codemode
by anaseqal
Overview
Enables LLM agents to execute arbitrary Python code for a wide range of tasks, acting as a universal coding agent.
Installation
uvx mcp-pyrunnerSecurity Notes
CRITICAL RISK: This server executes arbitrary Python code provided by an LLM, which can be jailbroken. In 'direct' execution mode (default), code runs with the user's full permissions, allowing complete filesystem and network access. While 'docker' mode is offered for sandboxing, its implementation uses `--network=host`, which negates network isolation by giving the container full access to the host's network stack. This is a significant security flaw for a sandbox and allows executed code to interact with the host network. Additionally, `auto_install` can lead to untrusted package installation, and `detect_and_encode_files` could exfiltrate sensitive local files if the LLM is prompted to output their paths. It is fundamentally unsafe to run with untrusted input.
Similar Servers
wcgw
An MCP server that empowers AI chat applications to execute shell commands, edit code, and manage project context on a local machine for development tasks.
mcp-server-code-execution-mode
This server enables LLM agents to execute Python code in a highly secure, isolated container environment, facilitating complex multi-tool orchestration and data analysis with minimal LLM context token usage.
mcp-server
Provides a Model Context Protocol (MCP) server for AI agents to search and retrieve curated documentation for the Strands Agents framework, facilitating AI coding assistance.
zeromcp
A minimal, pure Python Model Context Protocol (MCP) server for exposing tools, resources, and prompts via HTTP/SSE and Stdio transports.