code-executor-MCP
Verified Safeby Muhumuree
Overview
A local server that acts as a secure, isolated sandbox to execute TypeScript/Python code, providing a unified interface to access multiple external Model Context Protocol (MCP) tools and significantly reducing token usage for upstream LLMs.
Installation
code-executor-mcpEnvironment Variables
- DENO_PATH
- PYTHON_SANDBOX_READY
- MCP_CONFIG_PATH
- ANTHROPIC_API_KEY
- OPENAI_API_KEY
- GEMINI_API_KEY
- GROK_API_KEY
- PERPLEXITY_API_KEY
- CODE_EXECUTOR_SAMPLING_ENABLED
- ENABLE_AUDIT_LOG
- AUDIT_LOG_PATH
- ALLOWED_PROJECTS
- POOL_MAX_CONCURRENT
- POOL_QUEUE_SIZE
- POOL_QUEUE_TIMEOUT_MS
- HEALTH_CHECK_PORT
- HEALTH_CHECK_HOST
Security Notes
The Deno-based TypeScript executor operates within a robust sandbox using granular `--allow-` permissions and memory limits, with network requests validated against SSRF patterns. The Python executor defaults to a secure Pyodide WebAssembly sandbox (if `PYTHON_SANDBOX_READY=true`) or is explicitly disabled with a security warning if only the insecure native executor is available. The system explicitly warns that its regex-based dangerous pattern blocking is for 'defense-in-depth only' and 'NOT A SECURITY BOUNDARY', advising reliance on sandbox permissions and process isolation instead. MCP proxy communication is secured with cryptographically strong bearer tokens and constant-time comparison. Content filtering is implemented to redact secrets and PII from LLM sampling responses. Audit logging is comprehensive with content hashing. Overall, the system prioritizes security defaults, but users must understand sandbox limitations when allowing untrusted code.
Similar Servers
mcp-server-code-execution-mode
This server enables LLM agents to execute Python code in a highly secure, isolated container environment, facilitating complex multi-tool orchestration and data analysis with minimal LLM context token usage.
Lynkr
Lynkr is an AI orchestration layer that acts as an LLM gateway, routing language model requests to various providers (Ollama, Databricks, OpenAI, etc.). It provides an OpenAI-compatible API and enables AI-driven coding tasks via a rich set of tools and a multi-agent framework, with a strong focus on security, performance, and token efficiency. It allows AI agents to interact with a defined workspace (reading/writing files, executing shell commands, performing Git operations) and leverages long-term memory and agent learning to enhance task execution.
mcpproxy-go
MCPProxy super-charges AI agents with intelligent tool discovery, massive token savings, and built-in security quarantine against malicious Model Context Protocol (MCP) servers.
ipybox
A Python code execution sandbox for AI agents to programmatically interact with MCP tools and execute code actions in a stateful, sandboxed environment.