CLI MCP Server
by MladenSU
A secure Model Context Protocol (MCP) server implementation for executing controlled command-line operations with comprehensive security features. It's perfect for providing controlled CLI access to LLM applications while maintaining security.
Last updated: N/A
What is CLI MCP Server?
This MCP server enables secure command-line execution with robust security measures including command whitelisting, path validation, and execution controls.
How to use CLI MCP Server?
Configure the server using environment variables such as ALLOWED_DIR, ALLOWED_COMMANDS, ALLOWED_FLAGS, MAX_COMMAND_LENGTH, and COMMAND_TIMEOUT. Install the server using npx @smithery/cli install cli-mcp-server --client claude and integrate it with Claude Desktop by adding the server configuration to the claude_desktop_config.json file.
Key features of CLI MCP Server
Secure command execution with strict validation
Configurable command and flag whitelisting
Path traversal prevention and validation
Shell operator injection protection
Execution timeouts and length limits
Detailed error reporting
Async operation support
Working directory restriction and validation
Use cases of CLI MCP Server
Providing controlled CLI access to LLM applications
Securely executing commands in a sandboxed environment
Validating and restricting command-line operations
Integrating with Claude Desktop for secure command execution
FAQ from CLI MCP Server
What is the purpose of ALLOWED_DIR?
What is the purpose of ALLOWED_DIR?
ALLOWED_DIR specifies the base directory for command execution, ensuring that commands are only executed within this directory.
How can I allow all commands?
How can I allow all commands?
Set the ALLOWED_COMMANDS environment variable to 'all' to allow any command to be executed.
What security measures are in place?
What security measures are in place?
The server implements command whitelisting, flag validation, path traversal prevention, shell operator blocking, command length limits, execution timeouts, and working directory restrictions.
How do I debug the server?
How do I debug the server?
The README recommends using the MCP Inspector for debugging, which can be launched using npx @modelcontextprotocol/inspector uv --directory {{your source code local directory}}/cli-mcp-server run cli-mcp-server.
What kind of errors are handled?
What kind of errors are handled?
The server provides detailed error messages for security violations, command timeouts, invalid command formats, path security violations, execution failures, and general command errors.