js-sandbox

js-sandbox is a Model Context Protocol server that provides a secure JavaScript execution environment. It exposes a tool named execute_js that lets clients send JavaScript code to be run in an isolated sandbox. The tool accepts parameters such as code (the JavaScript to run), timeout (to cap execution time), and memory (to cap the memory usage). The server returns the result of the code execution, while enforcing the configured resource limits to protect the host. This makes it suitable for safely evaluating user-provided scripts or running small JS tasks within a controlled environment. You can integrate the server with clients that speak the MCP protocol and invoke the execute_js tool to obtain results from sandboxed code execution. For debugging and development, the project also provides an MCP Inspector integration to help troubleshoot communication and tooling during development.

Prerequisites:

• Node.js (recommended LTS version) and npm installed on your machine
• Git to clone the repository if you’re pulling from source

Basic installation steps:

1. Install dependencies: npm install

2. Build the server: npm run build

3. (Optional for development) Enable automatic rebuild on changes: npm run watch

4. If you’re deploying via Smithery (recommended for Claude Desktop integration), install the MCP server package: npx -y @smithery/cli install @garc33/js-sandbox-mcp-server --client claude

5. Configure your MCP client (e.g., Claude Desktop) to point at the server. An example configuration in Claude Desktop might look like: { "mcpServers": { "js-sandbox": { "command": "/path/to/js-sandbox/build/index.js" } } }

Notes:

• The server runs as a Node.js process (command: node, args: ["build/index.js"]).
• Run tests or start the server in your environment as appropriate for your deployment setup.

Tips and considerations:

• The execute_js tool runs code in an isolated sandbox to protect the host environment. Always rely on the specified timeout and memory limits to prevent abuse.
• If you encounter issues with MCP communication, use the MCP Inspector tooling (npm run inspector) to get debugging URLs and inspect protocol messages.
• When integrating via Claude Desktop, ensure the path to the built server (build/index.js) is correct for your environment. If you deploy differently, update the command accordingly.
• You can adjust resource limits (timeout and memory) at the tool invocation level to tailor sandbox behavior for different use cases.
• Ensure your deployment environment has the necessary permissions to execute the Node.js process and access any required resources within the sandbox.