Loading...
Jupyter MCP Server enables real-time AI interaction with Jupyter notebooks, offering tools for cell manipulation, execution, and notebook management via the MCP protocol.
Boost this tool
Subscribe to listing upgrades or segmented pushes.
Jupyter MCP Server enables real-time AI interaction with Jupyter notebooks, offering tools for cell manipulation, execution, and notebook management via the MCP protocol.
The Jupyter MCP Server provides powerful tools for interacting with Jupyter notebooks, but its safety depends heavily on proper configuration and access control. It is relatively safe in read-only scenarios, but risky if write access is granted without careful consideration of the potential for malicious code execution.
Performance is limited by the Jupyter kernel's execution speed and the network latency between the MCP client and the server. Large notebooks and complex computations may take significant time to execute.
Cost depends on the resources consumed by the Jupyter server and the number of API calls made by the MCP client. Consider the cost of cloud-based Jupyter environments and the potential for increased resource usage with automated execution.
pip install jupyterlab==4.4.1 jupyter-collaboration==4.0.2 jupyter-mcp-tools>=0.1.4 ipykernel{
"mcpServers": {
"jupyter": {
"command": "uvx",
"args": ["jupyter-mcp-server@latest"],
"env": {
"JUPYTER_URL": "http://localhost:8888",
"JUPYTER_TOKEN": "MY_TOKEN",
"ALLOW_IMG_OUTPUT": "true"
}
}
}
}list_filesLists files and directories within the Jupyter server's file system.
Read-only operation.
list_kernelsLists available and running kernel sessions on the Jupyter server.
Read-only operation.
use_notebookConnects to, creates, or switches between Jupyter notebooks.
Manages notebook access, but doesn't directly modify content.
list_notebooksLists all notebooks available on the Jupyter server and their status.
Read-only operation.
restart_notebookRestarts the kernel for a specific managed notebook.
Can interrupt running processes, but doesn't modify data.
read_notebookReads the source content of notebook cells.
Read-only operation.
read_cellReads the full content (metadata, source, outputs) of a single cell.
Read-only operation.
insert_cellInserts a new code or markdown cell at a specified position.
Adds content to the notebook, but requires explicit execution.
delete_cellDeletes a cell at a specified index.
Removes content from the notebook.
overwrite_cell_sourceOverwrites the source code of an existing cell.
Modifies existing code, potentially introducing malicious content.
execute_cellExecutes a cell with timeout, supporting multimodal output.
Executes arbitrary code within the Jupyter kernel.
insert_execute_code_cellInserts a new code cell and executes it in one step.
Executes arbitrary code immediately upon insertion.
execute_codeExecutes code directly in the kernel, supporting magic and shell commands.
Executes arbitrary code directly in the kernel, bypassing cell structure.
notebook_run-all-cellsExecutes all cells in the current notebook sequentially.
Executes all code in the notebook, potentially triggering unintended actions.
notebook_get-selected-cellGets information about the currently selected cell.
Read-only operation.
connect_to_jupyterConnects to a Jupyter server dynamically without restarting the MCP server.
Allows switching servers, potentially connecting to untrusted sources.
unuse_notebookDisconnects from a specific notebook and releases its resources.
Releases resources but doesn't modify the notebook.
Token
hybrid
The Jupyter MCP Server provides powerful tools for interacting with Jupyter notebooks, but its safety depends heavily on proper configuration and access control. It is relatively safe in read-only scenarios, but risky if write access is granted without careful consideration of the potential for malicious code execution.
Autonomy is highly dependent on the configuration of the MCP client and the permissions granted to the Jupyter token. Exercise caution when enabling automated execution of code.
Production Tip
Isolate Jupyter environments and use dedicated tokens with restricted permissions for production use.
Use a dedicated Jupyter token with restricted permissions, isolate the Jupyter environment, and carefully review any code before execution.
Set timeouts for cell execution, monitor resource usage, and optimize code for performance.
Yes, Jupyter MCP Server supports JupyterHub deployments. Refer to the documentation for specific configuration instructions.
`execute_cell` executes a specific cell within the notebook, while `execute_code` executes arbitrary code directly in the kernel, bypassing the cell structure.
Set the `ALLOW_IMG_OUTPUT` environment variable to `true`.
You need a running JupyterLab or Jupyter Notebook instance, `jupyter-mcp-server` installed, and a configured MCP client.
Use the `allowed_jupyter_mcp_tools` configuration parameter to specify which tools from `jupyter-mcp-tools` are enabled.