PyPI - cli-mcp-server - Versions diffs - 0.2.0__tar.gz → 0.2.2__tar.gz - Mend

cli-mcp-server 0.2.0tar.gz → 0.2.2tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

{cli_mcp_server-0.2.0 → cli_mcp_server-0.2.2}/PKG-INFO RENAMED Viewed

@@ -1,14 +1,15 @@
-Metadata-Version: 2.3
+Metadata-Version: 2.4
 Name: cli-mcp-server
-Version: 0.2.0
+Version: 0.2.2
 Summary: Command line interface for MCP clients with secure execution and customizable security policies
 Project-URL: Homepage, https://github.com/MladenSU/cli-mcp-server
 Project-URL: Documentation, https://github.com/MladenSU/cli-mcp-server#readme
 Project-URL: Repository, https://github.com/MladenSU/cli-mcp-server.git
 Project-URL: Bug Tracker, https://github.com/MladenSU/cli-mcp-server/issues
 Author-email: Mladen <fangs-lever6n@icloud.com>
+License-File: LICENSE
 Requires-Python: >=3.10
-Requires-Dist: mcp>=1.0.0
+Requires-Dist: mcp>=1.1.0
 Description-Content-Type: text/markdown
 # CLI MCP Server
@@ -16,14 +17,15 @@ Description-Content-Type: text/markdown
 ---
 A secure Model Context Protocol (MCP) server implementation for executing controlled command-line operations with
-comprehensive security
-features.
+comprehensive security features.
 ![License](https://img.shields.io/badge/license-MIT-blue.svg)
 ![Python Version](https://img.shields.io/badge/python-3.10%2B-blue)
 ![MCP Protocol](https://img.shields.io/badge/MCP-Compatible-green)
 [![smithery badge](https://smithery.ai/badge/cli-mcp-server)](https://smithery.ai/protocol/cli-mcp-server)
+<a href="https://glama.ai/mcp/servers/q89277vzl1"><img width="380" height="200" src="https://glama.ai/mcp/servers/q89277vzl1/badge" /></a>
 ---
 # Table of Contents
@@ -50,30 +52,32 @@ features.
 ## Overview
 This MCP server enables secure command-line execution with robust security measures including command whitelisting, path
-validation, and
-execution controls. Perfect for providing controlled CLI access to LLM applications while maintaining security.
+validation, and execution controls. Perfect for providing controlled CLI access to LLM applications while maintaining security.
 ## Features
 - 🔒 Secure command execution with strict validation
-- ⚙️ Configurable command and flag whitelisting
-- 🛡️ Path traversal prevention
+- ⚙️ Configurable command and flag whitelisting with 'all' option
+- 🛡️ Path traversal prevention and validation
 - 🚫 Shell operator injection protection
 - ⏱️ Execution timeouts and length limits
 - 📝 Detailed error reporting
 - 🔄 Async operation support
+- 🎯 Working directory restriction and validation
 ## Configuration
 Configure the server using environment variables:
-| Variable             | Description                              | Default            |
- |----------------------|------------------------------------------|--------------------|
-| `ALLOWED_DIR`        | Base directory for command execution     | Required           |
-| `ALLOWED_COMMANDS`   | Comma-separated list of allowed commands | `ls,cat,pwd`       |
-| `ALLOWED_FLAGS`      | Comma-separated list of allowed flags    | `-l,-a,--help`     |
-| `MAX_COMMAND_LENGTH` | Maximum command string length            | `1024`             |
-| `COMMAND_TIMEOUT`    | Command execution timeout (seconds)      | `30`               |
+| Variable             | Description                                          | Default            |
