portal_local_exec
Run commands locally on the server machine with secret injection from stored credentials. Set a timeout to control execution duration.
Instructions
Run a command on the MCP SERVER's OWN machine (local), NOT over SSH — for anything on a remote host use portal_exec instead. Off by default (local execution is a larger threat surface): the operator must set PORTAL_ALLOW_LOCAL_EXEC=1 in the server process's env to enable it.
★ credentials: if the command needs a secret, don't have the user paste it
into the chat — they run portal secret set <name> in their own terminal;
you pass secrets=[""] and reference it as the uppercased env var
($NAME), injected into the local child's env and redacted from output. This
lets a local script use an API token without the value ever entering this
conversation.
No sudo here — for a privileged command, sudo is remote-only via portal_exec(use_sudo=True).
timeout (seconds, default 1h, operator-lowerable via PORTAL_DEFAULT_TIMEOUT): held open until the command exits or timeout elapses. Keepalive pings stop the client aborting a hung call, so for an exploratory / re-runnable command pass a SMALL one first (e.g. 10–30) to fail fast, raising it only for slow commands.
★ secrets flags the result "high_risk": briefly tell the user you ran a local command with their stored credential, or only do so with prior permission.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| command | Yes | ||
| secrets | No | ||
| timeout | No |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
| result | Yes |