CLI Secure logo

CLI Secure

Community
mladensu

Command line interface for MCP clients with secure execution and customizable security policies

Publishermladensu
Repositorycli-mcp-server
LanguagePython
Forks
32
Stars
169
Available tools
0
Transport typestdio
Categories
Auth SecurityDeveloper Tools
LicenseMIT
Links
GitHub
  • Connect tools to AI workflows

    CLI Secure exposes MCP capabilities that can be used by compatible AI clients and agents.

  • 0 available tools

    Browse the callable actions below, including names and descriptions when provided by the server.

  • Ready-to-copy setup

    Use the installation snippets to configure this server in your preferred MCP client.

  • Open source signals

    169 stars and 32 forks from the linked repository.

CLI MCP Server

A secure Model Context Protocol (MCP) server implementation for executing controlled command-line operations with comprehensive security features.

License Python Version MCP Protocol smithery badge Python Tests

Table of Contents

  1. Overview
  2. Features
  3. Configuration
  4. Available Tools
  5. Usage with Claude Desktop
  6. Security Features
  7. Error Handling
  8. Development
  9. License

Overview

This MCP server enables secure command-line execution with robust security measures including command whitelisting, path validation, and execution controls. Perfect for providing controlled CLI access to LLM applications while maintaining security.

Features

  • 🔒 Secure command execution with strict validation
  • ⚙️ Configurable command and flag whitelisting with 'all' option
  • 🛡️ Path traversal prevention and validation
  • 🚫 Shell operator injection protection
  • ⏱️ Execution timeouts and length limits
  • 📝 Detailed error reporting
  • 🔄 Async operation support
  • 🎯 Working directory restriction and validation

Configuration

Configure the server using environment variables:

VariableDescriptionDefault
ALLOWED_DIRBase directory for command execution (Required)None (Required)
ALLOWED_COMMANDSComma-separated list of allowed commands or 'all'ls,cat,pwd
ALLOWED_FLAGSComma-separated list of allowed flags or 'all'-l,-a,--help
MAX_COMMAND_LENGTHMaximum command string length1024
COMMAND_TIMEOUTCommand execution timeout (seconds)30
ALLOW_SHELL_OPERATORSAllow shell operators (&&, ||, |, >, etc.)false

Note: Setting ALLOWED_COMMANDS or ALLOWED_FLAGS to 'all' will allow any command or flag respectively.

Installation

To install CLI MCP Server for Claude Desktop automatically via Smithery:

bash
npx @smithery/cli install cli-mcp-server --client claude

Available Tools

run_command

Executes whitelisted CLI commands within allowed directories.

Input Schema:

json
{
  "command": {
    "type": "string",
    "description": "Single command to execute (e.g., 'ls -l' or 'cat file.txt')"
  }
}

Security Notes:

  • Shell operators (&&, |, >, >>) are not supported by default, but can be enabled with ALLOW_SHELL_OPERATORS=true
  • Commands must be whitelisted unless ALLOWED_COMMANDS='all'
  • Flags must be whitelisted unless ALLOWED_FLAGS='all'
  • All paths are validated to be within ALLOWED_DIR

show_security_rules

Displays current security configuration and restrictions, including:

  • Working directory
  • Allowed commands
  • Allowed flags
  • Security limits (max command length and timeout)

Usage with Claude Desktop

Add to your ~/Library/Application\ Support/Claude/claude_desktop_config.json:

Development/Unpublished Servers Configuration

json
{
  "mcpServers": {
    "cli-mcp-server": {
      "command": "uv",
      "args": [
        "--directory",
        "<path/to/the/repo>/cli-mcp-server",
        "run",
        "cli-mcp-server"
      ],
      "env": {
        "ALLOWED_DIR": "</your/desired/dir>",
        "ALLOWED_COMMANDS": "ls,cat,pwd,echo",
        "ALLOWED_FLAGS": "-l,-a,--help,--version",
        "MAX_COMMAND_LENGTH": "1024",
        "COMMAND_TIMEOUT": "30",
        "ALLOW_SHELL_OPERATORS": "false"
      }
    }
  }
}

