npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@foursecondfivefour/aether-mcp-server

v1.0.1

Published

AETHER_01 — Full-spectrum Windows MCP server: process, file, registry, service, GUI, system, network, user, security, automation. 10 tools, 99% Windows management coverage.

Readme

AETHER_01 — Full-Spectrum Windows Management MCP Server

Rust License LobeHub npm

10 tools. 99% Windows coverage. Zero security compromises.

AETHER_01 is an MCP (Model Context Protocol) server written in Rust that gives AI assistants full control over Windows 10/11 via standard input/output. From process management to GUI automation, from registry to WMI queries — everything a system administrator needs.


Features

| # | Tool | Actions | |---|------|---------| | 1 | process_control | list, kill, create, priority, threads, affinity, modules, DLL injection* | | 2 | file_system | read/write/delete, ACL, symlinks, ADS streams, EFS, volumes, network shares | | 3 | registry_editor | read/write/delete, all hives, security, monitoring, offline mounting* | | 4 | service_manager | list, start/stop/restart, config, triggers, drivers | | 5 | gui_automation | mouse, keyboard, windows, screenshots, clipboard, display, audio | | 6 | system_info | CPU, memory, disk, OS, power, devices, BIOS, NTP, software, updates, BCD* | | 7 | network_manager | adapters, connections, DNS, firewall, proxy, routing, WiFi, VPN, Bluetooth | | 8 | user_management | users, groups, sessions, policies, certificates, credentials, tokens* | | 9 | security_audit | audit, UAC, Defender, AppLocker, BitLocker, TPM, Secure Boot, exploit protection | | 10 | system_automation | Event Log, Scheduled Tasks, WMI queries |

* = disabled by default, enabled via .env feature gates.


Installation

AETHER_01 provides 5 installation methods — pick the one that works best for you.

Method 1: npm global install (easiest)

npm install -g @foursecondfivefour/aether-mcp-server

The postinstall script automatically downloads the latest Windows x64 binary from GitHub Releases and places it in your PATH.

Method 2: One-click PowerShell install

Run this in PowerShell 7+ (Administrator):

irm https://raw.githubusercontent.com/foursecondfivefour/aether-mcp-server/main/install.ps1 | iex

The script automatically:

  1. Downloads the latest AETHER_01 binary
  2. Creates .env with safe default settings
  3. Registers the server in all detected AI environments: Cursor, Claude Desktop, Windsurf, VS Code, and more

Method 3: One-click editor integration

Click the badge for your editor:

| Editor | Install | |--------|---------| | Cursor | Add to Cursor | | VS Code | Add to VS Code | | VS Code Insiders | Add to VS Code Insiders |

Method 4: Selective install with install.ps1

# Cursor only
.\install.ps1 -Targets cursor

# Claude Desktop + Windsurf
.\install.ps1 -Targets claude,windsurf

# Custom binary path
.\install.ps1 -BinaryPath target\release\aether-mcp-server.exe

# Specific release version
.\install.ps1 -ReleaseTag v1.0.1

Method 5: Build from source

git clone https://github.com/foursecondfivefour/aether-mcp-server
cd aether-mcp-server
Copy-Item .env.example .env
cargo build --release
.\install.ps1 -BinaryPath target\release\aether-mcp-server.exe

Manual configuration (without install script)

{
  "mcpServers": {
    "aether-01": {
      "command": "d:\\path\\to\\aether-mcp-server.exe",
      "env": { "RUST_LOG": "info" }
    }
  }
}
{
  "mcpServers": {
    "aether-01": {
      "command": "d:\\path\\to\\aether-mcp-server.exe",
      "env": { "RUST_LOG": "info" }
    }
  }
}
{
  "mcpServers": {
    "aether-01": {
      "command": "d:\\path\\to\\aether-mcp-server.exe",
      "env": { "RUST_LOG": "info" }
    }
  }
}
{
  "mcpServers": {
    "aether-01": {
      "command": "d:\\path\\to\\aether-mcp-server.exe",
      "env": { "RUST_LOG": "info" }
    }
  }
}

After configuring, restart your editor. The MCP panel will show 10 AETHER_01 tools.


Feature Gates (.env)

Dangerous operations are disabled by default and enabled by the system administrator:

AETHER_BCD_EDIT=0          # Windows boot configuration editing
AETHER_HAL_CONFIG=0        # HAL and memory dump configuration
AETHER_OFFLINE_REGISTRY=0  # Offline registry hive mounting
AETHER_DLL_INJECT=0        # DLL injection into processes
AETHER_TOKEN_MANIPULATION=0 # Access token manipulation
AETHER_LSA_SECRETS=0       # LSA secret reading

Security

The only vulnerability is human error. AETHER_01 is a system administrator tool — like sudo, regedit, or services.msc. If you enable all feature gates, disable force checks, and blindly execute AI commands — the server does exactly what you tell it. That's not a bug. That's the nature of an administrative tool. Full threat analysis: SECURITY.md

Threat Model

Your computer (trusted environment)
│
├── Cursor / Claude / VS Code (AI client) ─── same user, same machine
│   │
│   └── AETHER_01 (stdio subprocess) ← SERVER
│       │
│       └── Windows API (system calls) — same machine, kernel
│
└── Internet ← AETHER_01 has NO network access

AETHER_01 has no network access. It is a pure stdio process. It does not make HTTP requests, open ports, or listen for connections. All communication is through stdin/stdout with the local AI client.

