CLI MCP Server
by MCP-Mirror
A secure Model Context Protocol (MCP) server implementation for executing controlled command-line operations with comprehensive security features. It's perfect for providing controlled CLI access to LLM applications while maintaining security.
Last updated: N/A
What is CLI MCP Server?
This MCP server enables secure command-line execution with robust security measures including command whitelisting, path validation, and execution controls.
How to use CLI MCP Server?
Configure the server using environment variables such as ALLOWED_DIR, ALLOWED_COMMANDS, ALLOWED_FLAGS, MAX_COMMAND_LENGTH, and COMMAND_TIMEOUT. Install using Smithery or configure manually for Claude Desktop. Use the run_command tool to execute whitelisted commands and the show_security_rules tool to display the current security configuration.
Key features of CLI MCP Server
Secure command execution with strict validation
Configurable command and flag whitelisting
Path traversal prevention and validation
Shell operator injection protection
Execution timeouts and length limits
Detailed error reporting
Async operation support
Working directory restriction and validation
Use cases of CLI MCP Server
Providing controlled CLI access to LLM applications
Securely executing commands in sandboxed environments
Enforcing security policies for command-line tools
Integrating with Claude Desktop for secure command execution
FAQ from CLI MCP Server
What is the purpose of ALLOWED_DIR?
What is the purpose of ALLOWED_DIR?
ALLOWED_DIR specifies the base directory for command execution, ensuring commands only operate within a defined scope.
How do I allow all commands?
How do I allow all commands?
Set the ALLOWED_COMMANDS environment variable to 'all' to allow any command to be executed.
What security features are included?
What security features are included?
The server includes command whitelisting, flag validation, path traversal prevention, shell operator blocking, command length limits, execution timeouts, and working directory restrictions.
How do I debug the server?
How do I debug the server?
The recommended approach is to use the MCP Inspector, which provides a debugging interface for MCP servers running over stdio.
What happens if a command exceeds the timeout?
What happens if a command exceeds the timeout?
A CommandTimeoutError is raised, preventing the command from completing and ensuring resources are not held indefinitely.