VERIFIED

Code Runner

Safety: 55/100

0.0(0)

This MCP server executes code snippets within Docker containers, providing a sandboxed environment for running potentially untrusted code and returning the results.

MCP ServersFreemium

Boost this tool

Subscribe to listing upgrades or segmented pushes.

Overview

This MCP server executes code snippets within Docker containers, providing a sandboxed environment for running potentially untrusted code and returning the results.

This server is relatively safe for executing simple code snippets from trusted sources. However, without proper resource limits and input validation, it poses a moderate risk, especially when handling code from untrusted origins. Ensure Docker is securely configured and consider implementing additional security measures.

Performance depends on the size and complexity of the code being executed, as well as the resources allocated to the Docker container. Network latency can also impact performance.

Cost considerations include the resources consumed by Docker containers (CPU, memory, storage) and any associated network costs.

TypeScript17 starsMIT

Connections & Capabilities

Connects To

Docker

Capabilities

Exec

Client Compatibility

Claude Desktop

full

Cursor

untested

Windsurf

untested

VS Code (Copilot)

untested

Tools (1)

moderate

execute_code

Executes the provided code within a Docker container and returns the output.

Code execution, even in a container, can have unintended consequences if not properly sandboxed.

Security

Auth Method

None

Known Risks

!Potential for Docker escape if the container configuration is flawed.
!Denial-of-service vulnerabilities due to lack of resource limits on code execution.
!Code injection attacks if input is not properly sanitized.
!Lack of detailed logging and monitoring hinders security auditing and incident response.
!Absence of authentication mechanisms beyond the MCP protocol.

Safety Score

moderate risk

Positive

+Code execution is containerized using Docker, providing a degree of isolation.
+MCP protocol provides a standardized interface, potentially enabling some level of control.
+No explicit file system access is mentioned, limiting potential damage.
+Focus on code execution results, not system-level access.

Risks

-Docker containers can be escaped if misconfigured or vulnerable.
-Lack of resource control (CPU, memory, time) can lead to denial-of-service.
-No mention of input sanitization, potentially allowing code injection.
-Absence of detailed logging and monitoring makes auditing difficult.
-No RBAC or authentication beyond the MCP protocol itself.

Use Cases

Educational Code Execution

-Running simple programming exercises.
-Testing code snippets for learning purposes.
-Demonstrating basic algorithms.

Automated Testing

-Executing unit tests in a controlled environment.
-Running integration tests for software components.
-Validating code changes during development.

Scripting and Automation

-Executing short scripts for automating tasks.
-Running command-line tools within a container.
-Performing simple data transformations.

Who Is This For?

Best For

Educational environments for running code examples.
Development teams for automated testing.
Scripting and automation tasks that require a sandboxed environment.
Quickly testing code snippets without installing dependencies locally.
Executing code from potentially untrusted sources in a controlled manner.

Not Ideal For

Executing long-running or resource-intensive tasks.
Applications requiring low latency or real-time performance.
Tasks that require direct access to the host file system or hardware.
Handling highly sensitive data without additional security measures.

Autonomy & Execution

Default ModeConfigurable

Sandboxed

The level of autonomy depends on how the MCP client configures the server. The Docker container provides a degree of sandboxing, but resource limits and security policies must be carefully configured.

StatelessYes

Retry LogicNone

ConcurrencyNot documented

Production Tip

Implement strict resource limits (CPU, memory, execution time) for Docker containers to prevent denial-of-service attacks.

FAQ

What programming languages are supported?

The supported languages depend on the tools installed within the Docker container. You can configure the container to support any language.

How is code sandboxed?

Code is sandboxed using Docker containers, which provide a degree of isolation from the host system.

Can I access the internet from within the Docker container?

Internet access depends on the Docker container's network configuration. You can configure the container to allow or deny internet access.

How do I configure resource limits for code execution?

Resource limits (CPU, memory, execution time) can be configured using Docker's resource constraints.

What security measures should I take when using this server?

Ensure Docker is securely configured, implement resource limits, sanitize input, and monitor container activity.

How do I update the Docker image used for code execution?

You need to rebuild and redeploy the Docker image with the desired updates.

Is there any authentication or authorization?

The base implementation does not include authentication or authorization beyond the MCP protocol. You may need to add your own.

Metrics

Discovered2/14/2026

Reviews0

Saved By0 users

Related Tools

Code Runner - AI Tool Review & Alternatives | Flaex AI