Loading...
This MCP server provides secure, controlled command-line execution with whitelisting, path validation, and execution limits, ideal for integrating CLI tools with LLMs.
Boost this tool
Subscribe to listing upgrades or segmented pushes.
This MCP server provides secure, controlled command-line execution with whitelisting, path validation, and execution limits, ideal for integrating CLI tools with LLMs.
This server is relatively safe when command and flag whitelists are strictly defined and shell operators are disabled. Enabling shell operators or using 'all' for commands/flags significantly increases the risk of exploitation. Proper configuration and monitoring are crucial.
Performance is limited by the underlying command-line tools and system resources. Command execution is synchronous, so long-running commands can block the server.
The primary cost is the computational resources used by the executed commands. There are no API call costs associated with this server.
npx @smithery/cli install cli-mcp-server --client claude{
"command": {
"type": "string",
"description": "Single command to execute (e.g., 'ls -l' or 'cat file.txt')"
}
}ALLOW_SHELL_OPERATORSrun_commandExecutes a specified command-line command with pre-defined security constraints.
Can execute arbitrary commands within the allowed directory, potentially leading to unintended consequences if not properly configured.
show_security_rulesDisplays the current security configuration of the MCP server.
Read-only operation that only reveals the current security settings.
None
local
This server is relatively safe when command and flag whitelists are strictly defined and shell operators are disabled. Enabling shell operators or using 'all' for commands/flags significantly increases the risk of exploitation. Proper configuration and monitoring are crucial.
The level of autonomy depends on the configured allowed commands and flags. Carefully consider the implications before granting broad permissions.
Production Tip
Monitor the execution times and resource usage of allowed commands to prevent abuse or performance issues.
The server will reject the command and return a `CommandSecurityError`.
Set the `ALLOWED_COMMANDS` environment variable to 'all'. However, this is highly discouraged for security reasons.
It specifies the base directory where commands are allowed to operate. This prevents commands from accessing files outside of this directory.
Not by default. You must set `ALLOW_SHELL_OPERATORS` to 'true' to enable them, but this increases the risk of command injection.
The recommended approach is to use the MCP Inspector, which allows you to step through the code and inspect variables.
You might encounter errors related to security violations, command timeouts, invalid command formats, path security, execution failures, or general command errors.
You need to restart the server for changes to the environment variables to take effect.