Windows computer-use MCP for the Claude Code CLI — a 1:1 replica of Claude Desktop's computer-use tool surface.
Project description
computer-use-omni
A faithful 1:1 replica of Anthropic's official computer-use tool surface — for Windows, where Anthropic doesn't ship it. It lets the Claude Code CLI (or any MCP client) drive the Windows desktop the way Claude Desktop's built-in computer-use does: screenshots, mouse / keyboard / scroll / drag / batch input, clipboard, multi-monitor, and application launch.
Same tool names, same parameters, same coordinate semantics as the desktop tool — an agent that already knows Anthropic's computer-use works here unchanged. Built and verified against Claude Desktop's own computer-use as the ground-truth oracle.
Vision-and-coordinate based, like the official tool (rather than a UI-tree / accessibility approach) — for when you want Anthropic's computer-use paradigm on a Windows CLI.
Install
Requires Windows and Python 3.11+ (uv / uvx fetch Python for you).
Run standalone:
uvx computer-use-omni
Add to the Claude Code CLI:
claude mcp add computer-use-omni -s user -- uvx computer-use-omni
claude mcp list # expect: computer-use-omni … ✓ Connected
Or in Claude Desktop's claude_desktop_config.json:
{
"mcpServers": {
"computer-use-omni": { "command": "uvx", "args": ["computer-use-omni"] }
}
}
Example
On a multi-monitor rig every screenshot self-describes — it names the monitor it captured and what else is attached, so the agent never loses track of which screen it is looking at:
This screenshot was taken on monitor "\\.\DISPLAY2" (2560x1600, primary).
Other attached monitors: "\\.\DISPLAY1" (2560x1440). Use switch_display to
capture a different monitor.
open_application reports what actually happened instead of fire-and-forget:
Opened "Calculator". # a real window appeared
launched "…" but its process exited within ~2s # crashed on startup — reported, not faked
without showing a window …
Status
- 29 tools — 27 matching Claude Desktop's computer-use, plus
deactivateanddisplay_overview; a devreloadtool makes 30 whenCOMPUTER_USE_DEV=on. - 16-scenario end-to-end suite under
tests/(scen_*.json), each run through a fresh MCP process. - Built and verified on Windows 11 (2560×1600 @ 150% DPI) against Claude Desktop's computer-use as the oracle; the screenshot downscale matches CDC's ~1.2 MP within rounding.
- In daily use since 2026-06.
Tools
Matching Anthropic's computer-use (27): request_access, list_granted_applications, request_teach_access, screenshot, zoom, switch_display, cursor_position, mouse_move, left_click, right_click, middle_click, double_click, triple_click, left_click_drag, left_mouse_down, left_mouse_up, scroll, key, hold_key, type, wait, open_application, read_clipboard, write_clipboard, computer_batch, teach_step, teach_batch.
omni-specific (2):
deactivate— end the session without killing the process (glow off, controlling window restored, grants revoked); the counterpart torequest_access.display_overview— one composite, labeled image of all monitors laid out per the virtual-desktop arrangement (an orientation aid for "which screen is that window on?"; not a click surface).
All click / move / scroll / drag / zoom coordinates are in the image-pixel space of the most recent screenshot; the server maps them back to physical pixels.
How it works (the parts worth reading)
Faithful desktop visuals. While a session is active the server reproduces Claude Desktop's on-screen affordances, pixel-calibrated from reference captures: a static orange edge glow, a centered "Claude is using your computer" pill that flies to the corner, and the controlling window (the Windows Terminal running the CLI, or the Claude Desktop window itself) shrunk flush to the top-right and parked off-screen during each capture so screenshots show the true desktop with no black box. Click-through is kind-aware: a non-layered terminal drops to the bottom of the z-order for each synthetic click; the layered Claude Desktop window gets WS_EX_TRANSPARENT (the desktop tool's own approach) so clicks pass through to whatever is beneath — the window itself never moves, so the user's real mouse is unaffected.
Keyboard self-harm guard. Synthetic keystrokes go to whatever holds OS focus. If the controlling window (the Claude window, or the hosting terminal) is frontmost, type / key are blocked — otherwise the text would land in the agent's own conversation, or run as a shell command with a trailing Return. The guard is unconditional and identifies the control surface by window identity and owning process, while still leaving a second, unrelated terminal window a legitimate target. Mouse actions are exempt (a click carries its own coordinate).
Multi-monitor. Screenshots carry an event-driven note naming the captured monitor and flagging when it changed; open_application warns when a window opened on a different monitor than captures currently target — precisely, by monitor name, when it has the window handle; display_overview returns the all-screens map. The glow and shrink land on the controlling window's own monitor, leaving other displays untouched.
Honest launching & self-heal. open_application polls for a real window and distinguishes opened / running-no-window-yet / crashed-on-startup / nothing-launched instead of always reporting success. A force-killed session's shrunk terminal is restored on the next start from a small state file (guarded against window-handle reuse).
