Command-Line MCP Server
A secure MCP server for executing terminal commands with controlled directory access and command permissions.
Command-Line MCP Server
An MCP server that lets AI assistants run terminal commands safely. Commands are categorized (read/write/system), directories are whitelisted, and dangerous patterns are blocked automatically.
Quick Start
pip install cmd-line-mcp
# Or from source
git clone https://github.com/andresthor/cmd-line-mcp.git
cd cmd-line-mcp
pip install -e .
Run the server:
cmd-line-mcp # default config
cmd-line-mcp --config config.json # custom config
Claude Desktop Setup
Add to ~/Library/Application Support/Claude/claude_desktop_config.json:
{
"mcpServers": {
"cmd-line": {
"command": "/path/to/venv/bin/cmd-line-mcp",
"args": ["--config", "/path/to/config.json"],
"env": {
"CMD_LINE_MCP_SECURITY_REQUIRE_SESSION_ID": "false",
"CMD_LINE_MCP_SECURITY_AUTO_APPROVE_DIRECTORIES_IN_DESKTOP_MODE": "true"
}
}
}
}
Restart Claude Desktop after saving.
[!TIP] Set
require_session_id: falseto prevent approval loops in Claude Desktop.
How It Works
Commands go through a validation pipeline before execution:
- Pattern matching — blocks dangerous constructs (
system(), shell escapes, etc.) - Command classification — each command must be in the read, write, system, or blocked list
- Directory check — target directory must be whitelisted or session-approved
- Approval check — write/system commands require session approval
Pipes, semicolons, and & are supported — each segment is validated independently.
What's Allowed
| Category | Commands | Approval |
|---|---|---|
| Read | ls, cat, grep, find, head, tail, sort, wc, … | Auto |
| Write | cp, mv, rm, mkdir, touch, chmod, awk, sed, … | Required |
| System | ps, ping, curl, ssh, xargs, … | Required |
| Blocked | sudo, bash, sh, python, eval, … | Always denied |
What's Blocked
Shells, scripting interpreters, and known command-execution vectors are blocked — including indirect execution through awk system(), sed /e, find -exec, tar --checkpoint-action, env, and xargs. See docs/SECURITY.md for the full list.
Configuration
The server works out of the box with sensible defaults. Customize via JSON config, environment variables, or .env files:
# Whitelist directories
export CMD_LINE_MCP_SECURITY_WHITELISTED_DIRECTORIES="/projects,/var/data"
# Add commands (merges with defaults)
export CMD_LINE_MCP_COMMANDS_READ="jq,rg"
See docs/CONFIGURATION.md for full configuration reference, MCP tool documentation, and directory security details.
License
MIT
Serveurs connexes
Scout Monitoring MCP
sponsorPut performance and error data directly in the hands of your AI assistant.
Alpha Vantage MCP Server
sponsorAccess financial market data: realtime & historical stock, ETF, options, forex, crypto, commodities, fundamentals, technical indicators, & more
Lanhu MCP
⚡ Boost Requirement Analysis Efficiency by 200%! The World's First Team Collaboration MCP Server Designed for the AI Coding Era. Automatically analyzes requirements, generates full-stack code, and downloads design assets.
Persona MCP Server
Dynamically manage AI personas from markdown files for AI assistants like Claude.
Remote MCP Server on Cloudflare
An example of a remote MCP server deployable on Cloudflare Workers, featuring customizable tools and no authentication.
Feishu OAuth MCP Server
An MCP server with built-in Feishu OAuth authentication, deployable on Cloudflare Workers.
Honeybadger
Interact with the Honeybadger API for error monitoring and reporting using LLMs.
Meta MCP Server
An MCP server for intelligent tool routing, using a Qdrant vector database and LM Studio for embeddings.
SEO & Web Analysis MCP Server
Lighthouse audits, PageSpeed analysis, SSL checks, tech stack detection, WHOIS and DNS queries
Second Opinion
Review commits and codebases using external LLMs like OpenAI, Google Gemini, and Mistral.
Metasploit MCP Server
An MCP server for integrating with the Metasploit Framework. Requires Metasploit Framework to be installed and msfrpcd to be running.
Helm Package README MCP Server
Search and retrieve detailed information, including READMEs, for Helm charts on Artifact Hub.