Node.js Sandbox MCP Server

Overview Schema Related Servers Score Discussions

run_js_ephemeral

Execute JavaScript code in disposable containers with optional npm dependencies, automatically cleaning up after execution while persisting files in the mounted volume.

Instructions

Run a JavaScript snippet in a temporary disposable container with optional npm dependencies, then automatically clean up. The code must be valid ESModules (import/export syntax). Ideal for simple one-shot executions without maintaining a sandbox or managing cleanup manually. When reading and writing from the Node.js processes, you always need to read from and write to the "./files" directory to ensure persistence on the mounted volume. This includes images (e.g., PNG, JPEG) and other files (e.g., text, JSON, binaries).

Example:

import fs from "fs/promises";
await fs.writeFile("./files/hello.txt", "Hello world!");
console.log("Saved ./files/hello.txt");

Input Schema

TableJSON Schema

Name	Required	Description	Default
`code`	Yes	JavaScript code to run inside the ephemeral container.
`dependencies`	No	A list of npm dependencies to install before running the code. Each item must have a `name` (package) and `version` (range). If none, returns an empty array.
`image`	No	Docker image to use for ephemeral execution. e.g. - node:lts-slim: Node.js LTS version, slim variant. (Lightweight and fast for JavaScript execution tasks.) - mcr.microsoft.com/playwright:v1.52.0-noble: Playwright image for browser automation. (Preconfigured for running Playwright scripts.) - alfonsograziano/node-chartjs-canvas:latest: Chart.js image for chart generation and mermaid charts generation. ('Preconfigured for generating charts with chartjs-node-canvas and Mermaid. Minimal Mermaid example: import fs from "fs"; import { run } from "@mermaid-js/mermaid-cli"; fs.writeFileSync("./files/diagram.mmd", "graph LR; A-->B;", "utf8"); await run("./files/diagram.mmd", "./files/diagram.svg");)	node:lts-slim

Implementation Reference

src/tools/runJsEphemeral.ts:60-139 (handler)

Main handler function for run_js_ephemeral tool. Creates ephemeral Docker container, installs npm dependencies, executes JS code, captures output, detects file changes in workspace, and returns MCP response with telemetry.

export default async function runJsEphemeral({
  image = DEFAULT_NODE_IMAGE,
  code,
  dependencies = [],
}: {
  image?: string;
  code: string;
  dependencies?: NodeDependenciesArray;
}): Promise<McpResponse> {
  if (!isDockerRunning()) {
    return { content: [textContent(DOCKER_NOT_RUNNING_ERROR)] };
  }

  const telemetry: Record<string, unknown> = {};
  const dependenciesRecord = preprocessDependencies({ dependencies, image });
  const containerId = `js-ephemeral-${randomUUID()}`;
  const tmpDir = tmp.dirSync({ unsafeCleanup: true });
  const { memFlag, cpuFlag } = computeResourceLimits(image);

  try {
    // Start an ephemeral container
    execSync(
      `docker run -d --network host ${memFlag} ${cpuFlag} ` +
        `--workdir /workspace -v ${getFilesDir()}:/workspace/files ` +
        `--name ${containerId} ${image} tail -f /dev/null`
    );

    // Prepare workspace locally
    const localWorkspace = await prepareWorkspace({ code, dependenciesRecord });
    execSync(`docker cp ${localWorkspace.name}/. ${containerId}:/workspace`);

    // Generate snapshot of the workspace
    const snapshotStartTime = Date.now();
    const snapshot = await getSnapshot(getMountPointDir());

    // Run install and script inside container
    const installCmd =
      'npm install --omit=dev --prefer-offline --no-audit --loglevel=error';

    if (dependencies.length > 0) {
      const installStart = Date.now();
      const installOutput = execSync(
        `docker exec ${containerId} /bin/sh -c ${JSON.stringify(installCmd)}`,
        { encoding: 'utf8' }
      );
      telemetry.installTimeMs = Date.now() - installStart;
      telemetry.installOutput = installOutput;
    } else {
      telemetry.installTimeMs = 0;
      telemetry.installOutput = 'Skipped npm install (no dependencies)';
    }

    const { output, error, duration } = safeExecNodeInContainer({
      containerId,
    });
    telemetry.runTimeMs = duration;
    if (error) return getContentFromError(error, telemetry);