Published Servers Configuration

json
{
  "mcpServers": {
    "cli-mcp-server": {
      "command": "uvx",
      "args": [
        "cli-mcp-server"
      ],
      "env": {
        "ALLOWED_DIR": "</your/desired/dir>",
        "ALLOWED_COMMANDS": "ls,cat,pwd,echo",
        "ALLOWED_FLAGS": "-l,-a,--help,--version",
        "MAX_COMMAND_LENGTH": "1024",
        "COMMAND_TIMEOUT": "30",
        "ALLOW_SHELL_OPERATORS": "false"
      }
    }
  }
}

In case it's not working or showing in the UI, clear your cache via uv clean.

Security Features

  • ✅ Command whitelist enforcement with 'all' option
  • ✅ Flag validation with 'all' option
  • ✅ Path traversal prevention and normalization
  • ✅ Shell operator blocking (with opt-in support via ALLOW_SHELL_OPERATORS=true)
  • ✅ Command length limits
  • ✅ Execution timeouts
  • ✅ Working directory restrictions
  • ✅ Symlink resolution and validation

Error Handling

The server provides detailed error messages for:

  • Security violations (CommandSecurityError)
  • Command timeouts (CommandTimeoutError)
  • Invalid command formats
  • Path security violations
  • Execution failures (CommandExecutionError)
  • General command errors (CommandError)

Development

Prerequisites

  • Python 3.10+
  • MCP protocol library

Building and Publishing

To prepare the package for distribution:

  1. Sync dependencies and update lockfile:

    bash
    uv sync

  2. Build package distributions:

    bash
    uv build

    This will create source and wheel distributions in the dist/ directory.

  3. Publish to PyPI:

    bash
    uv publish --token {{YOUR_PYPI_API_TOKEN}}

Debugging

Since MCP servers run over stdio, debugging can be challenging. For the best debugging experience, we strongly recommend using the MCP Inspector.

You can launch the MCP Inspector via npm with this command:

bash
npx @modelcontextprotocol/inspector uv --directory {{your source code local directory}}/cli-mcp-server run cli-mcp-server

Upon launching, the Inspector will display a URL that you can access in your browser to begin debugging.

License

This project is licensed under the MIT License - see the LICENSE file for details.

For more information or support, please open an issue on the project repository.

Installation

TypingMind
Prerequisites:

Node.js 18+

{
  "mcpServers": {
    "cli-mcp-server": {
      "command": "uvx",
      "args": [
        "cli-mcp-server"
      ],
      "env": {
        "ALLOWED_DIR": "</your/desired/dir>",
        "ALLOWED_COMMANDS": "ls,cat,pwd,echo",
        "ALLOWED_FLAGS": "-l,-a,--help,--version",
        "MAX_COMMAND_LENGTH": "1024",
        "COMMAND_TIMEOUT": "30",
        "ALLOW_SHELL_OPERATORS": "false"
      }
    }
  }
}

Use CLI Secure MCP with multiple AI models

TypingMind connects MCP tools at the workspace level, so once CLI Secure is connected, you can use it with different AI models in TypingMind instead of setting it up separately for each model. This MCP runs locally through the TypingMind MCP connector on your device.

Setup guide to use the local connector

Use this when the MCP server needs access to local files, apps, or private resources on your computer.

1

Open the MCP settings

In TypingMind, go to Settings, Advanced Settings, then Model Context Protocol and choose Setup Connector.

  1. Open TypingMind in your browser.
  2. Click the Settings icon.
  3. Go to Advanced Settings.
  4. Open the Model Context Protocol section.
  5. Click Setup Connector and choose This Device.
TypingMind MCP connector setup screen with This Device selected
2

Run the connector command

Choose This Device, copy the command from TypingMind, and run it in Terminal. Keep the process running while you use MCP.

