@iflow-mcp/shell-command-mcp 1.0.0 → 1.0.1

package/README.md

@@ -1,96 +1,38 @@
-# *OBSOLETE*
+# shell-command-mcp
 
-I recommend using Claude Code by running `claude mcp serve` instead of this MCP server.
-I have created [ai-agent-workspace](https://github.com/kaznak/container-images/tree/main/ai-agent-workspace) as a container to run Claude Code.
-Please use it as needed.
+MCP server for executing shell commands.
 
-# Shell Command MCP Server
+This project is sponsored by [ChatWise](https://chatwise.app), an all-in-one LLM chatbot with first-class MCP support.
 
-This is an MCP (Model Context Protocol) server that allows executing shell commands within a Docker container. It provides a secure and isolated workspace for running commands without giving access to the host Docker daemon.
+## Usage
 
-## Features
+### Configure manually
 
-- Run shell scripts through a simple MCP interface
-  - synchronous execution
-  - asynchronous execution with 4 different modes
-    - complete: notify when the command is completed
-    - line: notify on each line of output
-    - chunk: notify on each chunk of output
-    - character: notify on each character of output
-- Kubernetes tools included: kubectl, helm, kustomize, hemfile
-- Isolated Docker container environment with non-root user
-  - host-container userid/groupid mapping implemented. this allows the container to run as the same user as the host, ensuring that files created by the container have the same ownership and permissions as those created by the host.
-  - mount a host directory to the container /home/mcp directory for persistence. it become the home directory the AI works in.
-  - if the host directory is empty, the initial files will be copied form the backup in the container.
-
-## Design Philosophy
-
-This MCP server provides AI with a workspace similar to that of a human.
-Authorization is limited not by MCP functions, but by container isolation and external authorization restrictions.
-
-It provides more general tools such as shell script execution, so that they can be used without specialized knowledge of tool use.
-
-The server implementation is kept as simple as possible to facilitate code auditing.
-
-## Getting Started
-
-### Prerequisites
-
-- Docker
-
-### Usage with Claude for Desktop
-
-Add the following configuration to your Claude for Desktop configuration file.
-
-MacOS:
-
-```json
-"shell-command": {
-  "command": "docker",
-  "args": [
-    "run",
-    "--rm",
-    "-i",
-    "--mount",
-    "type=bind,src=/Users/user-name/MCPHome,dst=/home/mcp",
-    "ghcr.io/kaznak/shell-command-mcp:latest"
-  ]
-}
+```bash
+# stdio server
+npx -y shell-command-mcp
 ```
 
-Replace `/Users/user-name/ClaudeWorks` with the directory you want to make available to the container.
-
-Windows:
+### JSON config
 