+|---------------------|------------------------------------------------------|-------------------|
+| `ALLOWED_DIR`       | Base directory for command execution (Required)      | None (Required)   |
+| `ALLOWED_COMMANDS`  | Comma-separated list of allowed commands or 'all'    | `ls,cat,pwd`      |
+| `ALLOWED_FLAGS`     | Comma-separated list of allowed flags or 'all'       | `-l,-a,--help`    |
+| `MAX_COMMAND_LENGTH`| Maximum command string length                        | `1024`            |
+| `COMMAND_TIMEOUT`   | Command execution timeout (seconds)                  | `30`              |
+Note: Setting `ALLOWED_COMMANDS` or `ALLOWED_FLAGS` to 'all' will allow any command or flag respectively.
 ## Installation
@@ -90,19 +94,28 @@ npx @smithery/cli install cli-mcp-server --client claude
 Executes whitelisted CLI commands within allowed directories.
 **Input Schema:**
- ```json
- {
+```json
+{
   "command": {
     "type": "string",
-    "description": "Command to execute (e.g., 'ls -l' or 'cat file.txt')"
+    "description": "Single command to execute (e.g., 'ls -l' or 'cat file.txt')"
   }
 }
- ```
+```
+**Security Notes:**
+- Shell operators (&&, |, >, >>) are not supported
+- Commands must be whitelisted unless ALLOWED_COMMANDS='all'
+- Flags must be whitelisted unless ALLOWED_FLAGS='all'
+- All paths are validated to be within ALLOWED_DIR
 ### show_security_rules
-Displays current security configuration and restrictions.
+Displays current security configuration and restrictions, including:
+- Working directory
+- Allowed commands
+- Allowed flags
+- Security limits (max command length and timeout)
 ## Usage with Claude Desktop
@@ -110,7 +123,7 @@ Add to your `~/Library/Application\ Support/Claude/claude_desktop_config.json`:
 > Development/Unpublished Servers Configuration
- ```json
+```json
 {
   "mcpServers": {
     "cli-mcp-server": {
@@ -131,7 +144,7 @@ Add to your `~/Library/Application\ Support/Claude/claude_desktop_config.json`:
     }
   }
 }
- ```
+```
 > Published Servers Configuration
@@ -158,23 +171,25 @@ Add to your `~/Library/Application\ Support/Claude/claude_desktop_config.json`:
 ## Security Features
-- ✅ Command whitelist enforcement
-- ✅ Flag validation
-- ✅ Path traversal prevention
+- ✅ Command whitelist enforcement with 'all' option
+- ✅ Flag validation with 'all' option
+- ✅ Path traversal prevention and normalization
 - ✅ Shell operator blocking
 - ✅ Command length limits
 - ✅ Execution timeouts
 - ✅ Working directory restrictions
+- ✅ Symlink resolution and validation
 ## Error Handling
 The server provides detailed error messages for:
-- Security violations
-- Command timeouts
+- Security violations (CommandSecurityError)
+- Command timeouts (CommandTimeoutError)
 - Invalid command formats
 - Path security violations
-- Execution failures
+- Execution failures (CommandExecutionError)
+- General command errors (CommandError)
 ## Development
@@ -183,8 +198,6 @@ The server provides detailed error messages for:
 - Python 3.10+
 - MCP protocol library
-## Development
 ### Building and Publishing
 To prepare the package for distribution:
@@ -224,6 +237,6 @@ Upon launching, the Inspector will display a URL that you can access in your bro
 This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
- ---
+---
 For more information or support, please open an issue on the project repository.

