@jadchene/mcp-ssh-service 1.0.0 → 1.1.1

package/README.md

@@ -1,143 +1,95 @@
-English | [简体中文](./README_zh.md)
-
-# 🚀 mcp-ssh
-
-[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
-[![Node.js Version](https://img.shields.io/badge/node-%3E%3D20.0.0-brightgreen)](https://nodejs.org/)
-[![MCP Ready](https://img.shields.io/badge/MCP-Ready-blue)](https://modelcontextprotocol.io/)
-
-A **production-grade** Model Context Protocol (MCP) server designed for secure, stateless SSH automation. This service empowers AI agents to manage remote infrastructure with **human-in-the-loop** safety and **semantic environment awareness**.
-
----
-
-## 🌟 Key Pillars
-
-### 🔒 Uncompromising Security
-*   **Two-Step Confirmation**: High-risk operations (writes, deletes, restarts) return a `confirmationId`. Nothing happens until a human approves the specific transaction.
-*   **Command Blacklist**: Real-time regex interception for catastrophic commands like `rm -rf /` or `mkfs`.
-*   **Server-Level Read-Only**: Lock specific servers to a non-destructive mode at the configuration level.
-*   **Restricted File Deletion**: Hardcoded prevention of accidental deletion of system-critical paths like `/etc` or `/usr`.
-
-### 🧠 AI-Native Design
-*   **Semantic Infrastructure Discovery**: AI can list servers and understand their purposes via natural language descriptions.
-*   **Working Directory Aliases**: Map complex paths to simple aliases like `app-root` with descriptive metadata.
-*   **Contextual Pre-checks**: Built-in tools to verify dependencies (Docker, Git) before execution.
-
----
-
-## 🚀 Quick Start
-
-### Installation
-
-```bash
-# Install globally via npm
-npm install -g @jadchene/mcp-ssh-service
-
-# Start the server with a config file
-mcp-ssh-service --config ./config.json
+# SSH MCP Service
+
+A production-ready, highly secure Model Context Protocol (MCP) server for remote server management. It features stateless connections, lazy loading, and a mandatory two-step confirmation flow for high-risk operations.
+
+## Core Features
+
+- **Stateless & Lazy Loading**: Connections are only established when a tool is called and closed immediately after execution. No persistent SSH tunnels.
+- **Security First**: 
+  - Mandatory manual confirmation for all "Write Actions" (e.g., `rm`, `restart`, `docker_stop`).
+  - Command blacklist (prevents `rm -rf /`, etc.).
+  - Restricted directory protection for safe deletions.
+- **Context Aware**: Supports directory aliases and path mapping via `list_working_directories`.
+- **Workflow Automation**: `execute_batch` allows running multiple commands in a single session with state (like `cd`) preserved between steps.
+
+## Tool List (45 Total)
+
+### 🛠️ Discovery & Core (8)
+- `list_servers`: List all configured SSH servers.
+- `ping_server`: Test connectivity to a specific server.
+- `list_working_directories`: View path mappings/aliases.
+- `check_dependencies`: Verify if required binaries (git, docker, etc.) are installed.
+- `get_system_info`: Get CPU, memory, and kernel details.
+- `pwd`: Show current remote path.
+- `cd`: Change directory (effective within `execute_batch`).
+- `execute_batch`: Run a sequence of tools in one session.
+
+### 💻 Shell & Basic (2)
+- `execute_command` (*): Run any arbitrary shell command.
+- `echo`: Print text or variables.
+
+### 📂 File Management (5)
+- `upload_file` (*): Transfer file from local to remote.
+- `download_file`: Transfer file from remote to local.
+- `ll`: Detailed directory listing.
+- `cat`: Read file content.
+- `edit_text_file` (*): Replace file content (Safe Base64 transfer).
+- `touch`: Create empty file or update timestamp.
+- `find`: Search for files in a directory hierarchy.
+
+### 🐳 Docker & Compose (18)
+- `docker_compose_up` (*), `docker_compose_down` (*), `docker_compose_stop` (*), `docker_compose_restart` (*)
+- `docker_compose_logs`: View compose logs.
