Supports loading environment variables from .env files for use in tool configurations and command execution
Enables running test suites through pytest, with support for targeting specific test files
Provides ability to execute Python-based tools and scripts, supporting project-specific development workflows
Uses YAML configuration files to define tools, parameters, and execution environments for the MCP server
ActionsMCP
ActionsMCP is an MCP (Model Context Protocol) server that exposes project-specific development tools (tests, linters, typecheckers, etc.) as standardized functions through a simple YAML configuration file. This allows coding assistants like Cursor, Windsurf, and others to discover and use your project's development tools without requiring manual approval for each command execution.
Features
- Standardized Tool Access: Expose your project's development tools to any MCP-compatible coding assistant
- Security Focused: Path validation, environment variable controls, and safe command execution
- Flexible Configuration: Define tools with parameters, default values, and execution paths
- Environment Variable Support: Load from existing environment or
.env
files - Smart Terminal Output: Processes ANSI codes and control characters for clean responses
- Easy Deployment: Install and run with
uvx
for immediate use
Quick Start
- Install with uv:
- Create an
actions_mcp.yaml
file in your project root: - Run the server:
Configuration File Specification
The actions_mcp.yaml
file defines the tools that will be exposed through the MCP server.
Top-level Fields
server_name
(optional): Name of the MCP server (default: "ActionsMCP")server_description
(optional): Description of the MCP server (default: "Project-specific development tools exposed via MCP")project_root
(optional): Relative path to the project root from the config file locationactions
(required): Array of action definitions
Action Fields
Each action in the actions
array can have the following fields:
name
(required): Unique identifier for the tooldescription
(required): Human-readable description of what the tool doescommand
(required): The CLI command to executerun_path
(optional): Relative path from project root where the command should be executedparameters
(optional): Array of parameter definitions
Parameter Fields
Each parameter in an action's parameters
array can have the following fields:
name
(required): Parameter name (used as environment variable name in commands)type
(required): One of the following parameter types:project_file_path
: A local path within the project, relative to project root. Validated to ensure it's within project boundaries and exists.required_env_var
: An environment variable that must be set before the server starts. Not specified by the calling model.optional_env_var
: An optional environment variable. Not specified by the calling model.insecure_string
: Any string from the model. No validation. Use with caution.
description
(optional): Human-readable description of the parameterdefault
(optional): Default value for the parameter
Parameter Types Explained
project_file_path
This parameter type ensures security by validating that paths are within the project boundaries:
The server will validate that TEST_FILE
is within the project and exists.
required_env_var
These parameters must be set in the environment before starting the server:
If DEPLOY_KEY
is not set in the environment, the server will fail to start with a clear error message.
optional_env_var
Similar to required_env_var
but optional:
insecure_string
Allows any string input from the coding assistant. Use with caution:
Running with Coding Assistants
Cursor
- Open your project in Cursor
- Go to Settings → Models → MCP Servers
- Add a new server with the command:
uvx actions-mcp
- The coding assistant will now have access to your project's tools
Windsurf
- Open your project in Windsurf
- Configure the MCP server to run:
uvx actions-mcp
- Use the tools directly from the coding assistant interface
Security Features
ActionsMCP implements several security measures to protect your project:
- Path Validation: All
project_file_path
parameters are validated to ensure they:- Are within the project boundaries
- Don't contain directory traversal sequences (
..
,~
,$HOME
) - Actually exist in the project
- Environment Variable Controls:
required_env_var
andoptional_env_var
parameters are managed by the developer, not the coding assistant- This prevents coding assistants from accessing sensitive variables
- Safe Command Execution:
- Uses
subprocess.run
withshell=False
to prevent shell injection - Uses
shlex.split
to properly separate command arguments - Implements timeouts to prevent infinite running commands
- Uses
- Insecure String Warnings:
- Documents the risks of using
insecure_string
parameters - Encourages developers to use more secure parameter types when possible
- Documents the risks of using
Example Configuration
Here's a comprehensive example showing all features:
Development
To run tests:
To run the server locally:
License
MIT
This server cannot be installed
hybrid server
The server is able to function both locally and remotely, depending on the configuration or use case.
A Model Context Protocol server that exposes project-specific development tools (tests, linters, typecheckers) to coding assistants through a simple YAML configuration, eliminating the need for manual command approval.
Related MCP Servers
- AsecurityAlicenseAqualityA Model Context Protocol server that provides tools for code modification and generation via Large Language Models, allowing users to create, modify, rewrite, and delete files using structured XML instructions.Last updated -121PythonMIT License
- AsecurityAlicenseAqualityA comprehensive Model Context Protocol server that provides advanced Node.js development tooling for automating project creation, component generation, package management, and documentation with AI-powered assistance.Last updated -74JavaScriptMIT License
- AsecurityFlicenseAqualityA comprehensive Model Context Protocol server for advanced code analysis that provides tools for syntax analysis, dependency visualization, and AI-assisted development workflow support.Last updated -284Python
- AsecurityFlicenseAqualityA Model Context Protocol server that creates tools from API configurations defined in YAML files, allowing easy integration of external APIs into an MCP ecosystem without coding.Last updated -786TypeScript