call.

Deterministic rules across all 61 VSCode Automation MCP tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

ENFORCE POLICY ON VSCODE AUTOMATION →

Free to start. No card required.

61 VSCode Automation MCP tools catalogued and risk-classified — across an index of 43,000+ MCP servers.