Model Context Protocol moderate risk

CLI

This MCP server provides secure, controlled command-line execution with whitelisting, path validation, and execution limits, ideal for integrating CLI tools with LLMs.

Connections & Capabilities

Connects To

GitHub

Capabilities

exec

Quickstart

Install

npx @smithery/cli install cli-mcp-server --client claude

Config

{
  "command": {
    "type": "string",
    "description": "Single command to execute (e.g., 'ls -l' or 'cat file.txt')"
  }
}

Exposed MCP Tools (2)

moderate

run_command

Executes a specified command-line command with pre-defined security constraints.

Can execute arbitrary commands within the allowed directory, potentially leading to unintended consequences if not properly configured.

safe

show_security_rules

Displays the current security configuration of the MCP server.

Read-only operation that only reveals the current security settings.

Safety Assessment

This server is relatively safe when command and flag whitelists are strictly defined and shell operators are disabled. Enabling shell operators or using 'all' for commands/flags significantly increases the risk of exploitation. Proper configuration and monitoring are crucial.

Command whitelisting restricts executable commands.
Flag validation limits command options.
Path traversal protection prevents access to unauthorized directories.
Execution timeouts prevent indefinite command execution.
Working directory restrictions confine command operations.

If `ALLOW_SHELL_OPERATORS` is enabled, it introduces a risk of shell injection.
Incorrectly configured whitelists can lead to unintended command execution.
The 'all' option for commands and flags bypasses security controls.
Insufficiently restricted working directory can expose sensitive files.
Even with restrictions, authorized commands can still be misused.