MacWright is powerful local automation software. It can move the mouse, type, read UI state, inspect the clipboard, run AppleScript, and execute shell commands.

MacWright is designed for local stdio MCP use by a trusted agent or MCP client on your Mac. Do not expose it over an unauthenticated network transport or connect it to untrusted model/tool-routing infrastructure.

macOS permissions must be granted manually to the controlling app that launches MacWright. This may be Terminal, iTerm, Ghostty, Claude Desktop, Hermes Agent, or another launcher. Required permissions depend on the tools you use:

• Accessibility for mouse, keyboard, window, and Accessibility API control.
• Screen Recording for screenshots and visual verification.
• Automation prompts for AppleScript/System Events/app control.
• Input Monitoring may be requested by macOS for keyboard input.

After changing permissions, restart the controlling app.

Please open a private GitHub security advisory if available, or contact the maintainer directly before public disclosure. Include reproduction steps, affected version/commit, and the expected impact.

• Connect only trusted MCP clients.
• Review agent prompts before allowing destructive actions.
• Avoid running MacWright with elevated privileges.
• Do not store secrets in prompts, shell history, or MCP configuration.
• Be especially careful with run_shell, run_applescript, clipboard tools, and file-dialog automation.