shell-tools-mcp
by rcx86
Overview
An MCP server for shell tools, allowing an agent to run shell commands and edit files via the Model Context Protocol.
Installation
uv run shell-tools-mcp-serverSecurity Notes
The `run_shell_command` tool uses `subprocess.run(shell=True)`, which is a severe security vulnerability if the `command` argument can be influenced by untrusted input, allowing arbitrary command injection. The file manipulation tools (`file_edit`, `file_multi_edit`, `file_read`, `file_replace`) allow operations on arbitrary `file_path` inputs, potentially leading to unauthorized file access, modification, or data exfiltration if the server is exposed or receives malicious path inputs. No input sanitization or path validation beyond `os.path.isfile` is present for file paths. Running the server over HTTP (especially on `0.0.0.0` if configured) would expose these highly privileged operations over the network.
Similar Servers
ssh-mcp-server
Bridging AI assistants to remote SSH server operations for command execution, file transfer, and server status retrieval via the Model Context Protocol (MCP).
mmcp
Manages Model Context Protocol (MCP) server definitions in a central configuration and applies them to various AI agent tools.
filesystem-mcp
Provides secure, efficient, and token-optimized filesystem operations for AI agents via the Model Context Protocol.
dev-kit-mcp-server
A Model Context Protocol (MCP) server targeted for agent development tools, providing scoped authorized operations in the root project directory.