Get the FREE Ultimate OpenClaw Setup Guide →

shellfirm

Terminal guardrails for humans and AI agents — intercepts dangerous commands with context-aware challenges before the damage is done.

Installation
Run this command in your terminal to add the MCP server to Claude Code.
Run in terminal:
View docs
Command
claude mcp add --transport stdio kaplanelad-shellfirm node dist/server.js \
  --env SHFIRM_DEBUG="true|false" \
  --env SHFIRM_API_KEY="Your Shellfirm API key (if required by the MCP server)"

How to use

Shellfirm's MCP server exposes its risk analysis and safety tooling to AI agents and automation platforms. Once running, clients can invoke the MCP endpoints to check whether a given shell command is risky, retrieve suggested safer alternatives, obtain detailed explanations of why a command is dangerous, and fetch the active safety policy for the current project. Tools available via the MCP surface include: check_command (analyzes a command and returns severity, matched rules, and alternatives), suggest_alternative (offers safer replacements), explain_risk (provides a narrative about the risk and impact), and get_policy (reads the current shellfirm configuration and project policy). This enables agents like Claude Code or Cursor to pre-screen or safely modify commands before execution in automated workflows.

How to install

Prerequisites:

  • Node.js (v14+ recommended) and npm installed on the host
  • Access to the MCP server package (either built-in server bundle or source)

Installation steps:

  1. Install dependencies for the MCP server package (if distributing as a Node.js project): npm install

  2. Build or prepare the server bundle if required (depends on your release process): npm run build

  3. Start the MCP server (example using the included node entry): npm run start

    or if you run a built dist: node dist/server.js

  4. Verify the server is running and listening (default port may be 3000 or as configured): curl http://localhost:3000/health

  5. Configure your MCP client to point at the running server using the provided mcp_config. If you deploy in a container or remote environment, adjust the host/port accordingly.

Additional notes

Notes and tips:

  • Ensure your environment variables are set for any required API keys or debugging flags (for example SHFIRM_API_KEY).
  • The MCP server may expose multiple endpoints; use get_policy to verify the active configuration for a given project.
  • If running behind a reverse proxy or in Kubernetes, ensure appropriate network policies allow the MCP endpoint to be reached by AI agents.
  • For CI/CD integrations, consider enabling a minimal risk threshold by adjusting the severity levels (Critical/High/Medium/Low/Info) in your policy file.
  • If you encounter authentication or rate-limit issues, confirm that the API keys and quotas for the underlying shellfirm service are correctly configured and that the MCP server is allowed to access them.
  • Logging is typically emitted in JSON-lines format for audit trails; ensure log sinks are configured appropriately for your environment.

Related MCP Servers

kagent

2.3k

Cloud Native Agentic AI | Discord: https://bit.ly/kagentdiscord

cunzhi

1.2k

告别AI提前终止烦恼,助力AI更加持久

better-chatbot

1.0k

Just a Better Chatbot. Powered by Agent & MCP & Workflows.

ai-dev-tools-zoomcamp

986

AI Dev Tools Zoomcamp is a free course that helps you use AI tools to write better code, faster. We're starting the first cohort of this course on November 18, 2025! Sign up here to join us 👇🏼

skillz

370

An MCP server for loading skills (shim for non-claude clients).

building-an-agentic-system

292

An in-depth book and reference on building agentic systems like Claude Code

Sponsor this space

Reach thousands of developers