Shell
STDIOSecure shell command execution server implementing MCP for whitelisted command execution with comprehensive output
Secure shell command execution server implementing MCP for whitelisted command execution with comprehensive output
A secure shell command execution server implementing the Model Context Protocol (MCP). This server allows remote execution of whitelisted shell commands with support for stdin input.
code ~/Library/Application\ Support/Claude/claude_desktop_config.json
{ "mcpServers": { "shell": { "command": "uvx", "args": [ "mcp-shell-server" ], "env": { "ALLOW_COMMANDS": "ls,cat,pwd,grep,wc,touch,find" } }, } }
code ~/Library/Application\ Support/Claude/claude_desktop_config.json
{ "mcpServers": { "shell": { "command": "uv", "args": [ "--directory", ".", "run", "mcp-shell-server" ], "env": { "ALLOW_COMMANDS": "ls,cat,pwd,grep,wc,touch,find" } }, } }
To install Shell Server for Claude Desktop automatically via Smithery:
npx -y @smithery/cli install mcp-shell-server --client claude
To install Shell Server for Claude Desktop automatically via Smithery:
npx -y @smithery/cli install mcp-shell-server --client claude
pip install mcp-shell-server
To install Shell Server for Claude Desktop automatically via Smithery:
npx -y @smithery/cli install mcp-shell-server --client claude
ALLOW_COMMANDS="ls,cat,echo" uvx mcp-shell-server # Or using the alias ALLOWED_COMMANDS="ls,cat,echo" uvx mcp-shell-server
The ALLOW_COMMANDS (or its alias ALLOWED_COMMANDS ) environment variable specifies which commands are allowed to be executed. Commands can be separated by commas with optional spaces around them.
Valid formats for ALLOW_COMMANDS or ALLOWED_COMMANDS:
ALLOW_COMMANDS="ls,cat,echo" # Basic format ALLOWED_COMMANDS="ls ,echo, cat" # With spaces (using alias) ALLOW_COMMANDS="ls, cat , echo" # Multiple spaces
# Basic command execution { "command": ["ls", "-l", "/tmp"] } # Command with stdin input { "command": ["cat"], "stdin": "Hello, World!" } # Command with timeout { "command": ["long-running-process"], "timeout": 30 # Maximum execution time in seconds } # Command with working directory and timeout { "command": ["grep", "-r", "pattern"], "directory": "/path/to/search", "timeout": 60 }
Successful response:
{ "stdout": "command output", "stderr": "", "status": 0, "execution_time": 0.123 }
Error response:
{ "error": "Command not allowed: rm", "status": 1, "stdout": "", "stderr": "Command not allowed: rm", "execution_time": 0 }
The server implements several security measures:
git clone https://github.com/yourusername/mcp-shell-server.git cd mcp-shell-server
pip install -e ".[test]"
pytest
| Field | Type | Required | Description |
|---|---|---|---|
| command | string[] | Yes | Command and its arguments as array elements |
| stdin | string | No | Input to be passed to the command |
| directory | string | No | Working directory for command execution |
| timeout | integer | No | Maximum execution time in seconds |
| Field | Type | Description |
|---|---|---|
| stdout | string | Standard output from the command |
| stderr | string | Standard error output from the command |
| status | integer | Exit status code |
| execution_time | float | Time taken to execute (in seconds) |
| error | string | Error message (only present if failed) |
MIT License - See LICENSE file for details