enclave
A secure JavaScript sandbox designed for safe AI agent code execution. Protects against code injection, prototype pollution, and sandbox escapes. The security layer that makes AI-generated code safe to run.
claude mcp add --transport stdio agentfront-enclave node path/to/server.js \ --env ENV="development" \ --env ENCLAVE_LOG_LEVEL="info"
How to use
Enclave is a secure sandbox runtime designed for running AI agent code with strong isolation and tool orchestration. It exposes a structured runtime that can be consumed by clients via a running MCP server, enabling safe execution of user-supplied code, tool calls, and streaming results. The Enclave stack emphasizes security layers, NDJSON streaming, and a brokered tool interface, making it suitable for scenarios where you need to orchestrate AI agents while safeguarding against unsafe or unexpected operations. Typical usage involves starting the Enclave server and communicating through the provided client SDKs to execute code, call tools, and stream outputs in real time.
How to install
Prerequisites:
- Node.js 22 or newer
- npm (bundled with Node.js) or pnpm
-
Install core Enclave packages and dependencies locally (examples): npm install @enclave-vm/core npm install ast-guard npm install @enclave-vm/broker npm install @enclave-vm/client npm install @enclave-vm/react
-
If you plan to run a local server for the Enclave MCP, ensure you have a server entrypoint. Create a minimal server file (example: server.js) that initializes Enclave runtime and exposes an MCP-compatible interface. For example:
// server.js (example) const { Enclave } = require('@enclave-vm/core'); // Initialize and expose API endpoints as needed for MCP integration
-
Start the server (adjust command to your setup): node path/to/server.js
-
If using a bundled monorepo or workspace tooling (e.g., nx), install workspace deps and start the specific enclave-related target as documented in the repository's docs.
Note: The exact startup script may vary depending on your deployment (local dev, Lambda/Vercel runtime, or container). The key is to ensure the runtime is reachable by your MCP client and that a brokered tool API is exposed for tool calls and session management.
Additional notes
Tips and caveats:
- The Enclave runtime emphasizes security; ensure the AST validator (ast-guard) and enclave-vm security layers are enabled in your environment.
- When deploying in production, prefer a static, well-scoped configuration (env vars, allowed tools, and network access) to minimize risk.
- NDJSON streaming is used for real-time events; ensure your client can parse streaming lines and handle reconnections gracefully.
- If you encounter issues with tool calls, verify that the broker service is reachable and that credentials or secrets are correctly configured in your environment.
- For local development, set ENV=development and enable verbose logging to diagnose sandbox behavior and tool execution.
Related MCP Servers
apify
The Apify MCP server enables your AI agents to extract data from social media, search engines, maps, e-commerce sites, or any other website using thousands of ready-made scrapers, crawlers, and automation tools available on the Apify Store.
mesh
One secure endpoint for every MCP server. Deploy anywhere.
mcp-crew-ai
MCP Crew AI Server is a lightweight Python-based server designed to run, manage and create CrewAI workflows.
symfony
A Symfony package designed for building secure servers based on the Model Context Protocol, utilizing Server-Sent Events (SSE) and/or StreamableHTTP for real-time communication. It offers a scalable tool system tailored for enterprise-grade applications.
mcpx-py
Python client library for https://mcp.run - call portable & secure tools for your AI Agents and Apps
mcp-ethical-hacking
MCP Ethical Hacking Security sample for educational
