mcp-terminal
Verified Safeby alejoair
Overview
Provides interactive terminal sessions over REST API and MCP protocol, enabling AI agents and remote tools to execute shell commands and capture visual output.
Installation
mcp-terminal-emulatorEnvironment Variables
- MCP_TERMINAL_HOST
- MCP_TERMINAL_PORT
- MCP_TERMINAL_LOG_LEVEL
Security Notes
The server's core functionality involves executing arbitrary shell commands via a pseudo-terminal (PTY) using `terminado`. While this is its intended purpose, it means exposing the server without robust authentication and authorization is highly dangerous, as any connected client can execute commands on the host system. The default FastAPI CORS configuration `allow_origins=["*"]` is also a security risk for production environments and should be restricted to specific origins. No obvious direct command injection vulnerabilities were found outside of the inherent PTY functionality itself. The custom `_decode_escape_sequences` function adds a layer of input parsing, which could theoretically be a surface for subtle flaws if not rigorously tested, but it appears designed for safe character interpretation.
Similar Servers
ssh-mcp-server
Bridging AI assistants to remote SSH server operations for command execution, file transfer, and server status retrieval via the Model Context Protocol (MCP).
mcp-cli-ent
Orchestrates Model Context Protocol (MCP) servers and their tools on-demand for AI agents, without loading tool definitions directly into the agent's context window.
mcp-server-terminal
Enables AI agents to interact with and automate terminal applications by converting terminal content into a structured UI tree.
photons
A comprehensive demonstration MCP server showcasing various functionalities of the Photon runtime, including basic data handling, streaming responses, progress reporting, in-memory state management, and interactive UI elements. It serves as a reference for developers building new photons.