+- `docker_ps`, `docker_images`
+- `docker_pull` (*), `docker_cp` (*), `docker_stop` (*), `docker_rm` (*), `docker_start` (*), `docker_rmi` (*), `docker_commit` (*)
+- `docker_logs`: Get container logs.
+- `docker_load` (*), `docker_save` (*)
+
+### ⚙️ System Services (4)
+- `systemctl_status`
+- `systemctl_start` (*), `systemctl_stop` (*), `systemctl_restart` (*)
+
+### 🌐 Network & Stats (8)
+- `ip_addr`: Show network interfaces.
+- `firewall_cmd` (*): Manage firewall rules.
+- `netstat`: Monitor ports and connections.
+- `nvidia_smi`: GPU status.
+- `ps`: Process snapshot.
+- `df_h`: Disk usage.
+- `du_sh`: Directory size estimation.
+
+> (*) Requires manual confirmation.
+
+## Confirmation Protocol
+
+For any tool marked with `(*)`, the service follows a two-step flow:
+1. **Request**: Call the tool with parameters. The server returns a `confirmationId` and `status: "pending"`.
+2. **Confirm**: Call the **same tool again** with `confirmExecution: true` and the provided `confirmationId`.
+
+## Configuration
+
+External configuration `config.json` allows defining multiple servers and their working directory aliases:
+
+```json
+{
+  "servers": {
+    "prod-web": {
+      "host": "192.168.1.100",
+      "user": "root",
+      "keyPath": "~/.ssh/id_rsa",
+      "workingDirectories": {
+        "app": { "path": "/var/www/html", "desc": "Web Root" },
+        "logs": { "path": "/var/log/nginx", "desc": "Nginx Logs" }
+      }
+    }
+  }
+}
+```
+
+## Installation
+
+```bash
+npm install
+npm run build
+node dist/index.js
 ```
-
-### Source Setup
-
-```bash
-git clone https://github.com/jadchene/mcp-ssh.git
-cd mcp-ssh
-npm install
-npm run build
-node dist/index.js --config ./config.json
-```
-
----
-
-## ⚙️ Configuration Schema
-
-### Global Settings
-| Parameter | Type | Description |
-| --- | --- | --- |
-| `logDir` | string | Directory for logs. Supports env vars like `${HOME}`. |
-| `commandBlacklist` | string[] | Prohibited command regex patterns (e.g., `["^rm -rf"]`). |
-| `defaultTimeout` | number | Command timeout in milliseconds (default: 60000). |
-| `servers` | object | Dictionary of server configs where key is the `serverAlias`. |
-
-### Server Object
-| Parameter | Type | Description |
-| --- | --- | --- |
-| `host` | string | Remote IP or hostname. Supports env vars. |
-| `port` | number | SSH port (default: 22). |
-| `username` | string | SSH login user. |
-| `password` | string | SSH password. Use `${VAR}` for security. |
-| `privateKeyPath` | string | Path to private key file. |
-| `passphrase` | string | Passphrase for the private key. |
-| `readOnly` | boolean | Disables all write/modify tools for this server. |
-| `desc` | string | Server description shown in `list_servers`. |
-| `strictHostKeyChecking` | boolean | Set to `false` to bypass host key verification. |
-| `workingDirectories` | object | Semantic path mappings (Key: { path, desc }). |
-| `proxyJump` | object | Optional jump host (recursive server config). |
-
----
-
-## ⚙️ Configuration Example
-
-```json
-{
-  "logDir": "./logs",
-  "defaultTimeout": 60000,
-  "commandBlacklist": ["^apt-get upgrade", "curl.*\\|.*sh"],
-  "servers": {
-    "prod-web": {
-      "desc": "Primary API Cluster",
-      "host": "10.0.0.5",
-      "username": "deploy",
-      "privateKeyPath": "~/.ssh/id_rsa",
-      "passphrase": "${SSH_KEY_PWD}",
-      "workingDirectories": {
-        "logs": { "path": "/var/log/nginx", "desc": "Nginx access logs" }
-      },
-      "proxyJump": {
-        "host": "bastion.example.com",
-        "username": "jumpuser"
-      }
-    }
-  }
-}
-```
-
----
-
-## 🛠️ Integrated Toolset (45 Tools)
-
-### 📂 Discovery & Context
-*   `list_servers`: Discovery available hosts.
-*   `ping_server`: Test SSH connection & credentials.
