mcp-shell

This MCP server implements a secure shell command execution tool as part of the Model Context Protocol (MCP) ecosystem. It exposes a single tool called run_command which accepts a shell command string and returns either the command output or an error message. The server enforces a blacklist of dangerous commands and validates that requested commands exist before execution, helping to prevent unsafe operations in model-driven workflows. You can connect Claude Desktop or other MCP clients to send a CallToolRequest for run_command and receive stdout or error responses.

To use it, start the server (via npx mcp-shell) and invoke the run_command tool with a JSON payload like {"command": "ls -la"}. The server will parse the input, verify the command against the blacklist, execute it in a controlled environment, and return the output as plain text. If the command is blocked or invalid, you’ll receive a descriptive error message explaining what happened.

Prerequisites:

• Node.js (v14+ recommended)
• npm or yarn

Installation steps:

1. Ensure Node.js and npm are installed. You can verify with: node -v npm -v

2. Install and run the MCP shell server using npx (no global install required):

npx -y mcp-shell

3. To add the MCP server to Claude Desktop (or your client configuration), generate a config using:

npx mcp-shell config

4. Start Claude Desktop or your MCP client and ensure the Shell MCP is listed as an available tool.

Notes and tips:

• The server uses a blacklist to prevent dangerous commands (e.g., rm, dd, sudo, shutdown). You can adjust the BLACKLISTED_COMMANDS in the source to fit your environment, but exercise caution.
• Command validation helps catch typos or unsupported commands before execution.
• If you need to extend capabilities, you can add additional tools alongside run_command by modifying the server implementation and updating the MCP tool schema.
• Ensure proper network isolation of the host environment running the MCP server to avoid unintended access by models or clients.