mcp-code-exec-python
by heroku
Overview
A Model Context Protocol (MCP) server designed to execute arbitrary Python code and install packages, primarily for integration with Heroku and AI agents.
Installation
uvicorn src.streamable_http_server:appEnvironment Variables
- API_KEY
- PORT
- WEB_CONCURRENCY
- STDIO_MODE_ONLY
- REMOTE_SERVER_TRANSPORT_MODULE
- USE_TEMP_DIR
Security Notes
The server is explicitly designed to execute arbitrary Python code and install arbitrary pip packages provided by the client. While it utilizes temporary virtual environments for package isolation, the source code explicitly states that this 'does NOT mean the code is fully isolated or secure - it just means the package installations are isolated.' This functionality poses an extremely high security risk if exposed to untrusted inputs, as it grants arbitrary command execution, network access, and filesystem access within the Heroku dyno's Python environment. Authentication via API_KEY is present but does not mitigate the risk of a compromised key or an authorized but malicious user. The `STDIO_MODE_ONLY=true` configuration option is recommended for security in non-development environments, indicating recognition of the severe risks associated with its web-exposed transports.
Similar Servers
mcp-server-code-execution-mode
This server enables LLM agents to execute Python code in a highly secure, isolated container environment, facilitating complex multi-tool orchestration and data analysis with minimal LLM context token usage.
mcp-run-python
Execute Python code in a secure, sandboxed environment, often for AI agents or untrusted code execution.
ipybox
A lightweight and secure Python code execution sandbox for AI agents to perform data analysis or execute code actions within Docker containers.
lex
Provides a UK legal research API with advanced search capabilities (semantic, keyword, reference) across legislation, caselaw, amendments, and explanatory notes, optimized for AI agents via MCP integration. It processes and indexes millions of legal documents using hybrid vector search and AI-generated summaries/explanations, supporting large-scale legal data analysis.