What the server CANNOT do

| Capability | Status | Reason | |------------|--------|--------| | Network connections | Impossible | No HTTP/TCP/UDP code | | Shell execution | Impossible | Direct Win32 API only, no cmd.exe | | Remote access | Impossible | stdio only, no HTTP/SSE/TCP | | Data exfiltration | Impossible | No network path at all | | Auto-start / persistence | Impossible | No installer, no service, no autorun | | Auto-update | Impossible | No network request code |

Defense mechanisms

| Mechanism | Protection Level | Description | |-----------|-----------------|-------------| | Feature Gates | Maximum | BCD Edit, DLL Injection, LSA Secrets, Token Manipulation, Offline Registry, HAL Config — disabled by default in .env. Operations are unavailable without explicit admin enablement. | | force: true | High | Every dangerous operation requires explicit confirmation in parameters. Without "force": true the server refuses. | | Input validation | High | Every parameter is validated before Win32 API calls. Invalid types, empty strings, invalid PIDs — immediate rejection. | | No shell injection | High | Zero cmd.exe / powershell.exe calls. All operations through direct Win32 API. No command injection path. | | WMI SELECT only | Medium | WMI queries restricted to SELECT. DELETE/INSERT/UPDATE — rejected. 30s timeout, 1000 row limit. | | Path canonicalization | Medium | All file paths go through canonicalize to prevent path traversal. | | Full audit logging | Medium | Every tool call logged to stderr: tool, action, parameters, result. |

Binary hardening

| Technology | Effect | |-----------|--------| | Control Flow Guard (/GUARD:CF) | Checks every indirect call — blocks ROP/JOP attacks | | ASLR (/DYNAMICBASE + /HIGHENTROPYVA) | Random load address — can't predict code location | | DEP/NX (/NXCOMPAT) | Stack and heap non-executable — no shellcode injection | | Static CRT (+crt-static) | No external DLL dependency — can't swap the library | | Fat LTO + codegen-units=1 | Full dead code removal — smaller attack surface | | Symbol stripping | No function names in binary — harder reverse engineering | | Panic=abort | No unwind tables — smaller binary, no stack leaks |

Standards compliance

AETHER_01 follows:

Prompt injection resistance

AETHER_01 tool parameters come from an LLM that is susceptible to prompt injection. Therefore:

  • Every string parameter is escaped before use in Win32 API
  • No eval-like operations — cannot "execute arbitrary code" through a parameter
  • No format strings in Win32 API — parameters are never interpreted as code
  • WMI WQL is escaped — single quotes in query strings are transformed
  • Paths are canonicalized..\..\windows\system32 is normalized to a checkable path

Known CVEs and inapplicability

| CVE | Applicable to AETHER? | Why not | |-----|----------------------|---------| | CVE-2025-54136 (MCPoison) | No | AETHER is a native .exe, not via npx/npm. MCP config contains no executable code — only a binary path. | | CVE-2025-54135 (CurXecute) | No | AETHER does not process MCP configs from repositories. Config is written once via install.ps1. | | CVE-2025-64106 (TrustFall) | No | AETHER does not load workspace-level configs. | | Command Injection | No | AETHER does not use shell. All Win32 API calls with typed parameters. |

Bottom line: if you don't enable feature gates without understanding them, don't disable force checks, and don't run the binary from an untrusted source — AETHER_01 is safe. Like sudo on Linux: a powerful tool requiring conscious use.

Report a vulnerability

SECURITY.md — disclosure process, supported versions, supply chain audit.


Performance

  • opt-level = 3 (all LLVM optimizations)
  • lto = true (fat LTO across all crates)
  • codegen-units = 1 (full dead code elimination)
  • panic = "abort" (no unwind tables)
  • strip = "symbols" (minimal binary)
  • target-cpu = native (AVX2, BMI2, FMA, POPCNT)

Project Structure

src/
├── main.rs              # tokio::main, stdio transport
├── server.rs            # AetherServer + tool_router
├── config.rs            # FeatureGates from .env
├── error.rs             # AetherError + FormatMessageW
├── audit.rs             # Structured audit logging
└── tools/
    ├── process.rs       # process_control
    ├── filesystem.rs    # file_system
    ├── registry.rs      # registry_editor
    ├── service.rs       # service_manager
    ├── gui.rs           # gui_automation
    ├── sysinfo.rs       # system_info
    ├── network.rs       # network_manager
    ├── user.rs          # user_management
    ├── security.rs      # security_audit
    └── automation.rs    # system_automation

License

MIT