 ```json
-"shell-command": {
-   "command": "docker",
-   "args": [
-      "run",
-      "--rm",
-      "-i",
-      "--mount",
-      "type=bind,src=\\\\wsl.localhost\\Ubuntu\\home\\user-name\\MCPHome,dst=/home/mcp",
-      "ghcr.io/kaznak/shell-command-mcp:latest"
-   ]
+{
+  "mcpServers": {
+    "shell-command": {
+      "command": "npx",
+      "args": ["-y", "shell-command-mcp"],
+      "env": {
+        "ALLOWED_COMMANDS": "cat,ls,echo"
+      }
+    }
+  }
 }
 ```
 
-### Feed some prompts
-
-To Operate the files in the mounted directory.
-
-## Available MCP Tools
-
-- [execute-bash-script-sync](./src/execute-bash-script-sync.ts)
-- [execute-bash-script-async](./src/execute-bash-script-async.ts)
-
-## Security Considerations
+### Allowed commands
 
-- The MCP server runs as a non-root user within the container
-- The container does not have access to the host Docker daemon
-- User workspace is mounted from the host for persistence
+Use `ALLOWED_COMMANDS` environment variable to explictly allow the commands that this server can run, separate each command by `,`. You can use `*` to allow any command, but this is potentially dangerous.
 
 ## License
 
-MIT
+MIT.

package/cli.js

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+import "./dist/index.js"

package/dist/index.js

@@ -0,0 +1,56 @@
+// index.ts
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
+import { z } from "zod";
+import { dump } from "js-yaml";
+// package.json
+var version = "1.0.1";
+
+// index.ts
+import { x } from "tinyexec";
+import { tokenizeArgs } from "args-tokenizer";
+var allowedCommands = process.env.ALLOWED_COMMANDS?.split(",").map((cmd) => cmd.trim()) || [];
+var server = new McpServer({
+  name: "shell-command-mcp",
+  version
+}, {
+  capabilities: {
+    logging: {},
+    tools: {}
+  }
+});
+server.tool("execute_command", "Execute a shell command", {
+  command: z.string().describe("The shell command to execute")
+}, async (args) => {
+  const [bin, ...commandArgs] = tokenizeArgs(args.command);
+  try {
+    if (!allowedCommands.includes("*") && !allowedCommands.includes(bin)) {
+      throw new Error(`Command "${bin}" is not allowed, allowed commands: ${allowedCommands.length > 0 ? allowedCommands.join(", ") : "(none)"}`);
+    }
+    const result = await x(bin, commandArgs);
+    return {
+      content: [
+        {
+          type: "text",
+          text: dump({
+            exit_code: result.exitCode,
+            stdout: result.stdout,
+            stderr: result.stderr
+          })
+        }
+      ]
+    };
+  } catch (error) {
+    return {
+      content: [
+        {
+          type: "text",
+          text: `Error executing command: ${error instanceof Error ? error.message : String(error)}`
+        }
+      ],
+      isError: true
+    };
+  }
+});
+var transport = new StdioServerTransport;
+await server.connect(transport);

package/package.json

@@ -1,43 +1,27 @@
 {
   "name": "@iflow-mcp/shell-command-mcp",
-  "version": "1.0.0",
-  "description": "MCP server for executing shell commands in a Docker container",
-  "main": "build/index.js",
+  "description": "MCP server for running shell commands",
   "type": "module",
-  "bin": {
-    "shell-command-mcp": "build/index.js"
-  },
+  "version": "1.0.1",
+  "files": [
+    "dist",
+    "/cli.js"
+  ],
+  "bin": "./cli.js",
   "scripts": {
-    "build": "tsc",
-    "lint": "eslint src/**/*.ts",
-    "lint:fix": "eslint src/**/*.ts --fix",
-    "format": "prettier -uw .",
-    "start": "node build/index.js",
-    "dev": "tsx src/index.ts",
-    "clean": "rm -rf build"
+    "build": "bun build ./index.ts --packages external --outdir dist",
+    "prepublishOnly": "npm run build"
+  },
+  "devDependencies": {
+    "@types/bun": "latest",
+    "@types/js-yaml": "^4.0.9",
+    "typescript": "^5"
   },
-  "keywords": [
-    "mcp",
-    "shell",
-    "docker",
-    "kubernetes"
-  ],
-  "author": "",
-  "license": "MIT",
   "dependencies": {
     "@modelcontextprotocol/sdk": "^1.8.0",
-    "execa": "^8.0.1",
-    "zod": "^3.22.4"
-  },
-  "devDependencies": {
-    "@types/node": "^20.10.3",
-    "@typescript-eslint/eslint-plugin": "^6.13.2",
-    "@typescript-eslint/parser": "^6.13.2",
-    "eslint": "^8.55.0",
-    "eslint-config-prettier": "^9.1.0",
-    "eslint-plugin-prettier": "^5.0.1",
-    "prettier": "^3.1.0",
-    "tsx": "^4.6.2",
-    "typescript": "~5.3.3"
+    "args-tokenizer": "^0.3.0",