    // Detect the file changed during the execution of the tool in the mounted workspace
    // and report the changes to the user
    const changes = await detectChanges(
      snapshot,
      getMountPointDir(),
      snapshotStartTime
    );

    const extractedContents = await changesToMcpContent(changes);

    return {
      content: [
        textContent(`Node.js process output:\n${output}`),
        ...extractedContents,
        textContent(`Telemetry:\n${JSON.stringify(telemetry, null, 2)}`),
      ],
    };
  } finally {
    execSync(`docker rm -f ${containerId}`);
    tmpDir.removeCallback();
  }
}

src/tools/runJsEphemeral.ts:31-56 (schema)

Input schema for the tool using Zod validation: image (optional Docker image), dependencies (array of {name, version}), code (JS to execute).

export const argSchema = {
  image: z
    .string()
    .optional()
    .default(DEFAULT_NODE_IMAGE)
    .describe(
      'Docker image to use for ephemeral execution. e.g. ' +
        generateSuggestedImages()
    ),
  // We use an array of { name, version } items instead of a record
  // because the OpenAI function-calling schema doesn’t reliably support arbitrary
  // object keys. An explicit array ensures each dependency has a clear, uniform
  // structure the model can populate.
  // Schema for a single dependency item
  dependencies: z
    .array(NodeDependency)
    .default([])
    .describe(
      'A list of npm dependencies to install before running the code. ' +
        'Each item must have a `name` (package) and `version` (range). ' +
        'If none, returns an empty array.'
    ),
  code: z
    .string()
    .describe('JavaScript code to run inside the ephemeral container.'),
};

src/server.ts:82-98 (registration)

Registration of the run_js_ephemeral tool on the MCP server using server.tool(), providing name, description, schema (ephemeralSchema), and handler (runJsEphemeral).

server.tool(
  'run_js_ephemeral',
  `Run a JavaScript snippet in a temporary disposable container with optional npm dependencies, then automatically clean up. 
  The code must be valid ESModules (import/export syntax). Ideal for simple one-shot executions without maintaining a sandbox or managing cleanup manually.
  When reading and writing from the Node.js processes, you always need to read from and write to the "./files" directory to ensure persistence on the mounted volume.
  This includes images (e.g., PNG, JPEG) and other files (e.g., text, JSON, binaries).

  Example:
  \`\`\`js
  import fs from "fs/promises";
  await fs.writeFile("./files/hello.txt", "Hello world!");
  console.log("Saved ./files/hello.txt");
  \`\`\`
`,
  ephemeralSchema,
  runJsEphemeral
);

Tool Definition Quality

A4.3/5.0

Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries the full burden of behavioral disclosure. It effectively describes key behavioral traits: the ephemeral/disposable nature, automatic cleanup, ESModules requirement, file persistence rules (read/write to './files' directory), and support for various file types. It doesn't mention execution time limits, error handling, or output format, which keeps it from a perfect score.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is appropriately sized and front-loaded with the core purpose. Every sentence adds value: the first defines the tool, the second specifies ESModules requirement and use case, the third explains file persistence rules, and the example illustrates usage. It could be slightly more concise by integrating the file persistence note with the example.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's complexity (ephemeral execution with dependencies) and no annotations or output schema, the description does well to cover purpose, usage, behavioral traits, and provide an example. It lacks details on execution limits, error responses, or output structure, but for a tool with rich schema coverage and clear context, it's largely complete.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100%, so the schema already documents all three parameters thoroughly. The description adds minimal parameter semantics beyond the schema—it implies the 'code' parameter must be valid ESModules and mentions the './files' directory context, but doesn't provide additional syntax or format details. This meets the baseline for high schema coverage.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose with specific verbs ('run', 'clean up') and resources ('JavaScript snippet', 'temporary disposable container', 'npm dependencies'). It distinguishes from siblings like 'run_js' (which likely lacks the ephemeral/cleanup aspect) and 'sandbox_exec' (which may require manual sandbox management).

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines5/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description explicitly states when to use this tool ('ideal for simple one-shot executions without maintaining a sandbox or managing cleanup manually') and provides clear context for alternatives. It distinguishes from siblings by emphasizing the ephemeral nature and automatic cleanup, which contrasts with tools like 'sandbox_exec' that likely require manual sandbox management.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/ssdeanx/node-code-sandbox-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server