{cli_mcp_server-0.2.0 → cli_mcp_server-0.2.2}/README.md RENAMED Viewed

@@ -3,14 +3,15 @@
 ---
 A secure Model Context Protocol (MCP) server implementation for executing controlled command-line operations with
-comprehensive security
-features.
+comprehensive security features.
 ![License](https://img.shields.io/badge/license-MIT-blue.svg)
 ![Python Version](https://img.shields.io/badge/python-3.10%2B-blue)
 ![MCP Protocol](https://img.shields.io/badge/MCP-Compatible-green)
 [![smithery badge](https://smithery.ai/badge/cli-mcp-server)](https://smithery.ai/protocol/cli-mcp-server)
+<a href="https://glama.ai/mcp/servers/q89277vzl1"><img width="380" height="200" src="https://glama.ai/mcp/servers/q89277vzl1/badge" /></a>
 ---
 # Table of Contents
@@ -37,30 +38,32 @@ features.
 ## Overview
 This MCP server enables secure command-line execution with robust security measures including command whitelisting, path
-validation, and
-execution controls. Perfect for providing controlled CLI access to LLM applications while maintaining security.
+validation, and execution controls. Perfect for providing controlled CLI access to LLM applications while maintaining security.
 ## Features
 - 🔒 Secure command execution with strict validation
-- ⚙️ Configurable command and flag whitelisting
-- 🛡️ Path traversal prevention
+- ⚙️ Configurable command and flag whitelisting with 'all' option
+- 🛡️ Path traversal prevention and validation
 - 🚫 Shell operator injection protection
 - ⏱️ Execution timeouts and length limits
 - 📝 Detailed error reporting
 - 🔄 Async operation support
+- 🎯 Working directory restriction and validation
 ## Configuration
 Configure the server using environment variables:
-| Variable             | Description                              | Default            |
- |----------------------|------------------------------------------|--------------------|
-| `ALLOWED_DIR`        | Base directory for command execution     | Required           |
-| `ALLOWED_COMMANDS`   | Comma-separated list of allowed commands | `ls,cat,pwd`       |
-| `ALLOWED_FLAGS`      | Comma-separated list of allowed flags    | `-l,-a,--help`     |
-| `MAX_COMMAND_LENGTH` | Maximum command string length            | `1024`             |
-| `COMMAND_TIMEOUT`    | Command execution timeout (seconds)      | `30`               |
+| Variable             | Description                                          | Default            |
+|---------------------|------------------------------------------------------|-------------------|
+| `ALLOWED_DIR`       | Base directory for command execution (Required)      | None (Required)   |
+| `ALLOWED_COMMANDS`  | Comma-separated list of allowed commands or 'all'    | `ls,cat,pwd`      |
+| `ALLOWED_FLAGS`     | Comma-separated list of allowed flags or 'all'       | `-l,-a,--help`    |
+| `MAX_COMMAND_LENGTH`| Maximum command string length                        | `1024`            |
+| `COMMAND_TIMEOUT`   | Command execution timeout (seconds)                  | `30`              |
+Note: Setting `ALLOWED_COMMANDS` or `ALLOWED_FLAGS` to 'all' will allow any command or flag respectively.
 ## Installation
@@ -77,19 +80,28 @@ npx @smithery/cli install cli-mcp-server --client claude
 Executes whitelisted CLI commands within allowed directories.
 **Input Schema:**
- ```json
- {
+```json
+{
   "command": {
     "type": "string",
-    "description": "Command to execute (e.g., 'ls -l' or 'cat file.txt')"
+    "description": "Single command to execute (e.g., 'ls -l' or 'cat file.txt')"
   }
 }
- ```
+```
+**Security Notes:**
+- Shell operators (&&, |, >, >>) are not supported
+- Commands must be whitelisted unless ALLOWED_COMMANDS='all'
+- Flags must be whitelisted unless ALLOWED_FLAGS='all'
+- All paths are validated to be within ALLOWED_DIR
 ### show_security_rules
-Displays current security configuration and restrictions.
+Displays current security configuration and restrictions, including:
+- Working directory
+- Allowed commands
+- Allowed flags
+- Security limits (max command length and timeout)
 ## Usage with Claude Desktop
@@ -97,7 +109,7 @@ Add to your `~/Library/Application\ Support/Claude/claude_desktop_config.json`:
 > Development/Unpublished Servers Configuration
- ```json
+```json
 {
   "mcpServers": {
     "cli-mcp-server": {
@@ -118,7 +130,7 @@ Add to your `~/Library/Application\ Support/Claude/claude_desktop_config.json`:
     }
   }
 }
- ```
+```
 > Published Servers Configuration
@@ -145,23 +157,25 @@ Add to your `~/Library/Application\ Support/Claude/claude_desktop_config.json`:
 ## Security Features
-- ✅ Command whitelist enforcement
-- ✅ Flag validation
-- ✅ Path traversal prevention
+- ✅ Command whitelist enforcement with 'all' option
+- ✅ Flag validation with 'all' option
+- ✅ Path traversal prevention and normalization
 - ✅ Shell operator blocking
 - ✅ Command length limits
 - ✅ Execution timeouts
 - ✅ Working directory restrictions
+- ✅ Symlink resolution and validation
 ## Error Handling
 The server provides detailed error messages for:
-- Security violations
-- Command timeouts
+- Security violations (CommandSecurityError)
+- Command timeouts (CommandTimeoutError)
 - Invalid command formats
 - Path security violations
-- Execution failures
+- Execution failures (CommandExecutionError)
+- General command errors (CommandError)
 ## Development
@@ -170,8 +184,6 @@ The server provides detailed error messages for:
 - Python 3.10+
 - MCP protocol library
-## Development
 ### Building and Publishing
 To prepare the package for distribution:
@@ -211,6 +223,6 @@ Upon launching, the Inspector will display a URL that you can access in your bro
 This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
- ---
+---
 For more information or support, please open an issue on the project repository.

