mcp-run-python
Verified Safeby pydantic
Overview
MCP server to securely run untrusted Python code in a sandboxed WebAssembly environment, typically as a tool for AI agents.
Installation
uvx mcp-run-python stdioSecurity Notes
The server's core function is to execute arbitrary Python code. This is achieved within a robust sandbox provided by Pyodide (WebAssembly) running on Deno. Deno's explicit permission model is used to limit file system access (read-only for execution, write for dependency installation to `./node_modules` only). Importantly, `process.env` is polyfilled to be an empty object within the sandbox, preventing secrets leakage or environment tampering by executed code. The main point of caution is the `--allow-net` flag which is enabled by default when running the server via the CLI (`mcp-run-python` command) but is configurable (`--disable-networking`). The `code_sandbox` helper in the Python library defaults to `allow_networking=False`, offering a more secure default for programmatic use.
Similar Servers
hyper-mcp
A fast, secure Model Context Protocol (MCP) server that extends its capabilities through WebAssembly plugins, enabling AI agents to access tools, resources, and prompts.
mcp-server-code-execution-mode
This server enables LLM agents to execute Python code in a highly secure, isolated container environment, facilitating complex multi-tool orchestration and data analysis with minimal LLM context token usage.
ipybox
A Python code execution sandbox for AI agents to programmatically interact with MCP tools and execute code actions in a stateful, sandboxed environment.
mcp-code-exec-python
Provides a Model Context Protocol (MCP) server for executing arbitrary Python code with optional package installations, supporting HTTP, SSE, and STDIO transports.