-*   `list_working_directories`: Get semantic path mappings.
-*   `get_system_info`: CPU, Memory, and System Uptime.
-*   `check_dependencies`: Verify remote binaries.
-
-### 💻 Shell & Files
-*   `execute_command`*, `execute_batch`*: Run single or sequenced shell commands.
-*   `ll`, `cat`, `tail`, `grep`, `pwd`, `cd`: Browse and search remote files.
-*   `upload_file`*, `download_file`: Transfer data.
-*   `mkdir`*, `mv`*, `cp`*, `chmod`*, `rm_safe`*, `touch`*: File system management.
-
-### 🐳 DevOps & Services
-*   `docker_ps`, `docker_logs`, `docker_compose_up`*, `docker_compose_restart`*: Container orchestration.
-*   `systemctl_status`, `systemctl_restart`*: System service control.
-*   `git_status`, `git_pull`*: Version control.
-*   `ip_addr`, `ping`, `netstat`, `df_h`, `nvidia_smi`: Diagnostics.
-
-*\* High-risk: Requires `confirmationId` and `confirmExecution: true`.*
-
----
-
-## 🔐 The Confirmation Workflow
-
-1.  **Request**: AI calls `rm_safe({ path: '/tmp/old' })`.
-2.  **Intercept**: Server returns `status: "pending"` with a `confirmationId`.
-3.  **Human Input**: You review the action in your chat client and approve.
-4.  **Execution**: AI calls `rm_safe` again with the `confirmationId` and `confirmExecution: true`.
-5.  **Verify**: Server ensures parameters match exactly and executes the SSH command.
-
----
-
-## 📄 License
-Released under the [MIT License](./LICENSE).

package/dist/tools/definitions.js

@@ -15,7 +15,7 @@ const confirmationParams = {
 const grepParam = { grep: { type: 'string', description: 'Filter output using regex pattern.' } };
 const cwdParam = { cwd: { type: 'string', description: 'Execution directory (supports aliases from list_working_directories).' } };
 export const toolDefinitions = [
-    // --- Discovery ---
+    // --- Discovery (Core) ---
     {
         name: 'list_servers',
         description: 'Discovery tool: List all configured SSH servers, their hosts, and descriptions.',
@@ -36,7 +36,7 @@ export const toolDefinitions = [
         description: 'Environmental pre-check: Verifies if specific binaries exist on the remote server.',
         inputSchema: baseParams({ commands: { type: 'array', items: { type: 'string' } } }, ['commands'])
     },
-    // --- System ---
+    // --- System (Core) ---
     {
         name: 'get_system_info',
         description: 'System health check: Returns current user, system uptime, kernel, and memory.',
@@ -52,7 +52,7 @@ export const toolDefinitions = [
         description: 'Directory navigation: Changes the working directory (effective within batch).',
         inputSchema: baseParams({ path: { type: 'string' } }, ['path'])
     },
-    // --- Batch ---
+    // --- Batch (Core) ---
     {
         name: 'execute_batch',
         description: 'Workflow automation: Executes a sequence of multiple tools in a single persistent SSH session. REQUIRES CONFIRMATION if any sub-tool is high-risk.',
@@ -72,7 +72,7 @@ export const toolDefinitions = [
             ...confirmationParams
         }, ['commands'])
     },
-    // --- Shell ---
+    // --- Shell & Basic (Requirements) ---
     {
         name: 'execute_command',
         description: 'Arbitrary execution: Runs any shell command via SSH. REQUIRES CONFIRMATION.',
@@ -82,7 +82,12 @@ export const toolDefinitions = [
             ...confirmationParams
         }, ['command'])
     },
-    // --- Files ---
+    {
+        name: 'echo',
+        description: 'Print text or variables.',
+        inputSchema: baseParams({ text: { type: 'string' } }, ['text'])
+    },
+    // --- Files (Requirements) ---
     {
         name: 'upload_file',
         description: 'File transfer (Local -> Remote). REQUIRES CONFIRMATION.',
@@ -110,11 +115,6 @@ export const toolDefinitions = [
         description: 'File reading: Reads text file content.',
         inputSchema: baseParams({ filePath: { type: 'string' }, ...grepParam }, ['filePath'])
     },
-    {
-        name: 'tail',
-        description: 'Log inspection: Reads last N lines of a file.',