cli_mcp_server-0.2.2/glama.json ADDED Viewed

@@ -0,0 +1,6 @@
+{
+    "$schema": "https://glama.ai/mcp/schemas/server.json",
+    "maintainers": [
+    "MladenSU"
+    ]
+}

{cli_mcp_server-0.2.0 → cli_mcp_server-0.2.2}/pyproject.toml RENAMED Viewed

@@ -1,10 +1,10 @@
 [project]
 name = "cli-mcp-server"
-version = "0.2.0"
+version = "0.2.2"
 description = "Command line interface for MCP clients with secure execution and customizable security policies"
 readme = "README.md"
 requires-python = ">=3.10"
-dependencies = ["mcp>=1.0.0"]
+dependencies = ["mcp>=1.1.0"]
 authors = [
     { name = "Mladen", email = "fangs-lever6n@icloud.com" },
 ]

{cli_mcp_server-0.2.0 → cli_mcp_server-0.2.2}/src/cli_mcp_server/server.py RENAMED Viewed

@@ -47,6 +47,8 @@ class SecurityConfig:
     allowed_flags: set[str]
     max_command_length: int
     command_timeout: int
+    allow_all_commands: bool = False
+    allow_all_flags: bool = False
 class CommandExecutor:
@@ -60,7 +62,7 @@ class CommandExecutor:
         """
         Normalizes a path and ensures it's within allowed directory.
         """
-        try:
+        try:
             if os.path.isabs(path):
                 # If absolute path, check directly
                 real_path = os.path.abspath(os.path.realpath(path))
@@ -109,21 +111,26 @@ class CommandExecutor:
             command, args = parts[0], parts[1:]
-            # Validate command
-            if command not in self.security_config.allowed_commands:
+            # Validate command if not in allow-all mode
+            if not self.security_config.allow_all_commands and command not in self.security_config.allowed_commands:
                 raise CommandSecurityError(f"Command '{command}' is not allowed")
             # Process and validate arguments
             validated_args = []
             for arg in args:
                 if arg.startswith("-"):
-                    if arg not in self.security_config.allowed_flags:
+                    if not self.security_config.allow_all_flags and arg not in self.security_config.allowed_flags:
                         raise CommandSecurityError(f"Flag '{arg}' is not allowed")
                     validated_args.append(arg)
                     continue
                 # For any path-like argument, validate it
-                if "/" in arg or "\\" in arg or os.path.isabs(arg) or arg == ".":
+                if "/" in arg or "\\" in arg or os.path.isabs(arg) or arg == ".":
+                    if self._is_url_path(arg):
+                        # If it's a URL, we don't need to normalize it
+                        validated_args.append(arg)
+                        continue
                     normalized_path = self._normalize_path(arg)
                     validated_args.append(normalized_path)
                 else:
@@ -135,6 +142,20 @@ class CommandExecutor:
         except ValueError as e:
             raise CommandSecurityError(f"Invalid command format: {str(e)}")
+    def _is_url_path(self, path: str) -> bool:
+        """
+        Checks if a given path is a URL of type http or https.
+        Args:
+            path (str): The path to check.
+        Returns:
+            bool: True if the path is a URL, False otherwise.
+        """
+        url_pattern = re.compile(r"^(http|https)://")
+        return bool(url_pattern.match(path))
     def _is_path_safe(self, path: str) -> bool:
         """
         Checks if a given path is safe to access within allowed directory boundaries.
@@ -224,19 +245,28 @@ def load_security_config() -> SecurityConfig:
             - allowed_flags: Set of permitted command flags/options
             - max_command_length: Maximum length of command string
             - command_timeout: Maximum execution time in seconds
+            - allow_all_commands: Whether all commands are allowed
+            - allow_all_flags: Whether all flags are allowed
     Environment Variables:
-        ALLOWED_COMMANDS: Comma-separated list of allowed commands (default: "ls,cat,pwd")
-        ALLOWED_FLAGS: Comma-separated list of allowed flags (default: "-l,-a,--help")
