MCP HubMCP Hub
Sunwood-ai-labs

command-executor-mcp-server

by: Sunwood-ai-labs

Model Context Protocol Server for Safely Executing Pre-approved Commands

18created 22/12/2024
Visit
Protocol
Security

πŸ“ŒOverview

Purpose: The command-executor MCP Server is designed to execute pre-approved commands securely within a Model Context Protocol environment.

Overview: This server allows for safe execution of commands by maintaining a strict list of approved commands, ensuring security and error handling. Built with TypeScript and leveraging the MCP SDK, it facilitates seamless integration through standard input/output communication.

Key Features:

  • Secure Command Execution: Only allows pre-approved commands to run, reducing vulnerabilities associated with command injection.

  • Configurable Commands: Users can customize the list of allowed commands via environment variables, enhancing flexibility.

  • Real-Time Output Streaming: Commands execute in real-time with streamed output, improving user experience and interactivity.

  • Robust Error Handling: Comprehensive error management that prevents crashes from unauthorized command attempts, providing clear feedback for debugging.

command-executor MCP Server

A Model Context Protocol server for executing pre-approved commands securely.

πŸŽ₯ Demo

https://github.com/user-attachments/assets/ed763a12-b685-4e0b-b9a5-bc948a590f51

✨ Features

  • Secure command execution with pre-approved command list
  • Configurable allowed commands through environment variables
  • Built with TypeScript and MCP SDK
  • Communication via stdio for seamless integration
  • Error handling and security validations
  • Real-time command output streaming

πŸš€ Installation

Install dependencies:

npm install

Build the server:

npm run build

For development with auto-rebuild:

npm run watch

βš™οΈ Configuration

πŸ”’ Allowed Commands

By default, the following commands are allowed:

  • git
  • ls
  • mkdir
  • cd
  • npm
  • npx
  • python

You can customize the allowed commands by setting the ALLOWED_COMMANDS environment variable:

export ALLOWED_COMMANDS=git,ls,mkdir,python

πŸ”Œ Claude Desktop Integration

To use with Claude Desktop, add the server config:

On MacOS:

~/Library/Application Support/Claude/claude_desktop_config.json

On Windows:

%APPDATA%/Claude/claude_desktop_config.json

Configuration example:

{
  "mcpServers": {
    "command-executor": {
      "command": "/path/to/command-executor/build/index.js"
    }
  }
}

πŸ›‘οΈ Security Considerations

The command-executor server implements several security measures:

  1. Pre-approved Command List

    • Only explicitly allowed commands can be executed
    • Default list is restrictive and security-focused
    • Commands are validated by prefix to prevent injection

  2. Command Validation

    • Command prefix validation prevents command injection
    • No shell execution for improved security
    • Environment variables are properly sanitized

  3. Error Handling

    • Comprehensive error handling for unauthorized commands
    • Clear error messages for debugging
    • Failed commands don't crash the server

  4. Environment Isolation

    • Server runs in its own environment
    • Environment variables can be controlled
    • Limited system access

πŸ’» Development

Project Structure

command-executor/
β”œβ”€ src/
β”‚  └─ index.ts      # Main server implementation
β”œβ”€ build/
β”‚  └─ index.js      # Compiled JavaScript
β”œβ”€ assets/
β”‚  └─ header.svg    # Project header image
└─ package.json     # Project configuration

πŸ› Debugging

Since MCP servers communicate over stdio, debugging can be challenging. We recommend using the MCP Inspector:

npm run inspector

The Inspector will provide a URL to access debugging tools in your browser.

πŸ› οΈ Tool API

The server provides a single tool:

execute_command

Executes a pre-approved command.

Parameters:

  • command (string, required): The command to execute

Example Request:

{
  "name": "execute_command",
  "arguments": {
    "command": "git status"
  }
}

Example Response:

{
  "content": [
    {
      "type": "text",
      "text": "On branch main\nNothing to commit, working tree clean"
    }
  ]
}

Error Response:

{
  "content": [
    {
      "type": "text",
      "text": "Command execution failed: Command not allowed"
    }
  ],
  "isError": true
}

❌ Error Handling

The server provides detailed error messages for various scenarios:

  1. Unauthorized Commands

    {
  "code": "InvalidParams",
  "message": "Command not allowed: [command]. Allowed commands: git, ls, mkdir, cd, npm, npx, python"
}

  2. Execution Failures

    {
  "content": [
    {
      "type": "text",
      "text": "Command execution failed: [error message]"
    }
  ],
  "isError": true
}

🀝 Contributing

  1. Fork the repository
  2. Create your feature branch
  3. Commit your changes
  4. Push to the branch
  5. Create a new Pull Request

πŸ“„ License

This project is licensed under the MIT License - see the LICENSE file for details.