-        inputSchema: baseParams({ filePath: { type: 'string' }, lines: { type: 'number' }, ...grepParam }, ['filePath'])
-    },
     {
         name: 'edit_text_file',
         description: 'File creation/overwrite: Completely replaces file content. REQUIRES CONFIRMATION.',
@@ -124,67 +124,17 @@ export const toolDefinitions = [
             ...confirmationParams
         }, ['filePath', 'content'])
     },
-    {
-        name: 'append_text_file',
-        description: 'File appending: Adds text to end of file. REQUIRES CONFIRMATION.',
-        inputSchema: baseParams({
-            filePath: { type: 'string' },
-            content: { type: 'string' },
-            ...confirmationParams
-        }, ['filePath', 'content'])
-    },
-    {
-        name: 'mkdir',
-        description: 'Directory creation: Creates a directory (mkdir -p). REQUIRES CONFIRMATION.',
-        inputSchema: baseParams({ path: { type: 'string' }, ...confirmationParams }, ['path'])
-    },
-    {
-        name: 'chmod',
-        description: 'Permission management: Changes file or directory permissions. REQUIRES CONFIRMATION.',
-        inputSchema: baseParams({ mode: { type: 'string' }, path: { type: 'string' }, ...confirmationParams }, ['mode', 'path'])
-    },
-    {
-        name: 'mv',
-        description: 'File movement/rename: Moves or renames files or directories. REQUIRES CONFIRMATION.',
-        inputSchema: baseParams({ source: { type: 'string' }, destination: { type: 'string' }, ...confirmationParams }, ['source', 'destination'])
-    },
-    {
-        name: 'cp',
-        description: 'File copy: Copies files or directories. REQUIRES CONFIRMATION.',
-        inputSchema: baseParams({
-            source: { type: 'string' },
-            destination: { type: 'string' },
-            recursive: { type: 'boolean' },
-            ...confirmationParams
-        }, ['source', 'destination'])
-    },
-    {
-        name: 'rm_safe',
-        description: 'File deletion: Removes file or directory. REQUIRES CONFIRMATION.',
-        inputSchema: baseParams({ path: { type: 'string' }, recursive: { type: 'boolean' }, ...confirmationParams }, ['path'])
-    },
     {
         name: 'touch',
-        description: 'Timestamp/File creation: Updates access time or creates empty file. REQUIRES CONFIRMATION.',
-        inputSchema: baseParams({ filePath: { type: 'string' }, ...confirmationParams }, ['filePath'])
+        description: 'Timestamp/File creation: Updates access time or creates empty file.',
+        inputSchema: baseParams({ filePath: { type: 'string' } }, ['filePath'])
     },
-    // --- Git ---
     {
-        name: 'git_status',
-        description: 'Git status: Displays repository status.',
-        inputSchema: baseParams(cwdParam)
+        name: 'find',
+        description: 'Search for files in a directory hierarchy.',
+        inputSchema: baseParams({ path: { type: 'string' }, name: { type: 'string' }, ...grepParam }, ['path'])
     },
-    {
-        name: 'git_pull',
-        description: 'Git update: Pulls latest changes. REQUIRES CONFIRMATION.',
-        inputSchema: baseParams({ ...cwdParam, ...confirmationParams })
-    },
-    {
-        name: 'git_log',
-        description: 'Git history: Shows commit logs.',
-        inputSchema: baseParams({ ...cwdParam, count: { type: 'number' } })
-    },
-    // --- Docker ---
+    // --- Docker & Compose (Requirements) ---
     {
         name: 'docker_compose_up',
         description: 'Deploy docker stack. REQUIRES CONFIRMATION.',
@@ -195,6 +145,11 @@ export const toolDefinitions = [
         description: 'Remove docker stack. REQUIRES CONFIRMATION.',
         inputSchema: baseParams({ ...cwdParam, ...confirmationParams }, ['cwd'])
     },
+    {
+        name: 'docker_compose_stop',
+        description: 'Stop docker stack. REQUIRES CONFIRMATION.',
+        inputSchema: baseParams({ ...cwdParam, ...confirmationParams }, ['cwd'])
+    },
     {
         name: 'docker_compose_logs',
         description: 'View compose logs.',