+    "js-yaml": "^4.1.0",
+    "tinyexec": "^1.0.1",
+    "zod": "^3.24.2"
   }
 }

package/.dockleignore

@@ -1,15 +0,0 @@
-# Create a user for the container
-## Run as root to map host user to container user.
-CIS-DI-0001
-
-# TODO
-# Avoid sudo command
-DKL-DI-0001
-## Enable Content trust for Docker
-CIS-DI-0005
-## Add HEALTHCHECK instruction to the container image
-CIS-DI-0006
-## Confirm safety of setuid/setgid files
-CIS-DI-0008
-## Only put necessary files
-DKL-LI-0003

package/.eslintrc.json

@@ -1,23 +0,0 @@
-{
-  "parser": "@typescript-eslint/parser",
-  "extends": [
-    "eslint:recommended",
-    "plugin:@typescript-eslint/recommended",
-    "plugin:prettier/recommended"
-  ],
-  "plugins": ["@typescript-eslint", "prettier"],
-  "env": {
-    "node": true,
-    "es6": true
-  },
-  "parserOptions": {
-    "ecmaVersion": 2022,
-    "sourceType": "module"
-  },
-  "rules": {
-    "prettier/prettier": "error",
-    "@typescript-eslint/no-unused-vars": ["error", { "argsIgnorePattern": "^_" }],
-    "@typescript-eslint/explicit-function-return-type": "off",
-    "@typescript-eslint/explicit-module-boundary-types": "off"
-  }
-}

package/.github/workflows/docker-build.yaml

@@ -1,102 +0,0 @@
-name: Build and Push Docker Image
-
-on:
-  release:
-    types: [published]
-  push:
-    branches:
-      - main
-  workflow_dispatch:
-    inputs:
-      tag:
-        description: 'Git tag to build from'
-        required: false
-        default: ''
-
-env:
-  REGISTRY: ghcr.io
-  IMAGE_NAME: ${{ github.repository }}
-
-jobs:
-  build-and-push:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      packages: write
-      security-events: write
-
-    steps:
-      - name: Get tag to build
-        id: get-tag
-        run: |
-          if [ "${{ github.event_name }}" = "release" ]; then
-            echo "tag=${{ github.event.release.tag_name }}"
-          elif [ -n "${{ github.event.inputs.tag }}" ]; then
-            echo "tag=${{ github.event.inputs.tag }}"
-          elif [ "${{ github.event_name }}" = "push" ] && [ "${{ github.ref }}" = "refs/heads/main" ]; then
-            echo "tag=main"
-          else
-            # Get latest release tag if no tag is specified
-            LATEST_TAG=$(curl -s https://api.github.com/repos/${{ github.repository }}/releases/latest | jq -r .tag_name)
-            echo "tag=${LATEST_TAG}"
-          fi  \
-          | tee -a $GITHUB_OUTPUT
-
-      - name: Checkout repository
-        uses: actions/checkout@v4
-        with:
-          ref: ${{ steps.get-tag.outputs.tag }}
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
-      - name: Log in to container registry
-        uses: docker/login-action@v3
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Extract Docker metadata
-        id: meta
-        uses: docker/metadata-action@v5
-        with:
-          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
-          tags: |
-            type=raw,value=${{ steps.get-tag.outputs.tag }}
-            type=raw,value=latest,enable=${{ github.event_name == 'release' || steps.get-tag.outputs.tag == github.event.repository.default_branch }}
-
-      - name: Build Docker image (for scanning)
-        uses: docker/build-push-action@v5
-        with:
-          context: .
-          push: false
-          load: true
-          tags: ${{ env.IMAGE_NAME }}:test
-          labels: ${{ steps.meta.outputs.labels }}
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
-
-      - name: Scan image with Dockle
-        uses: erzz/dockle-action@v1
-        with:
-          image: ${{ env.IMAGE_NAME }}:test
-          exit-code: 1
-          failure-threshold: fatal
-          report-format: sarif
-
-      - name: Upload Dockle scan results
-        uses: github/codeql-action/upload-sarif@v3
-        with:
-          sarif_file: dockle-report.sarif
-          category: dockle
-
-      - name: Push Docker image
-        uses: docker/build-push-action@v5
-        with:
-          context: .
-          push: true
-          tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}
-          cache-from: type=gha
-          cache-to: type=gha,mode=max

package/.prettierignore

@@ -1,2 +0,0 @@
-/client-sequence-example.json
-package-lock.json

package/.prettierrc

@@ -1,7 +0,0 @@
-{
-  "semi": true,
-  "trailingComma": "all",
-  "singleQuote": true,
-  "printWidth": 100,
-  "tabWidth": 2
-}