Skip to content

Edison-Watch/desktop

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

198 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Edison Watch - Desktop

The local control plane for your AI tools' MCP servers - discover, quarantine, and encrypt, all from your menu bar.

What it doesGetting StartedInstallationBuild from sourceHow it worksArchitectureCredits

License: AGPL v3 Built with Electron Platform: macOS · Windows · Linux macOS build


Edison Watch Desktop is the local control plane for Edison Watch that governs the MCP servers wired into your AI tools, using a menu-bar app that watches every client on your machine. It discovers the servers your AI clients have configured, quarantines risky or unapproved ones before they can run, encrypts their credentials with zero-knowledge keys, and bridges local servers to the Edison Watch gateway through a single outbound tunnel. Built for developers who run MCP servers across many AI clients and want one place to see and control them all.

Discover → review → approve → encrypt → bridge, without secrets ever leaving your device in the clear.

Edison Watch Desktop architecture: AI clients, the renderer, the main process and the edison-stdiod daemon run locally on your machine; the desktop app and the daemon reach the remote Edison Watch cloud over two outbound-initiated but bidirectional links, and the backend pushes events (trifecta / pre-block approvals, quarantine) back to the app.

Warning

Edison Watch Desktop is experimental software under active development and has not had an independent security audit. It is a client for the Edison Watch platform - it requires an Edison Watch account and connects to the Edison backend. UI, on-disk formats, and behavior may change before a 1.0 release.

What it does

Modern AI tools (Claude, Cursor, VS Code, and friends) connect to MCP servers that can read your files, hold credentials, and reach the network. They're configured in a dozen different places and are easy to lose track of. Edison Watch Desktop gives you one place to see and control them:

  • Discover - every MCP server configured across the AI clients installed on your machine, with no manual inventory.
  • Quarantine - newly-appeared or unapproved servers ("shadow MCPs") before they can run, with a review-and-approve flow.
  • Encrypt - credentials with zero-knowledge keys (personal and organization), so secrets never leave your device in the clear.
  • Bridge - local stdio MCP servers to the Edison Watch gateway through the bundled edison-stdiod daemon: a single outbound, no-inbound-ports tunnel, so they're reachable and governed without being exposed.
  • Stay current - with in-app auto-updates.

Supported AI clients

Claude Code · Claude Desktop · Claude Cowork · Cursor · VS Code · Windsurf · Zed · JetBrains IDEs · Codex

Getting Started

  1. Install the app - see Installation (or build from source until signed installers ship).
  2. Launch it - the app lives in your menu bar / system tray. A setup wizard walks you through signing in, connecting your installed AI clients, and setting up encryption.
  3. Review - from then on the app watches your clients' MCP configuration, surfaces changes for approval, and keeps the tunnel to the Edison Watch backend healthy.

New to MCP? See the Model Context Protocol docs.

Installation

Note

Prebuilt, signed installers will be published on the Releases page. Until then, build from source.

Platform Format
macOS .dmg (universal - Apple Silicon + Intel)
Windows .exe installer (x64, arm64)
Linux .AppImage (x64, arm64)

Build from source

TLDR: git clonenpm installnpm run dev.

⚙️ Building from source

You'll need Node.js 22+ and npm. The app depends on @edison-watch/shared, published to npm, so a plain clone and install pulls everything in:

git clone https://github.com/Edison-Watch/desktop.git
cd desktop
npm install

Then:

npm run dev          # run the app in development with hot reload
npm run build        # typecheck + build the renderer/main/preload bundles
npm run typecheck    # typecheck only (node + web projects)
npm run test         # unit tests (vitest)

Packaging installers also bundles the edison-stdiod daemon and per-platform runtimes; see the build:mac / build:win / build:linux scripts in package.json and the helpers under scripts/.

How it works

The app runs in your menu bar / system tray and supervises the bundled edison-stdiod daemon. On first launch a setup wizard walks you through signing in, connecting your installed AI clients, and setting up encryption. From then on it watches your clients' MCP configuration, surfaces changes for review, and keeps the tunnel to the Edison Watch backend healthy.

Architecture

TLDR: everything runs locally except the Edison Watch cloud; the desktop app and edison-stdiod reach it over two outbound-initiated but bidirectional links, and the backend pushes events (trifecta / pre-block approvals, quarantine) back to the app.

Expand

Same diagram as docs/architecture.svg above, rendered as ASCII so it shows up anywhere. It captures the durable component and trust/network boundaries - not the on-disk layout, which is free to change. Both links to the cloud are initiated outbound from your machine (no inbound ports), but data flows both ways: the backend pushes events back to the app.

YOUR MACHINE (everything below runs locally)
┌────────────────────────────────────────────────────────────┐
│  AI clients (Claude · Cursor · VS Code · …)                 │
│       │  MCP configs watched on disk                        │
│       ▼                                                     │
│  Edison Watch Desktop app                                   │
│     Renderer UI  ◀─ IPC / preload bridge ─▶  Main process   │
│       │  supervises                                         │
│       ▼                                                     │
│  edison-stdiod daemon  (bridges local stdio MCP servers)    │
└────────────────────────────────────────────────────────────┘
      ▲                                          ▲
      │ control plane (app ⇅ backend)            │ MCP bridge
      │ backend PUSHES events to app:            │ outbound-initiated
      ▼ trifecta / approvals / quarantine        ▼ tunnel, no inbound ports
┌────────────────────────────────────────────────────────────┐
│  Edison Watch cloud  (remote · off your machine)            │
│  backend API   ·   MCP gateway                              │
└────────────────────────────────────────────────────────────┘

Environment Variables

TLDR: Code-signing secrets for release builds (see .env.example); dev toggles for local runs.

Expand

Release / code-signing (macOS):

Variable Description
CSC_LINK Path or base64 of the Developer ID signing certificate
CSC_KEY_PASSWORD Password for the signing certificate
APPLE_ID Apple ID used for notarization
APPLE_APP_SPECIFIC_PASSWORD App-specific password for notarization
APPLE_TEAM_ID Apple Developer Team ID

Development / runtime toggles:

Variable Description
EDISON_DRY_RUN Set to 1 to short-circuit the edison-stdiod daemon (used by Playwright/Storybook/tests)
EDISON_DEBUG_RENDERER Set to true to open the renderer DevTools on launch
EW_UPDATE_TEST / EW_UPDATE_FEED Point auto-update at a local feed for testing without publishing

Related repositories

Security

Please do not report security issues through public GitHub issues or pull requests. Report privately via the repository's Security tab ("Report a vulnerability") or by emailing security@edison.watch.

Contributing

Issues and focused pull requests are welcome. Please keep changes small and run npm run typecheck and npm run test before opening a PR.

Credits

This software is built with:

About the Core Contributors

Edison Watch Desktop contributors

Made with contrib.rocks.

License

Licensed under the GNU Affero General Public License v3.0.

About

Multi-platform Desktop App for the Edison Watch AI security platform

Resources

License

Stars

Watchers

Forks

Packages

 
 
 

Contributors

Languages