@@ -210,12 +165,62 @@ export const toolDefinitions = [
         description: 'List docker containers.',
         inputSchema: baseParams(grepParam)
     },
+    {
+        name: 'docker_images',
+        description: 'List docker images.',
+        inputSchema: baseParams(grepParam)
+    },
+    {
+        name: 'docker_pull',
+        description: 'Pull an image from a registry. REQUIRES CONFIRMATION.',
+        inputSchema: baseParams({ image: { type: 'string' }, ...confirmationParams }, ['image'])
+    },
+    {
+        name: 'docker_cp',
+        description: 'Copy files/folders between a container and the local filesystem. REQUIRES CONFIRMATION.',
+        inputSchema: baseParams({ source: { type: 'string' }, destination: { type: 'string' }, ...confirmationParams }, ['source', 'destination'])
+    },
+    {
+        name: 'docker_stop',
+        description: 'Stop one or more running containers. REQUIRES CONFIRMATION.',
+        inputSchema: baseParams({ container: { type: 'string' }, ...confirmationParams }, ['container'])
+    },
+    {
+        name: 'docker_rm',
+        description: 'Remove one or more containers. REQUIRES CONFIRMATION.',
+        inputSchema: baseParams({ container: { type: 'string' }, ...confirmationParams }, ['container'])
+    },
+    {
+        name: 'docker_start',
+        description: 'Start one or more stopped containers. REQUIRES CONFIRMATION.',
+        inputSchema: baseParams({ container: { type: 'string' }, ...confirmationParams }, ['container'])
+    },
+    {
+        name: 'docker_rmi',
+        description: 'Remove one or more images. REQUIRES CONFIRMATION.',
+        inputSchema: baseParams({ image: { type: 'string' }, ...confirmationParams }, ['image'])
+    },
+    {
+        name: 'docker_commit',
+        description: 'Create a new image from a container\'s changes. REQUIRES CONFIRMATION.',
+        inputSchema: baseParams({ container: { type: 'string' }, repository: { type: 'string' }, ...confirmationParams }, ['container', 'repository'])
+    },
     {
         name: 'docker_logs',
         description: 'Get container logs.',
         inputSchema: baseParams({ container: { type: 'string' }, lines: { type: 'number' }, ...grepParam }, ['container'])
     },
-    // --- Service & Network ---
+    {
+        name: 'docker_load',
+        description: 'Load an image from a tar archive or STDIN. REQUIRES CONFIRMATION.',
+        inputSchema: baseParams({ path: { type: 'string' }, ...confirmationParams }, ['path'])
+    },
+    {
+        name: 'docker_save',
+        description: 'Save one or more images to a tar archive. REQUIRES CONFIRMATION.',
+        inputSchema: baseParams({ image: { type: 'string' }, path: { type: 'string' }, ...confirmationParams }, ['image', 'path'])
+    },
+    // --- Service & Network (Requirements) ---
     {
         name: 'systemctl_status',
         description: 'Check systemd service status.',
@@ -226,22 +231,42 @@ export const toolDefinitions = [
         description: 'Restart system service. REQUIRES CONFIRMATION.',
         inputSchema: baseParams({ service: { type: 'string' }, ...confirmationParams }, ['service'])
     },
+    {
+        name: 'systemctl_start',
+        description: 'Start system service. REQUIRES CONFIRMATION.',
+        inputSchema: baseParams({ service: { type: 'string' }, ...confirmationParams }, ['service'])
+    },
+    {
+        name: 'systemctl_stop',
+        description: 'Stop system service. REQUIRES CONFIRMATION.',
+        inputSchema: baseParams({ service: { type: 'string' }, ...confirmationParams }, ['service'])
+    },
     {
         name: 'ip_addr',
         description: 'Show network interface info.',
         inputSchema: baseParams(grepParam)
     },
     {
-        name: 'ping',
-        description: 'Verify host accessibility.',
-        inputSchema: baseParams({ host: { type: 'string' }, count: { type: 'number' } }, ['host'])
+        name: 'firewall_cmd',
+        description: 'Control the runtime/permanent firewall. REQUIRES CONFIRMATION.',
