mcp-server-code-execution-mode

Name: mcp-server-code-execution-mode
Author: elusznik

Verified Safe

by elusznik

View Source

Overview

This server enables LLM agents to execute Python code in a highly secure, isolated container environment, facilitating complex multi-tool orchestration and data analysis with minimal LLM context token usage.

Installation

Run Command

uvx --from git+https://github.com/elusznik/mcp-server-code-execution-mode mcp-server-code-execution-mode run

Environment Variables

MCP_BRIDGE_RUNTIME
MCP_BRIDGE_IMAGE
MCP_BRIDGE_TIMEOUT
MCP_BRIDGE_MAX_TIMEOUT
MCP_BRIDGE_MEMORY
MCP_BRIDGE_PIDS
MCP_BRIDGE_CPUS
MCP_BRIDGE_CONTAINER_USER
MCP_BRIDGE_RUNTIME_IDLE_TIMEOUT
MCP_BRIDGE_STATE_DIR
MCP_BRIDGE_OUTPUT_MODE
MCP_BRIDGE_LOG_LEVEL
MCP_SERVERS_CONFIG
MCP_BRIDGE_ALLOW_SELF_SERVER

Security Notes

The server executes user-provided Python code using `eval(compile(code, ...), ...)` within a highly restricted, rootless container sandbox. This sandbox enforces strict isolation: no network, read-only rootfs, all capabilities dropped, no new privileges, unprivileged user (65534:65534), and resource limits (memory, PIDs, CPU, timeout). All MCP traffic is mediated by the host, providing an audit trail and preventing direct access to the host or external networks. While `eval` is used, it is the core function of the isolated sandbox, not a direct vulnerability in this hardened setup. The project's history explicitly details lessons from failed insecure prototypes, indicating a strong architectural commitment to security.

Similar Servers

hyper-mcp

837

A fast, secure Model Context Protocol (MCP) server that extends its capabilities through WebAssembly plugins, enabling AI agents to access tools, resources, and prompts.

Other

$Low

mcp-server

222

Provides a Model Context Protocol (MCP) server for AI agents to search and retrieve curated documentation for the Strands Agents framework, facilitating AI coding assistance.

Other

$Medium