MCPShell

MCPShell

The MCPShell is a tool that allows LLMs to safely execute command-line tools through the Model Context Protocol (MCP). It provides a secure bridge between LLMs and operating system commands.

Features

• Flexible command execution: Run any shell commands as MCP tools, with parameter substitution through templates,.
• Configuration-based tool definitions: Define tools in YAML with parameters, constraints, and output formatting.
• Security through constraints: Validate tool parameters using CEL expressions before execution.
• Robust error handling: Graceful recovery from panics with detailed logging.
• Simple integration: Works with any LLM supporting the MCP protocol.

Quick Start

Imagine you want Cursor (or some other MCP client) help you with your space problems in your hard disk.

1. Create a configuration file example.yaml defining your tools:

   mcp:
     description: |
       Tool for analyzing disk usage to help identify what's consuming space.
     run:
       shell: bash
     tools:
       - name: "disk_usage"
         description: "Check disk usage for a directory"
         params:
           directory:
             type: string
             description: "Directory to analyze"
             required: true
           max_depth:
             type: number
             description: "Maximum depth to analyze (1-3)"
             default: 2
         constraints:
           - "directory.startsWith('/')"  # Must be absolute path
           - "!directory.contains('..')"  # Prevent directory traversal
           - "max_depth >= 1 && max_depth <= 3"  # Limit recursion depth
           - "directory.matches('^[\\w\\s./\\-_]+$')"  # Only allow safe path characters, prevent command injection
         run:
           command: |
             du -h --max-depth={{ .max_depth }} {{ .directory }} | sort -hr | head -20
         output:
           prefix: |
             Disk Usage Analysis (Top 20 largest directories):
   

   Take a look at the examples directory for more sophisticated and useful examples.

2. Configure the MCP server in Cursor (or in any other LLM client with support for MCP)

   For example, for Cursor, create .cursor/mcp.json:

   {
       // you need the "go" command available
       "mcpServers": {
           "mcp-cli-examples": {
               "command": "go",
               "args": [
                  "run", "github.com/inercia/MCPShell@v0.0.9",
                  "run", "--config", "/my/example.yaml", "--logfile", "/some/path/mcpshell/example.log"
               ]
           }
       }
   }
   

   See more details on how to configure Cursor or Visual Studio Code. Other LLMs with support for MCPs should be configured in a similar way.

3. Make sure your MCP client is refreshed (Cursor should recognize it automatically the firt time, but any change in the config file will require a refresh).

4. Ask your LLM some questions it should be able to answer with the new tool. For example: "I'm running out of space in my hard disk. Could you help me finding the problem?".

Configuration

Configuration files use a YAML format defined here. See the this directory for some examples.

Security Considerations

So you will probably thing "this AI has helped me finding all those big files. What if I create another tool for removing files?". Don't do that!.

• Limit the scope of these tools to read-only actions, do not give the LLM the power to change things.
• Use constraints to limit command execution to safe parameters
• Consider using a restricted shell or creating a dedicated user for running the adapter
• Review all command templates for potential injection vulnerabilities
• Only expose tools that are safe for external use

Please read the Security Considerations document before using this software.

Contributing

Contributions are welcome! Take a look at the development guide. Please open an issue or submit a pull request on GitHub.

License

This project is licensed under the MIT License - see the LICENSE file for details.