agent-computer-use-mcp
v0.0.1
Published
A local MCP server for Gateway-managed computer use with cua-driver, OCR, and user-only desktop overlays.
Maintainers
Readme
agent-computer-use-mcp
agent-computer-use-mcp is a local standard MCP server for Gateway-managed computer use. It combines semantic desktop control through cua-driver, local PP-OCRv6 perception, and a user-only native overlay without restricting computer-use capabilities owned by third-party agents.
Install
Windows x64 is the first published target. Users install one package name:
npm install [email protected]
npx -y [email protected]npm automatically selects the exact matching @xiaozhiclaw/[email protected] optional dependency. The protected core package contains the MCP runtime; the platform package contains cua-driver, the native overlay, ONNX Runtime, and PP-OCRv6 small models. Missing, linked, mismatched, incomplete, or corrupt platform packages fail before MCP startup.
Example host configuration:
{
"mcpServers": {
"computer-use": {
"command": "npx",
"args": ["-y", "[email protected]"]
}
}
}Upgrade and rollback are normal npm version operations. The MCP server never downloads native assets, runs npm, or updates itself. computer.repair may report this exact command but remains read-only:
npm install [email protected]Offline ZIP
GitHub Release publishes a complete Windows x64 ZIP with the same protected core and byte-identical platform payload used by npm:
node .\agent-computer-use-mcp-X.Y.Z-windows-x64\bin\agent-computer-use-mcp.mjsThe ZIP requires Node.js 20 or newer. It requires no npm install, network access, elevation, or setup program. Gitee Release mirrors the published GitHub assets byte-for-byte for regional access; GitHub and public npm remain authoritative.
Development
npm ci
npm test
npm run mcpRelease-focused commands:
npm run release:npm:build:core: build the protected core package with no first-party source maps.npm run release:npm:build:win32-x64: build the immutable platform package from locked native assets.npm run phase:0.14: verify protected npm package integrity and standard MCP compatibility.npm run phase:0.15: assemble both npm tarballs and the complete ZIP, compare platform inventories, and run the offline MCP smoke.npm run phase:7.8: verify exact platform resolution and read-only repair guidance.npm run phase:7.9: verify npm/ZIP platform identity and network-free startup.npm run release:windows:size-report: enforce the 310 MiB complete ZIP limit.
The repository root is private to npm publication. Only generated release staging packages are publishable. They contain protected runtime code, exact manifests, licenses, checksums, and SBOM data without first-party source or source maps. Obfuscation is defense in depth, not a secrecy boundary.
Runtime State
Writable state is limited to user data under %LOCALAPPDATA%\AgentComputerUse\ (logs, traces, artifacts, sessions, and disposable cache). It contains no authoritative program version or active native asset selection.
The native overlay and branded cursor are visible only while Gateway-managed computer use is active. They are excluded from screenshots, OCR, observations, traces, and benchmark artifacts.
Release
A verified v* tag triggers this order:
- Validate tag, main ancestry, changelog, and tests.
- Build the core package, Windows x64 platform package, complete ZIP, checksums, manifest, and CycloneDX SBOM.
- Create a draft GitHub Release.
- Publish the platform npm package, then the core npm package, both with provenance.
- Install only
[email protected]from public npm and run an official MCP SDK smoke. - Publish GitHub Release.
- Mirror the same files to Gitee and download-verify every hash.
Gitee failure never rebuilds or rolls back npm/GitHub publication. Maintainers retry only the mirror jobs after the regional service recovers.
See productization docs and the approved distribution design.