-        ALLOWED_PATTERNS: Comma-separated list of patterns (default: "*.txt,*.log,*.md")
+        ALLOWED_COMMANDS: Comma-separated list of allowed commands or 'all' (default: "ls,cat,pwd")
+        ALLOWED_FLAGS: Comma-separated list of allowed flags or 'all' (default: "-l,-a,--help")
         MAX_COMMAND_LENGTH: Maximum command string length (default: 1024)
         COMMAND_TIMEOUT: Command timeout in seconds (default: 30)
     """
+    allowed_commands = os.getenv("ALLOWED_COMMANDS", "ls,cat,pwd")
+    allowed_flags = os.getenv("ALLOWED_FLAGS", "-l,-a,--help")
+    allow_all_commands = allowed_commands.lower() == 'all'
+    allow_all_flags = allowed_flags.lower() == 'all'
     return SecurityConfig(
-        allowed_commands=set(os.getenv("ALLOWED_COMMANDS", "ls,cat,pwd").split(",")),
-        allowed_flags=set(os.getenv("ALLOWED_FLAGS", "-l,-a,--help").split(",")),
+        allowed_commands=set() if allow_all_commands else set(allowed_commands.split(",")),
+        allowed_flags=set() if allow_all_flags else set(allowed_flags.split(",")),
         max_command_length=int(os.getenv("MAX_COMMAND_LENGTH", "1024")),
         command_timeout=int(os.getenv("COMMAND_TIMEOUT", "30")),
+        allow_all_commands=allow_all_commands,
+        allow_all_flags=allow_all_flags,
     )
@@ -245,13 +275,16 @@ executor = CommandExecutor(allowed_dir=os.getenv("ALLOWED_DIR", ""), security_co
 @server.list_tools()
 async def handle_list_tools() -> list[types.Tool]:
+    commands_desc = "all commands" if executor.security_config.allow_all_commands else ", ".join(executor.security_config.allowed_commands)
+    flags_desc = "all flags" if executor.security_config.allow_all_flags else ", ".join(executor.security_config.allowed_flags)
     return [
         types.Tool(
             name="run_command",
             description=(
                 f"Allows command (CLI) execution in the directory: {executor.allowed_dir}\n\n"
-                f"Available commands: {', '.join(executor.security_config.allowed_commands)}\n"
-                f"Available flags: {', '.join(executor.security_config.allowed_flags)}\n\n"
+                f"Available commands: {commands_desc}\n"
+                f"Available flags: {flags_desc}\n\n"
                 "Note: Shell operators (&&, |, >, >>) are not supported."
             ),
             inputSchema={
@@ -314,16 +347,19 @@ async def handle_call_tool(name: str, arguments: Optional[Dict[str, Any]]) -> Li
             return [types.TextContent(type="text", text=f"Error: {str(e)}", error=True)]
     elif name == "show_security_rules":
+        commands_desc = "All commands allowed" if executor.security_config.allow_all_commands else ", ".join(sorted(executor.security_config.allowed_commands))
+        flags_desc = "All flags allowed" if executor.security_config.allow_all_flags else ", ".join(sorted(executor.security_config.allowed_flags))
         security_info = (
             "Security Configuration:\n"
             f"==================\n"
             f"Working Directory: {executor.allowed_dir}\n"
             f"\nAllowed Commands:\n"
             f"----------------\n"
-            f"{', '.join(sorted(executor.security_config.allowed_commands))}\n"
+            f"{commands_desc}\n"
             f"\nAllowed Flags:\n"
             f"-------------\n"
-            f"{', '.join(sorted(executor.security_config.allowed_flags))}\n"
+            f"{flags_desc}\n"
             f"\nSecurity Limits:\n"
             f"---------------\n"
             f"Max Command Length: {executor.security_config.max_command_length} characters\n"
@@ -341,10 +377,10 @@ async def main():
             write_stream,
             InitializationOptions(
                 server_name="cli-mcp-server",
-                server_version="0.2.0",
+                server_version="0.2.1",
                 capabilities=server.get_capabilities(
                     notification_options=NotificationOptions(),
                     experimental_capabilities={},
                 ),
             ),
-        )
+        )

