Uses Alpine Linux as the base container image for the secure execution environment
Provides a secure sandbox for executing code within isolated Docker containers, with resource limitations and security restrictions
Includes Mermaid diagram support for visualizing the MCP server architecture and workflow
Supports Python code execution in the Docker sandbox with dependency installation
MCP Docker Sandbox Interpreter
A secure Docker-based code execution environment for the Model Context Protocol (MCP).
Overview
This project provides a secure sandbox for executing code through MCP (Model Context Protocol). It allows AI assistants to safely run code without requiring direct access to the host system, by executing all code within isolated Docker containers.
Features
Secure Execution: Code runs in isolated Docker containers with strict security limitations
Multi-Language Support: Currently supports Python with easy extensibility for other languages
Resource Limitations: CPU and memory restrictions to prevent abuse
MCP Integration: Fully compatible with the Model Context Protocol
Automatic Setup: Handles container creation, dependency installation, and cleanup
Requirements
Docker (Desktop or Engine)
Python 3.10+
MCP SDK (
pip install mcp
)Docker Python SDK (
pip install docker
)
Installation
Clone this repository:
git clone https://github.com/yourusername/mcp-docker-interpreter.git cd mcp-docker-interpreterCreate and activate a virtual environment:
python -m venv .venv source .venv/bin/activate # On Windows: .venv\Scripts\activateInstall dependencies:
pip install -r requirements.txt
Usage
Starting the MCP Server
Start the server by running:
Connecting to an AI Assistant
You can connect this MCP server to AI assistants that support the Model Context Protocol:
Cursor
In Cursor, add the following to your MCP settings:
Replace the paths with your actual file paths.
Claude Desktop
Similar to Cursor, add the configuration to Claude Desktop's MCP settings.
MCP Tools
This MCP server exposes three main tools:
initialize_sandbox: Creates a new Docker container for code execution
Arguments: - image: The Docker image to use (default: "alpine:latest")execute_code: Runs code in the initialized sandbox
Arguments: - code: The code string to execute - language: Programming language (default: "python")stop_sandbox: Stops and removes the container
No arguments needed
How It Works
When
initialize_sandbox
is called, the system:Creates a Docker container based on Alpine Linux
Installs Python and other dependencies
Sets up security restrictions
When
execute_code
is called:Code is executed within the isolated container
Standard output and errors are captured
Results are returned to the calling application
When
stop_sandbox
is called:The container is stopped and removed
All resources are released
Security Considerations
This sandbox implements several security measures:
Containers have restricted CPU and memory usage
Containers are run with minimal privileges
Network access is disabled by default
Containers are disposable and cleaned up after use
Development
Project Structure
Adding New Language Support
To add support for a new programming language, modify the run_code
method in the DockerSandbox
class to handle the new language.
Troubleshooting
Common Issues
Docker connection error:
Ensure Docker is running
Check that the DOCKER_HOST environment variable is correctly set for your Docker installation
Container creation fails:
Verify you have permission to create Docker containers
Ensure the specified base image is accessible
Code execution fails:
Check that the language runtime is properly installed in the container
Verify the code is valid for the specified language
License
Acknowledgements
This project uses the Model Context Protocol
Built with Docker SDK for Python
This server cannot be installed
hybrid server
The server is able to function both locally and remotely, depending on the configuration or use case.
A secure Docker-based environment that allows AI assistants to safely execute code without direct access to the host system by running all code within isolated containers.
Related MCP Servers
- -securityFlicense-qualityProvides isolated Docker environments for code execution, enabling users to create and manage containers, execute multi-language code, save and reproduce development environments, ensuring security and isolation.Last updated -11
- -securityAlicense-qualityAn interactive Python code execution environment that allows users and LLMs to safely execute Python code and install packages in isolated Docker containers.Last updated -27Apache 2.0
- -securityAlicense-qualityAn open-source self-hosted browser agent that provides a dockerized browser environment for AI automation, allowing other AI apps and agents to perform human-like web browsing tasks through natural language instructions.Last updated -6661Apache 2.0
- -securityFlicense-qualityA secure server that enables code execution in isolated Docker environments, supporting Python with strict security constraints including network isolation, limited filesystem access, and resource limitations.Last updated -