TermPipe MCP

119 tools. 71 can modify or destroy data without limits.

7 destructive tools with no built-in limits. Policy required.

Last updated:

71 can modify or destroy data
48 read-only
119 tools total

Community server · catalogue entry verified 03/07/2026

How to control TermPipe MCP ↓

What TermPipe MCP exposes to your agents

Read (48) Write / Execute (63) Destructive / Financial (7)
Critical Risk

The most dangerous TermPipe MCP tools

71 of TermPipe MCP's 119 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

How to control TermPipe MCP

PolicyLayer is an MCP gateway — it sits between your AI agents and TermPipe MCP, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations
{
  "cond_clear_hotkeys": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "append_file": {
    "limits": [
      {
        "counter": "append_file_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "analyze_file_structure": {
    "limits": [
      {
        "counter": "analyze_file_structure_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register TermPipe MCP — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON TERMPIPE →

Instant setup, no code required.

All 119 TermPipe MCP tools

EXECUTE 44 tools
Execute boot Mid-session context refresh with integrated briefing. Execute build build Execute cond_clipboard_paste Trigger Ctrl+V to paste current clipboard content into active window. Execute cond_daemon_send cond_daemon_send Execute cond_focus Focus a window by app-id or name (fuzzy match). Execute cond_key Send a key combination. Separate keys with space or ,,. Execute cond_launch Launch an application by name (uses cond app database, fuzzy match). Execute cond_mouse_click Click a mouse button. Execute cond_mouse_move Move the mouse cursor. Execute cond_move_window Move a window. x/y can be pixels or 0.0-1.0 percentage of screen. Execute cond_ocr Capture active window, run AI OCR (qwen-vl via iflow), copy result to clipboard. Execute cond_ocr_file Run AI OCR on an existing image file and copy result to clipboard. Execute cond_register_hotkey_input Register a hotkey to execute input commands (type, key, click, etc). Execute cond_register_hotkey_script Register a hotkey to execute a shell script. Execute cond_resize_window Resize a window. w/h can be pixels or 0.0-1.0 percentage. Execute cond_restore_layout Restore a previously saved window layout. Execute cond_snap Snap active window to a screen region. Execute cond_subscribe cond_subscribe Execute cond_type Type text into the active window via compositor input injection. Execute cond_verify_launch cond_verify_launch Execute cond_visual_query cond_visual_query Execute debug_assist debug_assist Execute gemini_debug gemini_debug Execute ifp_send Send a prompt to local omniproxy (qwen2.5-coder-7b-instruct). Execute interact_with_process Send input to a running process (REPL, interactive shell, etc). Execute launch_app Launch an application via normalized launch script. Execute reload_tools Hot-reload all tool modules. Execute smart_replace smart_replace Execute start_search start_search Execute stop_search Stop and clean up a search. Execute termf_exec Execute a shell command via TermPipe (existing method, preserved). Execute termf_hsp_pipeline termf_hsp_pipeline Execute termf_live_continue Execute another command in an existing terminal session. Execute termf_live_exec termf_live_exec Execute termf_nlp Execute NLP command via TermPipe. Translates natural language to CLI. Execute termf_nlp_alias Generate and install a shell alias/function from natural language. Execute wbind_action wbind_action Execute wbind_launch_and_focus Launch an app and bring it to a known state. Execute workspace_ask workspace_ask Execute workspace_await_approval workspace_await_approval Execute workspace_await_task_approval workspace_await_task_approval Execute workspace_init workspace_init Execute workspace_task_create workspace_task_create Execute workspace_task_query workspace_task_query
READ 48 tools
Read analyze_file_structure AI-powered analysis of a file's structure and content. Read cond_clipboard_get Get current clipboard content. Read cond_get_active Get info about the currently active/focused window. Read cond_get_app_cmd Get the launch command for an app by name. Read cond_list_hotkeys List all registered hotkeys. Read cond_list_windows List all available windows across all workspaces. Read cond_load_hotkeys Load hotkey config from a file. Read cond_screenshot Take a full-screen screenshot. Auto-copies to clipboard. Read cond_search_apps Search installed applications matching a pattern (supports regex). Read find_in_file Find pattern in file with line numbers and optional context lines. Read gemini_analyze Gemini-powered file analysis - understand a file before editing. Read get_config Get current TermPipe configuration. Read get_file_info Get file metadata (size, modified time, etc). Read get_more_search_results Get results from an active search. Read get_recent_tool_calls Get recent tool call history. Read git_blame git_blame Read git_diff git_diff Read git_log git_log Read git_show git_show Read git_status Show working tree status — modified, staged, untracked files. Read glob_files Find files matching a glob pattern. Read history Show edit history for this session. Read ifp_model No-op: all inference is fixed to qwen2.5-coder-7b-instruct via local omniproxy. Read ifp_status Get iFlow status and current configuration. Read list_apps List available launch scripts. Read list_directory List files and directories in a path. Read list_processes List all running processes (system-wide). Read list_searches List all active searches. Read list_sessions List all active terminal sessions (running processes). Read list_tools List available tools with tactical briefing and auto-context. Read read_file Read contents of a file. Supports partial reads. Read read_lines Read specific line range from a file (0-based). Read read_multiple_files Read contents of multiple files at once. Read read_process_output Read output from a running process (REPL/interactive session). Read search_file_content search_file_content Read system_info Get high-level system and TermPipe metadata. Read telemetry_report telemetry_report Read termf_list_sessions List all active terminal sessions. Read termf_live_output Retrieve latest output from a terminal session. Read thread_log thread_log Read thread_read thread_read Read web_fetch web_fetch Read web_search Perform a web search using Exa AI API. Read workspace_list workspace_list Read workspace_load workspace_load Read workspace_override workspace_override Read workspace_request_review workspace_request_review Read workspace_status workspace_status

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Questions about TermPipe MCP

Can an AI agent delete data through the TermPipe MCP server? +

Yes. The TermPipe MCP server exposes 7 destructive tools including cond_clear_hotkeys, delete_lines, force_terminate. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through TermPipe MCP? +

The TermPipe MCP server has 19 write tools including append_file, cond_clipboard_set, cond_close. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach TermPipe MCP.

How many tools does the TermPipe MCP server expose? +

119 tools across 4 categories: Destructive, Execute, Read, Write. 48 are read-only. 71 can modify, create, or delete data.

How do I enforce a policy on TermPipe MCP? +

Register the TermPipe MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every TermPipe MCP tool call.

Deterministic rules across all 119 TermPipe MCP tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

119 TermPipe MCP tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.