{cli_mcp_server-0.2.0 → cli_mcp_server-0.2.2}/uv.lock RENAMED Viewed

@@ -36,14 +36,14 @@ wheels = [
 [[package]]
 name = "cli-mcp-server"
-version = "0.2.0"
+version = "0.2.2"
 source = { editable = "." }
 dependencies = [
     { name = "mcp" },
 ]
 [package.metadata]
-requires-dist = [{ name = "mcp", specifier = ">=1.0.0" }]
+requires-dist = [{ name = "mcp", specifier = ">=1.1.0" }]
 [[package]]
 name = "click"
@@ -132,7 +132,7 @@ wheels = [
 [[package]]
 name = "mcp"
-version = "1.0.0"
+version = "1.1.2"
 source = { registry = "https://pypi.org/simple" }
 dependencies = [
     { name = "anyio" },
@@ -142,9 +142,9 @@ dependencies = [
     { name = "sse-starlette" },
     { name = "starlette" },
 ]
-sdist = { url = "https://files.pythonhosted.org/packages/97/de/a9ec0a1b6439f90ea59f89004bb2e7ec6890dfaeef809751d9e6577dca7e/mcp-1.0.0.tar.gz", hash = "sha256:dba51ce0b5c6a80e25576f606760c49a91ee90210fed805b530ca165d3bbc9b7", size = 82891 }
+sdist = { url = "https://files.pythonhosted.org/packages/9b/f3/5cf212e60681ea6da0dbb6e0d1bc0ab2dbf5eebc749b69663d46f114fea1/mcp-1.1.2.tar.gz", hash = "sha256:694aa9df7a8641b24953c935eb72c63136dc948981021525a0add199bdfee402", size = 57628 }
 wheels = [
-    { url = "https://files.pythonhosted.org/packages/56/89/900c0c8445ec001d3725e475fc553b0feb2e8a51be018f3bb7de51e683db/mcp-1.0.0-py3-none-any.whl", hash = "sha256:bbe70ffa3341cd4da78b5eb504958355c68381fb29971471cea1e642a2af5b8a", size = 36361 },
+    { url = "https://files.pythonhosted.org/packages/df/40/9883eac3718b860d4006eba1920bfcb628f0a1fe37fac46a4f4e391edca6/mcp-1.1.2-py3-none-any.whl", hash = "sha256:a4d32d60fd80a1702440ba4751b847a8a88957a1f7b059880953143e9759965a", size = 36652 },
 ]
 [[package]]

{cli_mcp_server-0.2.0 → cli_mcp_server-0.2.2}/.gitignore RENAMED Viewed

File without changes

{cli_mcp_server-0.2.0 → cli_mcp_server-0.2.2}/.python-version RENAMED Viewed

File without changes

{cli_mcp_server-0.2.0 → cli_mcp_server-0.2.2}/LICENSE RENAMED Viewed

File without changes

{cli_mcp_server-0.2.0 → cli_mcp_server-0.2.2}/src/cli_mcp_server/__init__.py RENAMED Viewed

File without changes

cli-mcp-server 0.2.0__tar.gz → 0.2.2__tar.gz

cli-mcp-server 0.2.0tar.gz → 0.2.2tar.gz