ACMS
Verified Safeby gattjoe
Overview
Provides programmatic access to Apple's container CLI tool on macOS via a Model Context Protocol (MCP) server.
Installation
python3 acms.py --port 8765 --host 127.0.0.1Environment Variables
- ENTRA_TENANT_ID
- ENTRA_CLIENT_ID
- ENTRA_CLIENT_SECRET
- ENTRA_REQUIRED_SCOPES
- MCP_SERVER_BASE_URL
Security Notes
The server wraps a local CLI tool and includes custom input validation (`_validate_container_arg`) to prevent command injection, which is a good practice. It uses `asyncio.create_subprocess_exec` to run commands without a shell, enhancing security. Secrets for OAuth are correctly sourced from environment variables. However, wrapping a powerful CLI inherently carries risks, and the `container_exec` function passes a `command` string that is `shlex.split`, which, while generally safer than direct string execution, still relies on `shlex`'s parsing and the underlying CLI's interpretation. The README explicitly warns: 'This is not secure, especially if you run it on a remote Mac OS endpoint on your home net,' indicating transparency about potential remote exposure risks.
Similar Servers
XcodeBuildMCP
A Model Context Protocol (MCP) server that provides Xcode-related tools for AI assistants, enabling programmatic interaction with Xcode projects, simulators, devices, and Swift packages.
mcp-k8s
A Kubernetes MCP (Model Control Protocol) server that enables natural language interaction with Kubernetes clusters and Helm for resource and release management.
k8s-mcp-server
Provides a standardized interface (MCP) for interacting with Kubernetes clusters and managing Helm releases.
toolhive-studio
ToolHive simplifies and secures the discovery, deployment, and management of Model Context Protocol (MCP) servers, enabling connections to AI agents and clients.