Most AI coding workflows hit the same wall eventually. ChatGPT can suggest what command to run, propose a patch, or ask for a log file — but the actual project, the real repo, the broken build output, and the live browser session all live on your computer. chatgpt-local-agent-mcp closes that gap. It is a local MCP server for Windows that gives ChatGPT supervised access to your filesystem, shell, Git, browser, screen, and desktop through the Model Context Protocol. You keep full visibility and control; ChatGPT gains the ability to work against the same local reality you are working with instead of guessing from copied snippets.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/XxYouDeaDPunKxX/chatgpt-local-agent-mcp/llms.txt
Use this file to discover all available pages before exploring further.
The core concept
ChatGPT stays the brain. This gives it supervised hands on your PC. With the server running, ChatGPT can read and write files, apply patches, run build commands, inspect Git diffs, open browser sessions, capture screenshots, and operate the desktop — all from within a normal ChatGPT conversation. Every capability goes through a local server you own, bound to127.0.0.1 by default, with OAuth gating all remote access.
The goal is not to make ChatGPT autonomous. The goal is to let ChatGPT work with the same local context you are working with, while you supervise what it does.
Two setup paths
There are two distinct things to set up, and they should be done in order. Path A — local-only smoke test proves the server starts and the dashboard responds. No Cloudflare, no GitHub OAuth App, no ChatGPT connector, and no public URL are involved. This is always the right first step.Tool categories
The server registers tools across eight categories, each controlled by a dedicated MCP scope:| Category | Scope | What it covers |
|---|---|---|
| Workspace | mcp:read | Workspace info, profile listing |
| Filesystem | mcp:read / mcp:write / mcp:patch / mcp:delete | Read, write, patch, copy, move, delete, search, hash, tree, stat |
| Git | mcp:git | Status, diff, commit |
| Shell | mcp:shell | Command execution in a workspace directory |
| Process | mcp:process | Start, stop, kill, port list, log tail, wait for port |
| Browser | mcp:browser | Sessions, navigation, snapshots, console, network, screenshots, CDP attach |
| Screen | mcp:screen | Screenshots, OCR hook, window listing |
| Desktop | mcp:desktop | Mouse and keyboard automation |
Security model
Security is layered across four mechanisms:-
OAuth controls who can connect. GitHub is the identity provider. After a GitHub login, the server checks an allowlist (
ALLOWED_GITHUB_LOGINS) before issuing a local MCP authorization code. ChatGPT then connects as the MCP OAuth client using its own separate client credentials. -
Scopes limit tool categories. Each tool belongs to a scope. An access token that was issued without
mcp:shell, for example, cannot call shell tools regardless of what ChatGPT requests. -
Workspace profiles restrict filesystem paths. By default the server creates one profile per detected drive root (e.g.
C:\,D:\), giving full-machine access. Custom profiles defined viaGPT_FS_MCP_WORKSPACE_PROFILES_JSONrestrict all filesystem, shell, and process tools to declared root paths and their allowed policy modes. -
Policy modes limit destructive operations. The
GPT_FS_MCP_MAX_POLICY_MODEsetting caps the highest-risk operations the server will execute. Shell and process policies (GPT_FS_MCP_SHELL_POLICY,GPT_FS_MCP_PROCESS_POLICY) can be set toworkspace_guardedto keep commands anchored to workspace paths.
Quick navigation
Quickstart
Install the server, run a local smoke test, and confirm the dashboard works in under 10 minutes.
Path A — Local Smoke Test
Step-by-step guide to proving the local server starts before configuring any remote access.
Path B — Remote Connector
Configure GitHub OAuth, Cloudflare Tunnel, and ChatGPT connector credentials for remote access.
Tools Overview
Browse all 50+ registered tools across the eight tool categories with their scopes and policy modes.
What ChatGPT can help with
Once the server is running and connected, ChatGPT can assist with tasks like:- Inspect a local project — read files, list directories, and build a map of a codebase
- Apply patches and write or update files directly without copy-pasting
- Run build commands, test suites, and diagnostic scripts and read the output
- Inspect Git status, diffs, and history, and create commits
- List running processes and open ports
- Tail log files and wait for services to become available
- Open browser automation sessions, navigate pages, and capture console or network output
- Take screenshots and inspect what is currently visible on screen
- List open windows and use mouse or keyboard actions when needed
- Show live server and workspace status through the local dashboard
ChatGPT still has its own safety layer. Some write, submit, send, post, authenticated browser, or desktop actions may be blocked or require confirmation on the ChatGPT/OpenAI side. Those limits are enforced by the platform, not by this server.