How do I install mcp-shell 🐚?

Install mcp-shell 🐚 with a single command: npx mdskills install sonirico/mcp-shell. This downloads the skill files into your project and your AI agent picks them up automatically.

What platforms support mcp-shell 🐚?

mcp-shell 🐚 works with Claude Code, Claude Desktop, Cursor, Vscode Copilot, Windsurf, Continue Dev, Gemini Cli, Amp, Roo Code, Goose. Skills use the open SKILL.md format which is compatible with any AI coding agent that reads markdown instructions.

← Back to MCP servers

mcp-shell 🐚

Name: mcp-shell 🐚: AI Agent Skill
Rating: 8 (1 reviews)
Author: sonirico

Verified

MCP ServerIntermediate

A robust Model Context Protocol (MCP) server that provides secure shell command execution capabilities to AI assistants and other MCP clients. In other words: the brain thinks, this runs the commands. This tool creates a bridge between AI systems and your shell environment through the standardized MCP protocol. It exposes the system shell as a structured tool, enabling autonomous workflows, tool-a

by @sonirico0Updated 1 weeks ago

Add this skill

npx mdskills install sonirico/mcp-shell

Fork & Edit

Skill Advisor8.0

Well-documented shell execution MCP server with strong security features and clear setup instructions

+Provides comprehensive security controls with allowlists, blocklists, and execution limits
+Documents structured JSON responses with clear tool parameters and integration examples
+Offers multiple deployment options including Docker isolation and environment-based configuration
-Defaults to full system access when security is disabled, requiring careful production setup

