Displays code coverage metrics and provides access to coverage reports through the codecov.io service as indicated by the badge in the README.
Provides secure execution of whitelisted shell commands, with validation of shell operators, preventing command injection, and supporting features like stdin input, timeout controls, and working directory specification.
MCP Shell Server
A secure server for executing shell commands that implements the Model Context Protocol (MCP). This server allows remote execution of authorized shell commands with support for input via stdin.
Features
Secure Command Execution : Only authorized commands can be executed
Standard Input Support : Passes input to commands via stdin
Comprehensive Output : Returns stdout, stderr, exit code and execution time
Security with Shell Operators : Validates commands after shell operators (;, &&, ||, |)
Timeout Control : Sets maximum execution time for commands
Related MCP server: Windows CLI MCP Server
Configuring the MCP client in your Claude.app
Published version
Local version
Settings
Installation
Use
Starting the Server
The ALLOW_COMMANDS environment variable (or its alias ALLOWED_COMMANDS ) specifies which commands can be executed. Commands can be separated by commas with optional spaces around them.
Valid formats for ALLOW_COMMANDS or ALLOWED_COMMANDS:
Request Format
Response Format
Successful response:
Error response:
Security
The server implements several security measures:
Command Whitelist : Only explicitly allowed commands can be executed
Shell Operator Validation : Commands after shell operators (;, &&, ||, |) are also validated against the whitelist
No Shell Injection : Commands are executed directly without shell interpretation
Development
Setting Up the Development Environment
Clone the repository
Install dependencies including test requirements
Running Tests
API Reference
Request Arguments
Field | Type | Mandatory | Description |
command | string[] | Yes | Command and its arguments as array elements |
stdin | string | No | Input to be passed to the command |
directory | string | No | Working directory for executing the command |
timeout | whole | No | Maximum execution time in seconds |
Response Fields
Field | Type | Description |
stdout | string | Standard output of the command |
stderr | string | Command error output |
status | whole | Exit status code |
execution_time | float | Time taken to execute (in seconds) |
error | string | Error message (present only if failed) |
Requirements
Python 3.11 or higher
mcp>=1.1.0
License
MIT License - See LICENSE file for details