Documentation

Everything you need to give your AI assistant access to your computer's tools.

Overview

MCPLink is a relay proxy that implements the Model Context Protocol (MCP). It lets AI assistants — like Claude, GPT-4, or any MCP-compatible client — call tools on your computer, from anywhere, without port forwarding or VPN setup.

The architecture has three parts:

Your computer — runs the MCPLink client, which connects outbound to the proxy over WebSocket and waits for tool call requests.
The MCPLink proxy — hosted at mcp.lxg2it.com. Routes tool calls between AI clients and your device.
Your AI assistant — configured to use your MCP endpoint URL. Calls tools through the proxy.

No inbound ports required. The client always initiates the connection to the proxy. Your firewall doesn't need any changes.

Installation

Desktop client

Download the client for your platform from the downloads section and run the installer. The client will start automatically and appear in your system tray.

On first launch, the client registers your device with the proxy and generates your MCP URL. You can find your URL in the client's main window — it looks like:

https://mcp.lxg2it.com/{device-id}/mcp

CLI (npx)

If you prefer the command line:

npx @mcplink/client register
npx @mcplink/client start

Run npx @mcplink/client --help for all available commands.

Connecting your AI

Add your MCP endpoint to your AI assistant's configuration. The exact steps vary by client:

Claude Desktop

Edit your claude_desktop_config.json:

{
  "mcpServers": {
    "mcplink": {
      "url": "https://mcp.lxg2it.com/{your-device-id}/mcp"
    }
  }
}

Cursor / VS Code (Continue)

Add a remote MCP server entry pointing to your URL. Refer to your client's documentation for the exact config key — most MCP-compatible clients accept a URL directly.

Keep your MCP URL private. Anyone with your URL can invoke tools on your device. If you believe your URL has been compromised, revoke it from your account page.

MCP URL format

Your MCP endpoint URL has this structure:

https://mcp.lxg2it.com/{device-id}/mcp

The {device-id} is a UUID assigned when your device first registers. It is used for routing and does not contain personally identifiable information.

You can find your device key in the desktop client or by calling POST /auth/register — the response includes a deviceId field.

Available tools

MCPLink exposes a set of built-in tools. Your device registers which tools it supports when it connects; only registered tools appear in the AI's tool list.

Default-on tools

These tools are available immediately — no consent required:

screenshot

Capture the current screen contents as an image.

get_screen_info

Return information about connected displays (resolution, scale factor).

read_file

Read a file from the local filesystem and return its contents.

Consent-required tools

These tools are hidden by default. The AI must call enable_tool first — which is designed to prompt the AI to confirm with you before proceeding:

shell_exec

Run a shell command and return stdout/stderr.

write_file

Write or overwrite a file on the local filesystem.

mouse_click

Simulate a mouse click at a screen coordinate.

mouse_move

Move the mouse cursor to a screen coordinate.

key_tap

Simulate a key press or keyboard shortcut.

type_text

Type a string of text as if from the keyboard.

Tool permissions

The permission system is enforced at the proxy — it cannot be bypassed by the AI client or the device.

For consent-required tools, the AI must call the enable_tool meta-tool:

// Example: AI requests shell access
tools/call enable_tool { "tool": "shell_exec", "reason": "Run test suite" }

The enable_tool description instructs the AI to ask you first before calling it. Once granted, consent is scoped to the current session — it resets when your device reconnects.

You can revoke consent for a specific tool at any time by asking your AI to call disable_tool, or by reconnecting the client.

Rate limits

MCPLink enforces two levels of rate limiting to keep the service fair:

Daily quota

Each plan includes a daily call allowance that resets at midnight UTC. This is the primary limit and matches what's shown on the pricing page.

Per-minute burst limit

A secondary burst limit prevents individual sessions from spiking the proxy. This is a rolling 60-second window.

Plan	Daily calls	Burst limit
Free	500 / day	30 / minute
Developer	10,000 / day	200 / minute
Pro	100,000 / day	600 / minute

When a limit is exceeded, the proxy returns a JSON-RPC error with code -32029 and a message indicating which limit was hit and when to retry. Your device stays connected — there's no need to reconnect.

{
  "error": {
    "code": -32029,
    "message": "Rate limit exceeded (500 calls/day on free plan). Retry in 43201s."
  }
}

Authentication

Devices authenticate with a JWT bearer token passed in the Authorization header of the WebSocket upgrade request. The client handles this automatically.

Tokens expire after 30 days. A refresh token (valid 90 days) is issued alongside the access token; the client exchanges it automatically before expiry. Both are stored locally on your device.

To revoke all tokens for a device (e.g. if your device is lost), call:

POST /auth/revoke
Authorization: Bearer {your-token}

Or use the revoke button on your account page.

Plans

Full plan details are on the pricing page. A few things worth knowing:

The free plan is free forever — no credit card required.
Paid plans are monthly subscriptions via Stripe. Cancel any time.
Daily limits reset at midnight UTC, not at your local midnight.
Burst limits are per-device, not per-account. Multiple devices on a paid plan each get their own burst window.

FAQ

Does MCPLink log my tool calls?

No. Tool call content passes through the proxy in memory and is never written to disk or logged. See the privacy policy for full details.

What happens when my daily limit is hit?

Tool calls return a rate limit error until midnight UTC, at which point the counter resets. Your device stays connected — there's no disconnection or re-registration required.

Can I use MCPLink with multiple AI clients simultaneously?

Yes. Your MCP URL can be added to multiple AI clients. Each call counts against your daily limit regardless of which client made it.

Can I have multiple devices on one account?

Each device registers independently and gets its own URL and daily quota. The Developer plan supports up to 3 devices; Pro supports up to 10. On the Free plan, each device you register is treated as a separate free account.

What does "session-scoped consent" mean?

Consent for restricted tools (like shell_exec) is granted per connection, not permanently. When the MCPLink client reconnects, all consent resets to the default state. This prevents stale permissions from accumulating over time.

Can the AI call tools without my knowledge?

For consent-required tools, no — the AI must call enable_tool first, and the tool's description is written to encourage the AI to ask you before enabling it. For default-on tools (screenshot, read_file, get_screen_info), yes — these are available as soon as the AI connects. If you don't want these available, you can disconnect the client.

Is MCPLink open source?

The desktop client is closed source for now. The protocol package (@mcplink/protocol) is published on npm.

How do I report a bug or security issue?

For bugs, email support@lxg2it.com. For security issues, please email security@lxg2it.com privately rather than posting publicly.