shell-mcp
Verified Safeby FreeOnlineUser
Overview
Provides secure local and remote shell access for Claude Desktop, enabling AI to interact with system environments.
Installation
dotnet C:\path\to\release\shell-mcp.dllEnvironment Variables
- SHELL_MCP_MODE
- SHELL_MCP_START_DIR
- SSH_BRIDGE_PATH
Security Notes
The project demonstrates a strong focus on security for its intended purpose of providing AI with shell access. It implements explicit security modes ('safe' with allowlists, 'dangerous' with per-command approval), a hardcoded blocklist for critical commands (e.g., `format`, `rm -rf /`), real-time command visibility, and a user-controlled 'Lift Pen' feature for instant pausing. SSH passwords are held in memory only, and sudo support is opt-in and disabled by default. While giving an AI shell access inherently carries risk, the extensive safeguards and user control mechanisms significantly mitigate these risks, making it safe to run under responsible user oversight.
Similar Servers
DesktopCommanderMCP
This server empowers AI agents to search, update, manage files, and execute terminal commands on a local or containerized desktop environment. It provides enhanced filesystem operations, process control, and data analysis capabilities with support for various file types like text, Excel, and PDF.
tmux-mcp
Enables AI assistants (like Claude Desktop) to interact with, control, and observe tmux terminal sessions by providing tools for session management and command execution.
mcp-ssh-orchestrator
Provides secure, policy-driven SSH orchestration for AI agents to manage server infrastructure with audit logging, enforcing zero-trust principles.
claude-command-runner
Facilitates AI-driven command execution and terminal automation by bridging Claude Desktop with local macOS terminals, primarily Warp, enabling intelligent output capture, command pipelines, real-time streaming, and reusable templates for developers.