JavaScript Sandbox MCP Server

Overview Schema Related Servers Score Discussions

execute_js

Execute JavaScript code in a secure, isolated sandbox environment with configurable time and memory limits for safe code execution.

Instructions

Execute JavaScript code in an isolated environment

Input Schema

TableJSON Schema

Name	Required	Description
`code`	Yes	JavaScript code to execute
`timeout`	No	Maximum execution time in milliseconds
`memory`	No	Memory limit in bytes

Implementation Reference

src/index.ts:199-231 (handler)

MCP handler for CallToolRequestSchema specifically implementing the 'execute_js' tool. It checks the tool name, validates arguments, calls the sandbox executor, and returns the result as JSON text content.

this.server.setRequestHandler(CallToolRequestSchema, async (request) => {
  if (request.params.name !== 'execute_js') {
    throw new McpError(
      ErrorCode.MethodNotFound,
      `Unknown tool: ${request.params.name}`
    );
  }

  const args = request.params.arguments;
  if (!args || typeof args.code !== 'string') {
    throw new McpError(
      ErrorCode.InvalidRequest,
      'The "code" parameter is required and must be a string'
    );
  }

  const executeArgs: ExecuteCodeArgs = {
    code: args.code,
    timeout: typeof args.timeout === 'number' ? args.timeout : undefined,
    memory: typeof args.memory === 'number' ? args.memory : undefined
  };

  const result = await this.sandbox.executeCode(executeArgs);

  return {
    content: [
      {
        type: 'text',
        text: JSON.stringify(result, null, 2)
      }
    ]
  };
});

src/index.ts:172-193 (schema)

JSON schema defining the input parameters for the 'execute_js' tool as advertised in ListTools response.

inputSchema: {
  type: 'object',
  properties: {
    code: {
      type: 'string',
      description: 'JavaScript code to execute'
    },
    timeout: {
      type: 'number',
      description: 'Maximum execution time in milliseconds',
      minimum: 100,
      maximum: 30000
    },
    memory: {
      type: 'number',
      description: 'Memory limit in bytes',
      minimum: 1024 * 1024,
      maximum: 100 * 1024 * 1024
    }
  },
  required: ['code']
}

src/index.ts:167-196 (registration)

Registration of the 'execute_js' tool through the ListToolsRequestSchema handler, providing name, description, and input schema.

this.server.setRequestHandler(ListToolsRequestSchema, async () => ({
  tools: [
    {
      name: 'execute_js',
      description: 'Execute JavaScript code in an isolated environment',
      inputSchema: {
        type: 'object',
        properties: {
          code: {
            type: 'string',
            description: 'JavaScript code to execute'
          },
          timeout: {
            type: 'number',
            description: 'Maximum execution time in milliseconds',
            minimum: 100,
            maximum: 30000
          },
          memory: {
            type: 'number',
            description: 'Memory limit in bytes',
            minimum: 1024 * 1024,
            maximum: 100 * 1024 * 1024
          }
        },
        required: ['code']
      }
    }
  ]
}));

src/index.ts:75-131 (helper)

Core helper function in JSSandbox class that performs the actual JavaScript execution using vm2 NodeVM, including code validation, sandbox creation, console output capture, timing, memory tracking, and error handling.

async executeCode(args: ExecuteCodeArgs): Promise<{
  result: any;
  console: string[];
  executionTime: number;
  memoryUsage: number;
}> {
  const timeout = args.timeout ?? JSSandbox.DEFAULT_TIMEOUT;
  const memory = args.memory ?? JSSandbox.DEFAULT_MEMORY;
  const consoleOutput: string[] = [];

  try {
    // Code validation
    this.validateCode(args.code);

    // Create sandbox
    const vm = this.createSandbox(timeout, memory);

    // Console redirection
    vm.on('console.log', (...args) => {
      consoleOutput.push(args.map(arg => String(arg)).join(' '));
    });

    // Measure execution time
    const startTime = process.hrtime();

    // Compile and execute code
    const script = new VMScript(args.code);
    const result = await vm.run(script);

    const [seconds, nanoseconds] = process.hrtime(startTime);
    const executionTime = seconds * 1000 + nanoseconds / 1000000;

    // Log execution
    logger.info('Code executed successfully', {
      executionTime,
      memoryUsage: process.memoryUsage().heapUsed,
      codeLength: args.code.length
    });

    return {
      result,
      console: consoleOutput,
      executionTime,
      memoryUsage: process.memoryUsage().heapUsed
    };
  } catch (error: any) {
    logger.error('Execution error', {
      error: error.message,
      code: args.code
    });

    throw new McpError(
      ErrorCode.InternalError,
      `Execution error: ${error.message}`
    );
  }
}

src/index.ts:25-29 (schema)
TypeScript interface defining the arguments for code execution, matching the tool's input schema.
```
interface ExecuteCodeArgs {
  code: string;
  timeout?: number;
  memory?: number;
}
```

Tool Definition Quality

C2.9/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries the full burden of behavioral disclosure. It mentions an 'isolated environment', hinting at sandboxing, but fails to detail critical aspects like error handling, output format, security restrictions, or whether the execution is synchronous. This leaves significant gaps for a tool that executes arbitrary code.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single, direct sentence with no wasted words, making it highly concise and front-loaded. It efficiently communicates the core functionality without unnecessary elaboration.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the complexity of executing JavaScript code and the absence of both annotations and an output schema, the description is insufficient. It lacks details on behavioral traits (e.g., sandboxing limits, return values), making it incomplete for safe and effective use by an AI agent.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The input schema has 100% description coverage, thoroughly documenting all three parameters (code, timeout, memory) with their purposes and constraints. The description adds no additional parameter semantics beyond what the schema provides, so it meets the baseline for high schema coverage.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the action ('Execute') and resource ('JavaScript code in an isolated environment'), making the purpose immediately understandable. It doesn't need to differentiate from siblings since none exist, but it could be more specific about what 'execute' entails (e.g., evaluation, side effects).

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides no guidance on when to use this tool versus alternatives, prerequisites, or common use cases. It mentions an 'isolated environment' but doesn't explain its implications or limitations, leaving usage context vague.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

execute_jsC

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/garc33/js-sandbox-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server