mcp_workspace_server
Verified Safeby ShayYeffet
Overview
A secure, sandboxed server that gives LLMs controlled file system access to build and manage projects.
Installation
node /ABSOLUTE/PATH/TO/mcp_workspace_server/dist/index.jsEnvironment Variables
- MCP_WORKSPACE_ROOT
- MCP_ALLOWED_COMMANDS
- MCP_READ_ONLY
- MCP_LOG_LEVEL
- MCP_COMMAND_TIMEOUT
Security Notes
The server implements robust security measures including comprehensive path traversal protection, absolute path blocking, and symbolic link resolution via `pathUtils.ts`. Command execution is strictly controlled by an allowlist (`MCP_ALLOWED_COMMANDS`) and uses `child_process.spawn` with `shell: false` to prevent injection. An optional read-only mode is available. Communication is via stdio, reducing external network attack surface. No 'eval' or similar dangerous patterns were found without clear justification. Atomic file writes prevent partial corruption. Overall, security is a primary focus with well-implemented and tested safeguards.
Similar Servers
mcp-filesystem-server
Provides secure and controlled access to the local filesystem via the Model Context Protocol (MCP) for AI agents and other applications.
mcp-server-code-execution-mode
This server enables LLM agents to execute Python code in a highly secure, isolated container environment, facilitating complex multi-tool orchestration and data analysis with minimal LLM context token usage.
ipybox
A lightweight and secure Python code execution sandbox for AI agents to perform data analysis or execute code actions within Docker containers.
llms
A centralized configuration and documentation management system for LLMs, providing tools for building skills, commands, agents, prompts, and managing MCP servers across multiple LLM providers.