skillz
by Algiras
Overview
A self-extending Model Context Protocol (MCP) server that enables AI agents to dynamically create, manage, and execute custom tools (WASM, scripts, pipelines) at runtime, with features like persistent memory and Docker service integration.
Installation
skillzEnvironment Variables
- TOOLS_DIR
- SKILLZ_ROOTS
- SKILLZ_SANDBOX
- SKILLZ_SANDBOX_NETWORK
- HOME
- USER
- LANG
- PATH
- TERM
- SKILLZ_*
Security Notes
The project extensively documents and implements sandboxing for 'Script Tools' executed via `call_tool`. However, the `execute_code` tool, which explicitly runs AI-generated Python/Node.js code, directly spawns interpreter commands (`python3`, `node`) without routing through the internal `ToolRuntime`'s sandbox (`SandboxConfig::wrap_command`). This means code executed via `execute_code` runs *without* the configured sandboxing, posing a critical vulnerability if untrusted or malicious AI-generated code is executed. Additionally, script tools default to full network access unless `SKILLZ_SANDBOX_NETWORK=1` is explicitly set in conjunction with a Linux sandbox.
Similar Servers
hyper-mcp
A fast, secure Model Context Protocol (MCP) server that extends its capabilities through WebAssembly plugins, enabling AI features in applications like Cursor IDE.
wcgw
An MCP server that empowers AI chat applications to execute shell commands, edit code, and manage project context on a local machine for development tasks.
octomind
Octomind is a session-first AI development assistant with built-in Model Context Protocol (MCP) tools and multi-provider AI support, enabling interactive AI conversations, code analysis, file system management, and web research.
mcp-framework
A Rust framework implementing the Model Context Protocol for building production-ready MCP servers, clients, and intelligent AI agents that integrate with LLMs for tool use and browser automation.