+        inputSchema: baseParams({ args: { type: 'string' }, ...confirmationParams }, ['args'])
     },
     {
         name: 'netstat',
         description: 'Monitor ports/connections.',
         inputSchema: baseParams({ args: { type: 'string' }, ...grepParam })
     },
-    // --- Stats ---
+    // --- Stats & Process (Requirements) ---
+    {
+        name: 'nvidia_smi',
+        description: 'GPU utilization status.',
+        inputSchema: baseParams()
+    },
+    {
+        name: 'ps',
+        description: 'Report a snapshot of the current processes.',
+        inputSchema: baseParams(grepParam)
+    },
     {
         name: 'df_h',
         description: 'System disk usage.',
@@ -251,10 +276,5 @@ export const toolDefinitions = [
         name: 'du_sh',
         description: 'Directory size estimation.',
         inputSchema: baseParams({ path: { type: 'string' }, ...grepParam }, ['path'])
-    },
-    {
-        name: 'nvidia_smi',
-        description: 'GPU utilization status.',
-        inputSchema: baseParams()
     }
 ];

package/dist/tools/handlers.js

@@ -4,18 +4,23 @@ const WRITE_TOOLS = [
     'execute_command',
     'upload_file',
     'edit_text_file',
-    'append_text_file',
-    'mkdir',
-    'chmod',
-    'mv',
-    'cp',
-    'rm_safe',
-    'touch',
-    'git_pull',
     'docker_compose_up',
     'docker_compose_down',
+    'docker_compose_stop',
     'docker_compose_restart',
-    'systemctl_restart'
+    'docker_pull',
+    'docker_cp',
+    'docker_stop',
+    'docker_rm',
+    'docker_start',
+    'docker_rmi',
+    'docker_commit',
+    'docker_load',
+    'docker_save',
+    'systemctl_restart',
+    'systemctl_start',
+    'systemctl_stop',
+    'firewall_cmd'
 ];
 const DEFAULT_BLACKLIST = [
     /rm\s+-(rf|fr|r|f)\s+\//i,
@@ -63,41 +68,41 @@ export class ToolHandlers {
             case 'cd': return `cd ${params.path}`;
             case 'll': return 'ls -l';
             case 'cat': return `cat ${params.filePath}`;
-            case 'tail': return `tail -n ${params.lines || 50} ${params.filePath}`;
-            case 'mkdir': return `mkdir -p ${params.path}`;
-            case 'chmod': return `chmod ${params.mode} ${params.path}`;
-            case 'mv': return `mv -f ${params.source} ${params.destination}`;
-            case 'cp': return `cp -f ${params.recursive ? '-r' : ''} ${params.source} ${params.destination}`;
-            case 'rm_safe':
-                const restricted = ['/', '/etc', '/usr', '/bin', '/var', '/root', '/home'];
-                if (restricted.includes(params.path.trim()))
-                    throw new Error(`RM_SAFE: Denied for restricted directory.`);
-                return `rm ${params.recursive ? '-rf' : '-f'} ${params.path}`;
-            case 'touch': return `touch ${params.filePath}`;
-            case 'append_text_file':
-                const appB64 = Buffer.from(params.content).toString('base64');
-                return `echo "${appB64}" | base64 -d >> ${params.filePath}`;
             case 'edit_text_file':
                 const edB64 = Buffer.from(params.content).toString('base64');
                 return `echo "${edB64}" | base64 -d > ${params.filePath}`;
-            case 'git_status': return 'git status';
-            case 'git_pull': return 'git pull --no-edit';
-            case 'git_log': return `git log -n ${params.count || 10} --oneline`;
+            case 'touch': return `touch ${params.filePath}`;
+            case 'echo': return `echo "${params.text}"`;
+            case 'find': return `find ${params.path} -name "${params.name}"`;
             case 'execute_command': return params.command;
             case 'docker_compose_up': return 'docker-compose up -d';
             case 'docker_compose_down': return 'docker-compose down --remove-orphans';
+            case 'docker_compose_stop': return 'docker-compose stop';
             case 'docker_compose_logs': return `docker-compose logs -n ${params.lines || 100}`;
             case 'docker_compose_restart': return 'docker-compose restart';
