playbooks

home / mcp / shell mcp server

Shell MCP Server

Provides secure, whitelisted remote command execution with stdin support and full execution feedback.

Installation
Add the following to your MCP client configuration file.

Configuration

View docs
{
  "mcpServers": {
    "tumf-mcp-shell-server": {
      "command": "uvx",
      "args": [
        "mcp-shell-server"
      ],
      "env": {
        "ALLOW_COMMANDS": "ls,cat,echo"
      }
    }
  }
}

You can securely execute whitelisted shell commands on demand using the MCP Shell Server. This server validates commands, supports standard input, and returns detailed execution results, including stdout, stderr, exit status, and execution time. It focuses on safety by enforcing a whitelist and guarding against shell operator pitfalls, while giving you control over how long a command can run.

How to use

To run this MCP server from your environment, you start it as a local process and specify which commands are allowed. You then send command execution requests through your MCP client, receiving structured results that include output and timing.

How to install

Prerequisites you need before starting the server:

pip install mcp-shell-server

Start the Shell Server locally with a whitelist of allowed commands. You provide the allowed list using an environment variable named ALLOW_COMMANDS. The server runs as a stdio MCP endpoint and can be started with the following command:

ALLOW_COMMANDS="ls,cat,echo" uvx mcp-shell-server

If you prefer using the alias for the environment variable, you can set ALLOWED_COMMANDS instead of ALLOW_COMMANDS, like this:

ALLOWED_COMMANDS="ls,cat,echo" uvx mcp-shell-server

Additional setup notes

You can customize which commands are permitted by assigning a comma-separated list to the environment variable. Whitelisted commands are validated both before execution and after any shell operators to prevent unsafe patterns. The server does not invoke commands through a shell, reducing the risk of shell injection.

Configuration and security

- Command Whitelisting: Only commands you explicitly allow can be executed. - Shell Operator Validation: Commands following shell operators are checked against the whitelist. - No Shell Injection: Commands are executed directly without shell interpretation.

Troubleshooting and notes

If you encounter issues starting the server, verify that Python and Pip are installed, confirm the MCP package is installed, and ensure the ALLOW_COMMANDS value is valid (a comma-separated list with optional spaces). Check for any typos in environment variable names and confirm you are using the correct startup command for your environment.

Examples of common usage patterns

- Run a simple whitelist check and capture output - Provide input to a command via stdin - Set a timeout to prevent long-running processes from tying up resources