MCP Server: SSH Rails Runner

An MCP server that enables secure remote execution of Rails console commands via SSH. This server provides tools for both read-only operations and carefully managed mutations in a deployed Rails environment.

This works great with Cursor. You can use Cursor Composer to pull in your Rails model files as context and then use the execute_read_only, dry_run_mutate, and execute_mutate tools to make changes to the database. No need to trudge through complicated Admin UI's to get your data wrangling and analysis done.

Example

Features

Remote Rails console execution over SSH
Safe read-only operations
Dry-run capability for mutations
Execution of approved mutations
Resource management for code snippets

Installation

npm install
npm run build

Configuration

Set the following environment variables:

SSH_HOST=your.remote.host
SSH_USER=your_ssh_user
SSH_PRIVATE_KEY_PATH=your_SSH_PRIVATE_KEY_PATH
RAILS_WORKING_DIR=/path/to/rails/app

Usage with Claude Desktop

Add to your Claude Desktop configuration:

{
  "mcpServers": {
    "ssh-rails-runner": {
      "command": "npx",
      "args": ["mcp-server-ssh-rails-runner"],
      "env": {
        "SSH_HOST": "your.remote.host",
        "SSH_USER": "your_ssh_user",
        "SSH_PRIVATE_KEY_PATH": "your_SSH_PRIVATE_KEY_PATH",
        "RAILS_WORKING_DIR": "/path/to/rails/app/root",
        "PROJECT_NAME_AS_CONTEXT": "Name that shows up in tool descriptions to help the LLM describe what kind of Rails project we're working with.",
        "CODE_SNIPPET_FILE_DIRECTORY": "/path/to/store/code/snippets/locally"
      }
    }
  }
}

If CODE_SNIPPET_FILE_DIRECTORY is not provided, snippets will be stored in a temporary directory (e.g., /tmp/mcp-ssh-rails-runner-code-snippets). PROJECT_NAME_AS_CONTEXT is optional and helps identify the project context in tool descriptions.

Available Tools

The server now uses a Prepare -> Execute workflow:

`mcp_ssh_rails_runner_prepare_code_snippet`

Arguments: name (string, for filename), type (enum: "readOnly" | "mutate"), code (string, Ruby code), description (string, optional).
Function: Saves the provided Ruby code to a local file named code_snippet_<name>.json, marks it as read-only or mutate, and opens the file for review.
Returns: The file:// URI of the created snippet.

`mcp_ssh_rails_runner_execute_code_snippet_read_only`

Arguments: uri (string, file:// URI from prepareCodeSnippet).
Function: Reads the code snippet from the URI, verifies it's marked as readOnly, performs a safety check on the code, and executes it.
Returns: The output of the Rails command.

`mcp_ssh_rails_runner_execute_code_snippet_mutate`

Arguments: uri (string, file:// URI from prepareCodeSnippet).
Function: DANGER ZONE! Reads the code snippet, verifies it's marked as mutate, and executes it directly. There is no dry run or further safety check within this tool.
Returns: The output of the Rails command.
Usage: ONLY CALL THIS AFTER THE USER HAS REVIEWED the prepared code (via the opened file from prepareCodeSnippet) AND EXPLICITLY CONFIRMED they want to execute the mutation.

Security Considerations

Only use with trusted SSH endpoints from your own local machine that is (temporarily) provided access to the remote environment.
Crucially, always review the code saved by prepareCodeSnippet before executing any mutation with executeCodeSnippetMutate. The responsibility for confirming mutations lies with the user and the calling AI.

License

MIT

MCP Server: SSH Rails Runner

Integrations