A
securityA
licenseA
qualityA secure shell command execution server implementing the Model Context Protocol (MCP). This server allows remote execution of whitelisted shell commands with support for stdin input.
Last updated -
1
131
MIT License
Displays code coverage metrics and provides access to coverage reports through the codecov.io service as indicated by the badge in the README.
Provides secure execution of whitelisted shell commands, with validation of shell operators, preventing command injection, and supporting features like stdin input, timeout controls, and working directory specification.
MCP Shell Server
A secure server for executing shell commands that implements the Model Context Protocol (MCP). This server allows remote execution of authorized shell commands with support for input via stdin.
Features
Secure Command Execution : Only authorized commands can be executed
Standard Input Support : Passes input to commands via stdin
Comprehensive Output : Returns stdout, stderr, exit code and execution time
Security with Shell Operators : Validates commands after shell operators (;, &&, ||, |)
Timeout Control : Sets maximum execution time for commands
Configuring the MCP client in your Claude.app
Published version
Local version
Settings
Installation
Use
Starting the Server
The ALLOW_COMMANDS environment variable (or its alias ALLOWED_COMMANDS ) specifies which commands can be executed. Commands can be separated by commas with optional spaces around them.
Valid formats for ALLOW_COMMANDS or ALLOWED_COMMANDS:
Request Format
Response Format
Successful response:
Error response:
Security
The server implements several security measures:
Command Whitelist : Only explicitly allowed commands can be executed
Shell Operator Validation : Commands after shell operators (;, &&, ||, |) are also validated against the whitelist
No Shell Injection : Commands are executed directly without shell interpretation
Development
Setting Up the Development Environment
Clone the repository
Install dependencies including test requirements
Running Tests
API Reference
Request Arguments
Field | Type | Mandatory | Description |
command | string[] | Yes | Command and its arguments as array elements |
stdin | string | No | Input to be passed to the command |
directory | string | No | Working directory for executing the command |
timeout | whole | No | Maximum execution time in seconds |
Response Fields
Field | Type | Description |
stdout | string | Standard output of the command |
stderr | string | Command error output |
status | whole | Exit status code |
execution_time | float | Time taken to execute (in seconds) |
error | string | Error message (present only if failed) |
Requirements
Python 3.11 or higher
mcp>=1.1.0
License
MIT License - See LICENSE file for details
remote-capable server
The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.
Tools
A secure server that implements the Model Context Protocol (MCP) to enable controlled execution of authorized shell commands with stdin support.
Related MCP Servers
- AsecurityAlicenseAqualityA Model Context Protocol server that provides secure command-line access to Windows systems, allowing MCP clients like Claude Desktop to safely execute commands in PowerShell, CMD, and Git Bash shells with configurable security controls.Last updated -9297248MIT License
- AsecurityAlicenseAqualityA secure terminal execution server that enables controlled command execution with security features and resource limits via the Model Context Protocol (MCP).Last updated -1307MIT License
- AsecurityAlicenseAqualityAn MCP server that enables secure execution of shell commands across Windows, macOS, and Linux with built-in whitelisting and approval mechanisms for enhanced security.Last updated -9507MIT License