Command-Line MCP Server
A secure MCP server for executing terminal commands with controlled directory access and command permissions.
Command-Line MCP Server
An MCP server that lets AI assistants run terminal commands safely. Commands are categorized (read/write/system), directories are whitelisted, and dangerous patterns are blocked automatically.
Quick Start
pip install cmd-line-mcp
# Or from source
git clone https://github.com/andresthor/cmd-line-mcp.git
cd cmd-line-mcp
pip install -e .
Run the server:
cmd-line-mcp # default config
cmd-line-mcp --config config.json # custom config
Claude Desktop Setup
Add to ~/Library/Application Support/Claude/claude_desktop_config.json:
{
"mcpServers": {
"cmd-line": {
"command": "/path/to/venv/bin/cmd-line-mcp",
"args": ["--config", "/path/to/config.json"],
"env": {
"CMD_LINE_MCP_SECURITY_REQUIRE_SESSION_ID": "false",
"CMD_LINE_MCP_SECURITY_AUTO_APPROVE_DIRECTORIES_IN_DESKTOP_MODE": "true"
}
}
}
}
Restart Claude Desktop after saving.
[!TIP] Set
require_session_id: falseto prevent approval loops in Claude Desktop.
How It Works
Commands go through a validation pipeline before execution:
- Pattern matching — blocks dangerous constructs (
system(), shell escapes, etc.) - Command classification — each command must be in the read, write, system, or blocked list
- Directory check — target directory must be whitelisted or session-approved
- Approval check — write/system commands require session approval
Pipes, semicolons, and & are supported — each segment is validated independently.
What's Allowed
| Category | Commands | Approval |
|---|---|---|
| Read | ls, cat, grep, find, head, tail, sort, wc, … | Auto |
| Write | cp, mv, rm, mkdir, touch, chmod, awk, sed, … | Required |
| System | ps, ping, curl, ssh, xargs, … | Required |
| Blocked | sudo, bash, sh, python, eval, … | Always denied |
What's Blocked
Shells, scripting interpreters, and known command-execution vectors are blocked — including indirect execution through awk system(), sed /e, find -exec, tar --checkpoint-action, env, and xargs. See docs/SECURITY.md for the full list.
Configuration
The server works out of the box with sensible defaults. Customize via JSON config, environment variables, or .env files:
# Whitelist directories
export CMD_LINE_MCP_SECURITY_WHITELISTED_DIRECTORIES="/projects,/var/data"
# Add commands (merges with defaults)
export CMD_LINE_MCP_COMMANDS_READ="jq,rg"
See docs/CONFIGURATION.md for full configuration reference, MCP tool documentation, and directory security details.
License
MIT
相關伺服器
Alpha Vantage MCP Server
贊助Access financial market data: realtime & historical stock, ETF, options, forex, crypto, commodities, fundamentals, technical indicators, & more
T-IA Connect
A Model Context Protocol (MCP) bridge to programmatically control Siemens TIA Portal (PLC, blocks, tags, and HMI).
browser-devtools-mcp
A Playwright-based MCP server that exposes a live browser as a traceable, inspectable, debuggable and controllable execution environment for AI agents.
CryptoAnalysisMCP
Provides comprehensive cryptocurrency technical analysis, including real-time price data, technical indicators, chart pattern detection, and trading signals for over 2,500 cryptocurrencies.
Image Generation
Generate images from text prompts using the Together AI API.
Blend MCP
An AI gateway for the Blend Protocol on Stellar, enabling DeFi actions like lending, borrowing, and pool creation through AI assistants or apps.
MCP Prompt Optimizer
Optimize prompts with research-backed strategies for 15-74% performance improvements.
Basalt
Design system MCP server — query tokens, components, icons, and WCAG contrast data from Git-backed design systems.
Zen MCP
An AI-powered server providing access to multiple models for code analysis, problem-solving, and collaborative development with guided workflows.
llm-cli-gateway
Unified MCP server providing access to Claude Code, Codex, and Gemini CLIs through a single gateway. Features multi-LLM orchestration, persistent session management, async job execution with polling, approval gates, retry with circuit breakers, and token optimization. Install: npx -y llm-cli-gateway
Refactory
Hybrid decomp tool — AI decides WHERE to split your monolith, deterministic engine COPIES the code. Minimize tokens, maximize syntax validity.