Terminal
Executes whitelisted shell commands in a secure environment with timeout and output limits. Prevents command injection while allowing controlled terminal access.
Provides a secure terminal server for executing whitelisted shell commands with strict resource controls and security boundaries.
What it does
- Execute whitelisted shell commands
- Capture command output and errors
- Set command timeouts and resource limits
- Stream command output in real-time
- Prevent command injection attacks
Best for
About Terminal
Terminal is a community-built MCP server published by rinardnick that provides AI assistants with tools and capabilities via the Model Context Protocol. Terminal offers a secure terminal server for executing approved shell commands with robust resource controls and advance It is categorized under auth security, developer tools.
How to install
You can install Terminal in your AI client of choice. Use the install panel on this page to get one-click setup for Cursor, Claude Desktop, VS Code, and other MCP-compatible clients. This server runs locally on your machine via the stdio transport.
License
Terminal is released under the MIT license. This is a permissive open-source license, meaning you can freely use, modify, and distribute the software.
MCP Terminal Server
A secure terminal execution server implementing the Model Context Protocol (MCP). This server provides controlled command execution capabilities with security features and resource limits.
Features
- Command Execution: Execute shell commands with output capture and error handling
- Security Controls: Restrict allowed commands and prevent command injection
- Resource Controls:
- Command timeouts
- Maximum output size limits
- MCP Protocol Support:
- Standard MCP message format
- Capability advertisement
- Streaming output support
Development
Local Setup
# Clone the repository
git clone https://github.com/RinardNick/mcp-terminal.git
cd mcp-terminal
# Create and activate virtual environment using uv
uv venv
source .venv/bin/activate # or .venv\Scripts\activate on Windows
# Install development dependencies
uv pip install -e ".[dev]"
Publishing to PyPI
# Build the package
uv pip install build
python -m build
# Upload to PyPI
uv pip install twine
python -m twine upload dist/*
Testing with MCP Inspector
The MCP Inspector tool can be used to test the server implementation:
# Install inspector
npm install -g @modelcontextprotocol/inspector
# Test server
npx @modelcontextprotocol/inspector python3 src/mcp_terminal/server.py --allowed-commands "python,pip,git,ls,cd"
Running Tests
# Run all tests
pytest tests/
# Run specific test file
pytest tests/test_terminal.py
# Run with coverage
pytest --cov=mcp_terminal tests/
Using with Claude Desktop
Once the package is published to PyPI:
-
Install UV (if not already installed):
pip install uv -
Install the Package using UV:
uv pip install mcp-terminal -
Configure Claude Desktop: Edit your Claude Desktop config file (typically at
~/Library/Application Support/Claude/claude_desktop_config.jsonon macOS):{ "mcpServers": { "terminal": { "command": "uv", "args": [ "pip", "run", "mcp-terminal", "--allowed-commands", "python,pip,git,ls,cd", "--timeout-ms", "30000", "--max-output-size", "1048576" ] } } }
Protocol Implementation
The server implements the Model Context Protocol (MCP) with the following capabilities:
Capabilities Advertisement
{
"protocol": "1.0.0",
"name": "terminal",
"version": "1.1.0",
"capabilities": {
"execute": {
"description": "Execute a terminal command",
"parameters": {
"command": {
"type": "string",
"description": "The command to execute"
}
},
"returns": {
"type": "object",
"properties": {
"exitCode": { "type": "number" },
"stdout": { "type": "string" },
"stderr": { "type": "string" },
"startTime": { "type": "string" },
"endTime": { "type": "string" }
}
}
}
}
}
Message Format
Request:
{
"type": "execute",
"data": {
"command": "echo 'hello world'"
}
}
Response:
{
"type": "result",
"data": {
"command": "echo 'hello world'",
"exitCode": 0,
"stdout": "hello world\n",
"stderr": "",
"startTime": "2024-01-20T12:34:56.789Z",
"endTime": "2024-01-20T12:34:56.790Z"
}
}
Error:
{
"type": "error",
"data": {
"message": "command not allowed"
}
}
Security Considerations
-
Command Validation:
- Only allowed commands can be executed
- Shell operators are blocked
- Command injection attempts are prevented
-
Resource Protection:
- Command timeouts prevent hanging
- Output size limits prevent memory exhaustion
- Error handling for all failure cases
-
Best Practices:
- Always set
allowed-commandsin production - Use conservative timeout and size limits
- Monitor command execution logs
- Always set
Contributing
- Fork the repository
- Create your feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add some amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
License
This project is licensed under the MIT License - see the LICENSE file for details.
Alternatives
Related Skills
Browse all skillsUse when working with the OpenAI API (Responses API) or OpenAI platform features (tools, streaming, Realtime API, auth, models, rate limits, MCP) and you need authoritative, up-to-date documentation (schemas, examples, limits, edge cases). Prefer the OpenAI Developer Documentation MCP server tools when available; otherwise guide the user to enable `openaiDeveloperDocs`.
Security audit and validation tools for the Agent Skills ecosystem. Scan skill packages for common vulnerabilities like credential leaks, unauthorized file access, and Git history secrets. Use when you need to audit skills for security before installation, validate skill packages against Agent Skills standards, or ensure your skills follow best practices.
Azure Identity SDK for Rust authentication. Use for DeveloperToolsCredential, ManagedIdentityCredential, ClientSecretCredential, and token-based authentication. Triggers: "azure-identity", "DeveloperToolsCredential", "authentication rust", "managed identity rust", "credential rust".
CCXT cryptocurrency exchange library for TypeScript and JavaScript developers (Node.js and browser). Covers both REST API (standard) and WebSocket API (real-time). Helps install CCXT, connect to exchanges, fetch market data, place orders, stream live tickers/orderbooks, handle authentication, and manage errors. Use when working with crypto exchanges in TypeScript/JavaScript projects, trading bots, arbitrage systems, or portfolio management tools. Includes both REST and WebSocket examples.
.NET/C# backend developer for ASP.NET Core APIs with Entity Framework Core. Builds REST APIs, minimal APIs, gRPC services, authentication with Identity/JWT, authorization, database operations, background services, SignalR real-time features. Activates for: .NET, C#, ASP.NET Core, Entity Framework Core, EF Core, .NET Core, minimal API, Web API, gRPC, authentication .NET, Identity, JWT .NET, authorization, LINQ, async/await C#, background service, IHostedService, SignalR, SQL Server, PostgreSQL .NET, dependency injection, middleware .NET.
Build full-stack applications with Supabase (PostgreSQL, Auth, Storage, Real-time, Edge Functions). Use when implementing authentication, database design with RLS, file storage, real-time features, or serverless functions.