Safe Local Python Executor/Interpreter
local-only server
The server can only run on the client’s local machine because it depends on local resources.
Integrations
Integrates with Hugging Face's LocalPythonExecutor from the smolagents framework to provide secure Python code execution capabilities with basic isolation and security for running LLM-generated Python code.
Safe Local Python Executor
An MCP server (stdio transport) that wraps Hugging Face's LocalPythonExecutor
(from the smolagents framework). It is a custom Python runtime that
provides basic isolation/security when running Python code generated by LLMs locally. It does not require Docker or VM.
This package allows to expose the Python executor via MCP (Model Context Protocol) as a tool for LLM apps like Claude Desktop, Cursor or any other MCP compatible client.
In case of Claude Desktop this tool is an easy way to add a missing Code Interpreter (available as a plugin in ChatGPT for quite a while already).
Features
- Exposes
run_pythontool - Safer execution of Python code compared to direct use of Python
eva()l - Ran via uv in Python venv
- No file I/O ops are allowed
- Restricted list of imports
- collections
- datetime
- itertools
- math
- queue
- random
- re
- stat
- statistics
- time
- unicodedata
Security
Be careful with execution of code produced by LLM on your machine, stay away from MCP servers that run Python via command line or using eval(). The safest option is using a VM or a docker container, though it requires some effort to set-up, consumes resources/slower. There're 3rd party servcices providing Python runtime, though they require registration, API keys etc.
LocalPythonExecutor provides a good balance between direct use of local Python environment (which is easier to set-up) AND remote execution in Dokcer container or a VM/3rd party service (which is safe). Hugginng Face team has invested time into creating a quick and safe option to run LLM generated code used by their code agents. This MCP server builds upon it:
To add a first layer of security, code execution in smolagents is not performed by the vanilla Python interpreter. We have re-built a more secure LocalPythonExecutor from the ground up.
Read more here.
Installation and Execution
- Install
uv(e.h.brew install uvon macOS or use official docs) - Clone the repo, change the directory
cd mcp_safe_local_python_executor - The server can be started via command line
uv run mcp_server.py, venv will be created automatically, depedencies (smollagents, mcp) will be installed
Configuring Claude Desktop
- Make sure you have Claude for Desktop installed (download from claude.ai)
- Edit your Claude for Desktop configuration file:
- macOS:
~/Library/Application Support/Claude/claude_desktop_config.json - Windows:
%APPDATA%\Claude\claude_desktop_config.json - Or open Claude Desktop -> Settings -> Developer -> click "Edit Config" button
- macOS:
- Add the following configuration:
- Restart Claude for Desktop
- The Python executor tool will now be available in Claude (you'll see hammer icon in the message input field)
Example Prompts
Once configured, you can use prompts like:
- "Calculate the factorial of 5 using Python"
- "Create a list of prime numbers up to 100"
- "Solve this equation (use Python): x^2 + 5x + 6 = 0"
Development
Clone the repo. Use uv to create venv, install dev dependencies, run tests:
This server cannot be installed
Stdio MCP Server wrapping custom Python runtime (LocalPythonExecutor) from Hugging Faces' smolagents framework. The runtime combines the ease of setup (compared to docker, VM, cloud runtimes) while providing safeguards and limiting operations/imports that are allowed inside the runtime.