PyBun

Name: PyBun
Author: VOID-TECHNOLOGY-INC

by VOID-TECHNOLOGY-INC

Overview

Programmatic interaction with the PyBun CLI for automation or AI agent integration, serving as a backend for system-level Python tooling.

Installation

Run Command

pybun mcp serve --stdio

Environment Variables

PYBUN_HOME
PYBUN_TELEMETRY
PYBUN_TELEMETRY_ENDPOINT
PYBUN_TELEMETRY_TAGS
PYBUN_PYPI_BASE_URL
PYBUN_PYPI_CACHE_DIR
PIP_INDEX_URL
PIP_EXTRA_INDEX_URL
UV_INDEX_URL
UV_EXTRA_INDEX_URL
PYBUN_PEP723_DRY_RUN
PYBUN_PEP723_NO_CACHE
PYBUN_PEP723_BACKEND
PYBUN_X_DRY_RUN
PYBUN_BUILD_NO_CACHE
PYBUN_SANDBOX_ALLOW_NETWORK
PYBUN_SELF_UPDATE_MANIFEST
PYBUN_SELF_UPDATE_FETCH
PYBUN_SUPPORT_UPLOAD_URL
PYBUN_TRACE
PYBUN_LOG

Security Notes

The MCP server (`pybun mcp serve`) exposes JSON-RPC methods (`call_run`, `call_gc`, `call_doctor`) that execute `pybun` commands as subprocesses. While Rust's `std::process::Command::args` API generally prevents shell injection, allowing an external entity (e.g., an AI agent) to call `call_run` with arbitrary Python script paths or inline code without robust input validation or mandatory sandboxing is a severe privilege escalation risk. The `--sandbox` feature in `pybun run` provides a lightweight Python-level sandbox (blocking subprocesses, optional network access), but it is an opt-in argument, not enforced by the MCP server's `call_run` method. If the MCP server is exposed to untrusted inputs, it effectively grants arbitrary code execution on the host machine.

Similar Servers

code-assistant

138

Standardizes communication between code editors and AI coding agents, enabling autonomous code analysis and modification via command-line, GUI, or server modes.

Other

$High

Polymcp

A comprehensive TypeScript framework for building and orchestrating Model Context Protocol (MCP) servers and AI agents, enabling LLMs to intelligently discover, select, and execute external tools.

Other

$Medium