Labsco
andresthor logo

Command-Line MCP Server

โ˜… 10

from andresthor

A secure MCP server for executing terminal commands with controlled directory access and command permissions.

๐Ÿ”ฅ๐Ÿ”ฅ๐Ÿ”ฅโœ“ VerifiedFreeNeeds API keys

Command-Line MCP Server

PyPI version Python Versions License: MIT

An MCP server that lets AI assistants run terminal commands safely. Commands are categorized (read/write/system), directories are whitelisted, and dangerous patterns are blocked automatically.


How It Works

Commands go through a validation pipeline before execution:

  1. Pattern matching โ€” blocks dangerous constructs (system(), shell escapes, etc.)
  2. Command classification โ€” each command must be in the read, write, system, or blocked list
  3. Directory check โ€” target directory must be whitelisted or session-approved
  4. Approval check โ€” write/system commands require session approval

Pipes, semicolons, and & are supported โ€” each segment is validated independently.

What's Allowed

CategoryCommandsApproval
Readls, cat, grep, find, head, tail, sort, wc, โ€ฆAuto
Writecp, mv, rm, mkdir, touch, chmod, awk, sed, โ€ฆRequired
Systemps, ping, curl, ssh, xargs, โ€ฆRequired
Blockedsudo, bash, sh, python, eval, โ€ฆAlways denied

What's Blocked

Shells, scripting interpreters, and known command-execution vectors are blocked โ€” including indirect execution through awk system(), sed /e, find -exec, tar --checkpoint-action, env, and xargs. See docs/SECURITY.md for the full list.