  1. Copy the setup command shown by TypingMind.
  2. Open Terminal on macOS or Windows Terminal on Windows.
  3. Paste and run the command.
  4. Approve the package install if Terminal asks you to proceed.
  5. Keep the Terminal window running while using MCP tools.
3

Add CLI Secure as a server

When the connector status is Ready, click Edit Servers and paste the MCP server configuration.

  1. Wait until the connector status shows Ready.
  2. Click Edit Servers.
  3. Paste the CLI Secure MCP server configuration.
  4. Save the server list.
  5. Refresh if you want to confirm the connector is still ready.
TypingMind MCP settings showing active server and Edit Servers button
{
  "mcpServers": {
    "cli-secure": {
      "command": "npx",
      "args": [
        "-y",
        "cli-mcp-server"
      ]
    }
  }
}
4

Use it across models

Save the server list, open Plugins, enable the CLI Secure MCP tools, then select any supported AI model in TypingMind and use the tools in chat or assign them to an AI agent.

  1. Open the Plugins page in TypingMind.
  2. Enable the CLI Secure MCP tools.
  3. Start a chat and choose the AI model you want to use.
  4. Use the MCP tools in chat or assign them to an AI agent.
  5. Switch to another AI model whenever needed without reconnecting MCP.
TypingMind chat using enabled MCP tools with a selected AI model
Can you use CLI Secure to help me with this task?
CLI Secure
Sure. I read it.
Here is what I found using CLI Secure.

Frequently asked questions

What is the CLI Secure MCP server used for?

CLI Secure is an MCP server that lets compatible AI clients connect to external tools and context. In TypingMind, you can add this MCP server once and make its tools available in your AI workspace.

Can I use CLI Secure MCP with multiple AI models in TypingMind?

Yes. TypingMind connects MCP tools at the workspace level, so you can use CLI Secure with different AI models such as Claude, ChatGPT, Gemini, or other models you have configured in TypingMind without setting up the MCP server separately for each model.

Why use CLI Secure MCP with TypingMind?

TypingMind is one of the best frontends for LLM chat because it brings multiple AI models, prompts, plugins, AI agents, API keys, and MCP tools into one workspace. With CLI Secure connected, you can use its MCP tools across your preferred models while keeping your chat workflow organized in TypingMind.

How do I connect CLI Secure MCP to TypingMind?

CLI Secure runs through the TypingMind local MCP connector. This is best when the MCP server needs access to local files, desktop apps, command-line tools, or private resources on your computer.

What tools does CLI Secure MCP provide in TypingMind?

CLI Secure exposes MCP capabilities that can be enabled from the TypingMind Plugins page and used in chat or assigned to AI agents.

Do I need to share my API keys with TypingMind to use CLI Secure MCP?

No. TypingMind is local-first and lets you keep your model providers, API keys, prompts, and MCP configuration under your control. If CLI Secure requires authentication, add the required headers, OAuth settings, or local configuration for that MCP server when you create the connection.

Related MCP Servers

View all
LaurieWired logo

GhidraMCP

LaurieWired
CommunityPopular

MCP Server for Ghidra

900
8.9K
0 tools
View details
0x4m4 logo

HexStrike AI

0x4m4
CommunityPopular

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly bridge LLMs with real-world offensive security capabilities.

1.9K
8.7K
0 tools
View details
webflow logo

Webflow

webflow
CommunityPopular

Official Webflow MCP server. Manage sites, pages, CMS collections, and form submissions via Webflow's Data API. Publish drafts, update content, and automate site operations.

0
3.9K
16 tools
View details
integromat logo

Make.com (Integromat)

integromat
CommunityPopular

Official Make.com MCP server. Trigger scenarios, manage connections, and automate workflows across 2,000+ apps via Make's visual automation platform.

0
3.8K
16 tools
View details

Set up your own AI workspace now

Get notified about new features and future giveaways by subscribing to our newsletter 👇