SKILL.md

Edit in Browser

1# mcp-shell 🐚
2[![Trust Score](https://archestra.ai/mcp-catalog/api/badge/quality/sonirico/mcp-shell)](https://archestra.ai/mcp-catalog/sonirico__mcp-shell)
3 
4A robust Model Context Protocol (MCP) server that provides secure shell command execution capabilities to AI assistants and other MCP clients. In other words: the brain thinks, this runs the commands.
5 
6> 🧠💥🖥️ *Think of `mcp-shell` as the command-line actuator for your LLM.*
7> While language models reason about the world, `mcp-shell` is what lets them **touch it**.
8 
9<a href="https://glama.ai/mcp/servers/@sonirico/mcp-shell">
10  <img width="380" height="200" src="https://glama.ai/mcp/servers/@sonirico/mcp-shell/badge" alt="mcp-shell MCP server" />
11</a>
12 
13## What is this?
14 
15This tool creates a bridge between AI systems and your shell environment through the standardized MCP protocol. It exposes the system shell as a structured tool, enabling autonomous workflows, tool-assisted reasoning, and real-world problem solving.
16 
17Built on top of the official MCP SDK for Go: [mark3labs/mcp-go](https://github.com/mark3labs/mcp-go).
18 
19It's written in Go, integrates directly with `mcp-go`, and provides a clean path from thought to execution. I'm aware similar projects exist — this one's mine. It solves the problem the way I want it solved: minimal, composable, auditable.
20 
21Out of the box it runs isolated via Docker, but that's just a start. The roadmap includes support for optional jailing mechanisms like `chroot`, namespaces, and syscall-level confinement — without depending on Docker for everything.
22 
23## Features
24 
25- **🔒 Security First**: Configurable command allowlists, blocklists, and execution constraints
26- **🐳 Docker Ready**: Lightweight Alpine-based container for secure isolation
27- **📊 Structured Responses**: JSON-formatted output with stdout, stderr, exit codes, and execution metadata
28- **🔄 Binary Data Support**: Optional base64 encoding for handling binary command output
29- **⚡ Performance Monitoring**: Execution time tracking and resource limits
30- **📋 Audit Logging**: Complete command execution audit trail with structured logging
31- **🎯 Context Aware**: Supports command execution with proper context cancellation
32- **⚙️ Environment Configuration**: Full configuration via environment variables
33 
34## Security Features
35 
36- **Command Validation**: Allowlist/blocklist with regex pattern matching
37- **Execution Limits**: Configurable timeouts and output size limits
38- **User Isolation**: Run commands as unprivileged users
39- **Working Directory**: Restrict execution to specific directories
40- **Audit Trail**: Complete logging of all command executions
41- **Resource Limits**: Memory and CPU usage constraints
42 
43## Quick Start
44 
45### Prerequisites
46 
47- Go 1.23 or later
48- Unix-like system (Linux, macOS, WSL)
49- Docker (optional, for containerized deployment)
50 
51### Installation
52 
53```bash
54git clone https://github.com/sonirico/mcp-shell
55cd mcp-shell
56make install
57```
58 
59### Basic Usage
60 
61```bash
62# Run with default configuration (if installed system-wide)
63mcp-shell
64 
65# Or run locally
66make run
67 
68# Run with security enabled (creates temporary config)
69make run-secure
70 
71# Run with custom config file
72MCP_SHELL_SEC_CONFIG_FILE=security.json mcp-shell
73 
74# Run with environment overrides
75MCP_SHELL_LOG_LEVEL=debug mcp-shell
76```
77 
78### Docker Deployment (Recommended)
79 
80```bash
81# Build Docker image
82make docker-build
83 
84# Run in secure container
85make docker-run-secure
86 
87# Run with shell access for debugging
88make docker-shell
89```
90 
91## Configuration
92 
93### Environment Variables
94 
95Basic server and logging configuration via environment variables:
96 
97#### Server Configuration
98 
99- `MCP_SHELL_SERVER_NAME`: Server name (default: "mcp-shell 🐚")
100- `MCP_SHELL_VERSION`: Server version (set at compile time)
101 
102#### Logging Configuration
103 
104- `MCP_SHELL_LOG_LEVEL`: Log level (debug, info, warn, error, fatal)
105- `MCP_SHELL_LOG_FORMAT`: Log format (json, console)
106- `MCP_SHELL_LOG_OUTPUT`: Log output (stdout, stderr, file)
107 
108#### Configuration File
109 
110- `MCP_SHELL_SEC_CONFIG_FILE`: Path to YAML configuration file
111 
112### Security Configuration (YAML Only)
113 
114Security settings are configured exclusively via YAML configuration file:
115 
116```bash
117export MCP_SHELL_SEC_CONFIG_FILE=security.yaml
118```
119 
120Example security configuration file:
121 
122```yaml
123security:
124  enabled: true
125  allowed_commands:
126    - ls
127    - cat
128    - grep
129    - find
130    - echo
131  blocked_commands:
132    - rm -rf
133    - sudo
134    - chmod
135  blocked_patterns:
136    - 'rm\s+.*-rf.*'
137    - 'sudo\s+.*'
138  max_execution_time: 30s
139  working_directory: /tmp/mcp-workspace
140  max_output_size: 1048576
141  audit_log: true
142```
143 
144## Tool Parameters
145 
146- `command` (string, required): Shell command to execute
147- `base64` (boolean, optional): Return stdout/stderr as base64-encoded strings
148 
149## Response Format
150 
151```json
152{
153  "status": "success|error",
154  "exit_code": 0,
155  "stdout": "command output",
156  "stderr": "error output", 
157  "command": "executed command",
158  "execution_time": "100ms",
159  "security_info": {
160    "security_enabled": true,
161    "working_dir": "/tmp/mcp-workspace",
162    "timeout_applied": true
163  }
164}
165```
166 
167## Integration Examples
168 
169### With Claude Desktop
170 
171```json
172{
173  "mcpServers": {
174    "shell": {
175      "command": "docker",
176      "args": ["run", "--rm", "-i", "mcp-shell:latest"],
177      "env": {
178        "MCP_SHELL_SECURITY_ENABLED": "true",
179        "MCP_SHELL_LOG_LEVEL": "info"
180      }
181    }
182  }
183}
184```
185 
186### Production Deployment
187 
188```bash
189# Build and install
190make build
191sudo make install-bin
192 
193# Set environment variables for basic config
194export MCP_SHELL_LOG_LEVEL=info
195export MCP_SHELL_LOG_FORMAT=json
196export MCP_SHELL_SEC_CONFIG_FILE=/etc/mcp-shell/config.json
197 
198# Security is configured in the JSON file only
199# Run service
200mcp-shell
201```
202 
203## Development
204 
205```bash
206# Install dependencies and dev tools
207make install dev-tools
208 
209# Format code
210make fmt
211 
212# Run tests
213make test
214 
215# Run linter
216make lint
217 
218# Build for release
219make release
220 
221# Generate config example
222make config-example
223```
224 
225## Security Considerations
226 
227### ⚠️ Important Security Notes
228 
2291. **Default Mode**: Runs with **full system access** when security is disabled (which is, of course, a terrible idea — unless you're into that).
2302. **Container Isolation**: Use Docker deployment for additional security layers
2313. **User Privileges**: Run as non-root user in production
2324. **Network Access**: Commands can access network unless explicitly restricted
2335. **File System**: Can read/write files based on user permissions
234 
235### Recommended Production Setup
236 
237Create `security.yaml`:
238 
239```yaml
240security:
241  enabled: true
242  allowed_commands:
243    - ls
244    - cat
245    - head
246    - tail
247    - grep
248    - find
249    - wc
250    - sort
251    - uniq
252  blocked_patterns:
253    - 'rm\s+.*-rf.*'
254    - 'sudo\s+.*'
255    - 'chmod\s+(777|666)'
256    - '>/dev/'
257    - 'curl.*\|.*sh'
258  max_execution_time: 10s
259  working_directory: /tmp/mcp-workspace
260  max_output_size: 524288
261  audit_log: true
262```
263 
264Set environment:
265```bash
266export MCP_SHELL_SEC_CONFIG_FILE=security.yaml
267export MCP_SHELL_LOG_LEVEL=info
268export MCP_SHELL_LOG_FORMAT=json
269```
270 
271## Contributing
272 
2731. Fork the repository
2742. Create feature branch (`git checkout -b feature/amazing-feature`)
2753. Commit changes (`git commit -m 'Add amazing feature'`)
2764. Push to branch (`git push origin feature/amazing-feature`)
2775. Open Pull Request
278 
279Ensure code is formatted (`make fmt`) and passes tests (`make test`).
280 
281## License
282 
283MIT License - See LICENSE file for details.

Full transparency — inspect the skill content before installing.