mcp -shell

This MCP server (shell) exposes a single tool named execute_command that lets an LLM run shell commands and receive their output. The tool takes a single argument, command, which is the shell command to execute. The response includes the executed command, combined stdout and stderr, and the return code, enabling the caller to determine success and inspect results. It’s designed for controlled environments where command execution needs to be auditable and constrained by the server’s runtime permissions.

To use the server, deploy it with your preferred runtime (uvx recommended) and then invoke the execute_command tool by sending a request with the command string. For Claude.app and Zed integrations, you configure the mcpServers context to point to the mcp-server-shell executable (via uvx) or via python -m mcp_server_shell, as shown in the installation instructions. The server will respond with the command output and return code, allowing you to chain commands or implement workflows that rely on shell state as reported by subsequent commands.

Prerequisites:

• Python (for the pip/pipx route) or uv/uvx (recommended) installed on your system
• Network access to run the MCP server if integrating with other services

Installation (uvx – recommended):

1. Ensure uv and uvx are available in your environment. No extra installation is required for uv itself.

2. Run the MCP server via uvx:

   uvx mcp-server-shell

3. If you’ve configured Claude or Zed integrations, use the provided mcpServers configuration to point to uvx with the appropriate argument, e.g.:

   "mcpServers": { "shell": { "command": "uvx", "args": ["mcp-server-shell"] } }

Installation (Python via pip):

1. Install the package in your Python environment:

   pip install mcp-server-shell

2. Run the server as a module:

   python -m mcp_server_shell

3. If configuring via Python, use the following command mapping:

   "mcpServers": { "shell": { "command": "python", "args": ["-m", "mcp_server_shell"] } }

Note: The shell server is security-sensitive since it executes arbitrary shell commands. Use appropriate access controls and network isolation to prevent unauthorized use.

Security note: The shell server executes commands on the host system. Limit access to trusted clients, apply least-privilege permissions, and consider adding command whitelisting or SAN (system action deny) controls for sensitive environments. If deploying in production, monitor usage with the MCP inspector and apply logging to capture executed commands and outputs. The available tool is execute_command with a single string argument; structure complex commands carefully and validate inputs at the client level to minimize risk.