Hot-reload (dev). Set COMPUTER_USE_DEV=on to add a reload tool that importlib.reloads the logic modules in-process, so edited code takes effect without restarting the session — handy while developing automation against the server. It is off by default (the clean 29-tool surface).
See SPEC.md for the authoritative, tool-by-tool contract and the module architecture.
Differences from the desktop tool (by design)
A CLI has no permission GUI, so request_access auto-grants resolvable apps at tier:"full" and returns the same JSON shape; foreground gating is permissive by default (it only errors on an empty allowlist). Masking of non-allowlisted windows defaults off (the rect-based masker over-masks). Teach mode is a stub — it executes the step's actions and returns a screenshot, but there is no fullscreen tooltip overlay (a desktop-app feature). Each of these is controlled by the env vars below.
Configuration
| Variable | Default | Meaning |
|---|---|---|
COMPUTER_USE_MAX_PIXELS |
1200000 |
Max pixels in a downscaled screenshot (≈ 1.2 MP). |
COMPUTER_USE_MASKING |
off |
Mask non-allowlisted app windows in screenshots. |
COMPUTER_USE_ENFORCE_FOREGROUND |
off |
Block input when the frontmost app isn't allowlisted. |
COMPUTER_USE_AUTOGRANT |
on |
Auto-grant resolvable apps on request_access. |
COMPUTER_USE_DEV |
off |
Register the developer reload hot-reload tool (on → 30 tools). |
COMPUTER_USE_LOG_DIR |
%LOCALAPPDATA%\computer-use-omni\logs |
Directory for the rotating mcp.log (tool calls + tracebacks). |
COMPUTER_USE_GLOW |
on |
Static orange edge glow while a session is active. |
COMPUTER_USE_SHRINK_TERMINAL |
on |
Shrink the controlling window to the top-right corner. |
COMPUTER_USE_HIDE_CONTROLLING |
on |
Park the controlling window off-screen during captures. |
COMPUTER_USE_PILL |
on |
Centered "Claude is using your computer" pill. |
COMPUTER_USE_GLOW_COLOR |
217,119,87 |
Glow / pill color (#D97757). |
COMPUTER_USE_GLOW_ALPHA |
0.4 |
Peak glow opacity at the very edge. |
COMPUTER_USE_GLOW_BAND |
0.05 |
Glow band width as a fraction of the smaller screen dimension. |
COMPUTER_USE_GLOW_EXCLUDE |
on |
Exclude the glow / pill from captures. |
Gotchas (real Windows behavior)
- IME affects
key/hold_key, nottype.typeinjects Unicode directly and bypasses the input method (CJK and emoji work in any layout).key/hold_keysend virtual-key codes that pass through the active IME — so with a Chinese IME active, sending the letteraopens a pinyin candidate list instead of typinga. Usetypefor text; switch the IME to English for letter shortcuts. - Elevated apps (Task Manager, UAC prompts, admin installers) can't be driven — Windows UIPI blocks input from a non-elevated process. Same limitation as the desktop tool.
Tests
tests/ holds a 16-scenario end-to-end suite (scen_*.json) plus the driver that launches a fresh server and runs a scenario's JSON list of tool calls, interleaving the returned images:
uv run python tests/drive.py tests/scen_calc.json # compute 7×8 by clicks, screenshot, verify
tests/dev/ holds the one-off Win32 probes written during development (glow/pill sampling, z-order and capture-affinity experiments).
Tech stack
Python ≥ 3.11, packaged with uv, src layout, hatchling. mcp Python SDK (FastMCP) over stdio; mss for capture; pillow for imaging; pywin32 + ctypes for DPI awareness, window / clipboard / foreground access, and raw Win32 SendInput mouse/keyboard injection.
License
MIT © Jason26214
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file computer_use_omni-1.0.0.tar.gz.
File metadata
- Download URL: computer_use_omni-1.0.0.tar.gz
- Upload date:
- Size: 140.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.11.8 {"installer":{"name":"uv","version":"0.11.8","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":null,"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
6ac96e02c3d6465abbbb57c5b54c25d1621032156c6c293762304874ced31d8b
|
|
| MD5 |
9d809d4f238a1f481e222cc5b8235e02
|
|
| BLAKE2b-256 |
d5e69e36474fbbc9e145093205ddceca7093c6a18d07e10a4b8266a5bdcbdc92
|
File details
Details for the file computer_use_omni-1.0.0-py3-none-any.whl.
File metadata
- Download URL: computer_use_omni-1.0.0-py3-none-any.whl
- Upload date:
- Size: 83.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.11.8 {"installer":{"name":"uv","version":"0.11.8","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":null,"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e7298b396bea59c33107dce7b14ba839fdff38e36cf51ca28303ee7383ee977e
|
|
| MD5 |
fb20c10689c54cca31d8f7ba00348cf6
|
|
| BLAKE2b-256 |
14d32f414065ccca09bc3d2bbb718818212b5ab1367fcba986fafc2bc552af5c
|