Skip to content
/ mcp-shell Public

Execute a secure shell in Claude Desktop using the Model Context Protocol.

License

MIT license
20 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

hdresearch/mcp-shell

BranchesTags

Repository files navigation

Shell MCP Server

A Node.js implementation of the Model Context Protocol (MCP) that provides secure shell command execution capabilities. This server allows AI models to execute shell commands in a controlled environment with built-in security measures. Easily integrates with Claude Desktop for connecting Claude with your shell.

Features

  • MCP-compliant server implementation
  • Secure command execution with blacklist protection
  • Command existence validation
  • Standard I/O based transport
  • Error handling and graceful shutdown

Installation

Run npx mcp-shell.

To add it to Claude Desktop, run npx mcp-shell config. Or add npx -y mcp-shell to your config manually.

Start (or restart) Claude Desktop and you should see the MCP tool listed on the landing page.

Security Features

The server implements several security measures:

  1. Command Blacklisting

    • Prevents execution of dangerous system commands
    • Blocks access to critical system modifications
    • Protects against file system destruction
    • Prevents privilege escalation

  2. Command Validation

    • Verifies command existence before execution
    • Validates against the blacklist
    • Returns clear error messages for invalid commands

Available Tools

The server provides one tool:

run_command

Executes a shell command and returns its output.

Input Schema:

{
  "type": "object",
  "properties": {
    "command": { "type": "string" }
  }
}

Response:

  • Success: Command output as plain text
  • Error: Error message as plain text

Blacklisted Commands

The following command categories are blocked for security:

  • File System Destruction Commands (rm, rmdir, del)
  • Disk/Filesystem Commands (format, mkfs, dd)
  • Permission/Ownership Commands (chmod, chown)
  • Privilege Escalation Commands (sudo, su)
  • Code Execution Commands (exec, eval)
  • System Communication Commands (write, wall)
  • System Control Commands (shutdown, reboot, init)

Error Handling

The server includes comprehensive error handling:

  • Command not found errors
  • Blacklisted command errors
  • Execution errors
  • MCP protocol errors
  • Graceful shutdown on SIGINT

Implementation Details

The server is built using:

  • Model Context Protocol SDK
  • StdioServerTransport for communication
  • execa for command execution
  • command-exists for command validation

Development

To modify the security settings, you can:

  1. Edit the BLACKLISTED_COMMANDS set to adjust blocked commands
  2. Modify the validateCommand function to add additional validation rules
  3. Enhance the command parsing logic in the CallToolRequestSchema handler

About

Execute a secure shell in Claude Desktop using the Model Context Protocol.

Topics

shell claude function-calling

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

20 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages