dynamic-shell

Dynamic Shell Command MCP Server enables secure execution of shell commands through a dynamic approval workflow, with persistent storage of approved commands and audit logging. When a command runs for the first time, the server prompts for approval and logs the decision, ensuring that only authorized commands are executed going forward. Tools exposed by the server include execute_command for running shell commands and revoke_command_approval to revoke previously granted permissions. Additionally, approved commands are stored on disk, and an audit trail records each command execution for accountability. The server enforces a timeout (5 minutes) to prevent long-running processes, and it does not allow unfiltered shell injection by default, reducing risk while still providing controlled capability.

To use it, configure MCP with a shell entry that points to your Python environment and the dynamic_shell_server.py script. After starting the server, you can issue commands through the MCP client. The first execution of any command will prompt for approval; after approval, the command will be remembered and can be reused without re-approval until revoked. You can view the list of approved commands under the commands://approved resource and audit logs are stored in the server's data directory for review.

Prerequisites:

• Python 3.8+ (and venv support)
• Optional: Git
• Access to clone or copy the repository containing dynamic_shell_server.py

1. Clone the repository

• git clone <repository-url>
• cd dynamic-shell-server

2. Create and activate a virtual environment

• python -m venv venv
• • On macOS/Linux: source venv/bin/activate
• • On Windows: venv\Scripts\activate

3. Install dependencies

• pip install -r requirements.txt

4. Run the server (standalone)

• python dynamic_shell_server.py

Optional: Configure Claude Desktop or other clients by providing an MCP configuration that points to this Python server as shown in the mcp_config section.

Tips and considerations:

• The server stores approved commands in ~/.config/mcp-shell-server/ and keeps an audit log in the same directory. Ensure these paths have appropriate read/write permissions.
• The first execution of any command requires user approval. The decision can be revoked later via revoke_command_approval.
• If you encounter issues with Python path resolution in Claude Desktop, ensure the command field points to your virtual environment's Python interpreter and the script path is absolute.
• Timeouts are set to 5 minutes; long-running commands may be terminated if they exceed this limit.
• No direct shell execution is allowed beyond the approved commands, helping protect against injection attacks.
• If you customize logging or storage locations, ensure the MCP client has permission to access those paths.