             case 'docker_ps': return 'docker ps';
+            case 'docker_images': return 'docker images';
+            case 'docker_pull': return `docker pull ${params.image}`;
+            case 'docker_cp': return `docker cp ${params.source} ${params.destination}`;
+            case 'docker_stop': return `docker stop ${params.container}`;
+            case 'docker_rm': return `docker rm ${params.container}`;
+            case 'docker_start': return `docker start ${params.container}`;
+            case 'docker_rmi': return `docker rmi ${params.image}`;
+            case 'docker_commit': return `docker commit ${params.container} ${params.repository}`;
             case 'docker_logs': return `docker logs -n ${params.lines || 100} ${params.container}`;
+            case 'docker_load': return `docker load -i ${params.path}`;
+            case 'docker_save': return `docker save -o ${params.path} ${params.image}`;
             case 'systemctl_status': return `systemctl status ${params.service}`;
             case 'systemctl_restart': return `systemctl restart ${params.service}`;
+            case 'systemctl_start': return `systemctl start ${params.service}`;
+            case 'systemctl_stop': return `systemctl stop ${params.service}`;
             case 'ip_addr': return 'ip addr';
-            case 'ping': return `ping -c ${params.count || 4} ${params.host}`;
+            case 'firewall_cmd': return `firewall-cmd ${params.args}`;
             case 'netstat': return `netstat ${params.args || '-tuln'}`;
             case 'df_h': return 'df -h';
             case 'du_sh': return `du -sh ${params.path}`;
             case 'nvidia_smi': return 'nvidia-smi';
+            case 'ps': return 'ps aux';
             default: return '';
         }
     }

package/package.json

@@ -1,49 +1,49 @@
-{
-  "name": "@jadchene/mcp-ssh-service",
-  "version": "1.0.0",
-  "description": "A production-ready, highly secure SSH MCP server featuring stateless connections, two-step operation confirmation, and comprehensive DevOps tool integration.",
-  "main": "dist/index.js",
-  "type": "module",
-  "bin": {
-    "mcp-ssh-service": "dist/index.js"
-  },
-  "files": [
-    "dist"
-  ],
-  "scripts": {
-    "build": "tsc",
-    "prepare": "npm run build",
-    "watch": "tsc -w",
-    "prepublishOnly": "npm run build",
-    "start": "node dist/index.js"
-  },
-  "keywords": [
-    "mcp",
-    "ssh",
-    "model context protocol",
-    "automation",
-    "stateless"
-  ],
-  "author": "jadchene",
-  "license": "MIT",
-  "repository": {
-    "type": "git",
-    "url": "https://github.com/jadchene/mcp-ssh.git"
-  },
-  "bugs": {
-    "url": "https://github.com/jadchene/mcp-ssh/issues"
-  },
-  "publishConfig": {
-    "access": "public"
-  },
-  "dependencies": {
-    "@modelcontextprotocol/sdk": "^1.0.1",
-    "ssh2": "^1.15.0",
-    "winston": "^3.11.0"
-  },
-  "devDependencies": {
-    "@types/node": "^20.10.0",
-    "@types/ssh2": "^1.11.19",
-    "typescript": "^5.3.3"
-  }
-}
+{
+  "name": "@jadchene/mcp-ssh-service",
+  "version": "1.1.1",
+  "description": "A production-ready, highly secure SSH MCP server featuring stateless connections, two-step operation confirmation, and comprehensive DevOps tool integration.",
+  "main": "dist/index.js",
+  "type": "module",
+  "bin": {
+    "mcp-ssh-service": "dist/index.js"
+  },
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "prepare": "npm run build",
+    "watch": "tsc -w",
+    "prepublishOnly": "npm run build",
+    "start": "node dist/index.js"
+  },
+  "keywords": [
+    "mcp",
+    "ssh",
+    "model context protocol",
+    "automation",
+    "stateless"
+  ],
+  "author": "jadchene",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/jadchene/mcp-ssh.git"
+  },
+  "bugs": {
+    "url": "https://github.com/jadchene/mcp-ssh/issues"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.0.1",
+    "ssh2": "^1.15.0",
+    "winston": "^3.11.0"
+  },
+  "devDependencies": {
+    "@types/node": "^20.10.0",
+    "@types/ssh2": "^1.11.19",
+    "typescript": "^5.3.3"
+  }
+}