drio
Open app

Container-MCP

Source

A podman ubuntu 24.04 container that serves a MCP server; with file, code execution, bash shell, and more.

Catalog onlyCatalog onlySTDIO

Overview

Container-MCP is a secure, container-based implementation of the Model Context Protocol (MCP) designed for executing tools on behalf of large language models in a sandboxed environment.

To use Container-MCP, clone the repository, run the provided installation scripts, and connect to the MCP server using a compatible client to execute commands and scripts securely.

  • Multi-layered security with container isolation and AppArmor profiles. - Implementation of the MCP protocol for standardized tool discovery and execution. - Domain-specific managers for secure execution of bash commands, Python code, file operations, and web browsing. - Configurable environment with extensive options via environment variables.
  1. Executing secure bash commands in a controlled environment.
  2. Running Python scripts with restricted access to system resources.
  3. Performing safe file operations and web scraping without compromising security.

Add to your AI client

Use these steps to connect Container-MCP in Cursor, Claude, VS Code, and other MCP-compatible apps. The same JSON appears in the Use with menu above for one-click copy.

Cursor

Add this to your .cursor/mcp.json file in your project root, then restart Cursor.

.cursor/mcp.json

{
  "mcpServers": {
    "container-mcp-54rt1n": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-container-mcp-54rt1n"
      ]
    }
  }
}

Claude Desktop

Add this server entry to the mcpServers object in your Claude Desktop config, then restart the app.

~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%\Claude\claude_desktop_config.json (Windows)

{
  "mcpServers": {
    "container-mcp-54rt1n": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-container-mcp-54rt1n"
      ]
    }
  }
}

Claude Code

Add this to your project's .mcp.json file. Claude Code will detect it automatically.

.mcp.json (project root)

{
  "mcpServers": {
    "container-mcp-54rt1n": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-container-mcp-54rt1n"
      ]
    }
  }
}

VS Code (Copilot)

Add this to your .vscode/mcp.json file. Requires the GitHub Copilot extension with MCP support enabled.

.vscode/mcp.json

{
  "servers": {
    "container-mcp-54rt1n": {
      "type": "stdio",
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-container-mcp-54rt1n"
      ]
    }
  }
}

Windsurf

Add this to your Windsurf MCP config file, then restart Windsurf.

~/.codeium/windsurf/mcp_config.json

{
  "mcpServers": {
    "container-mcp-54rt1n": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-container-mcp-54rt1n"
      ]
    }
  }
}

Cline

Open Cline settings, navigate to MCP Servers, and add this server configuration.

Cline MCP Settings (via UI)

{
  "mcpServers": {
    "container-mcp-54rt1n": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-container-mcp-54rt1n"
      ]
    }
  }
}

FAQ

Is Container-MCP secure for executing untrusted code?

Yes! Container-MCP uses multiple layers of security to isolate and restrict code execution.

What are the prerequisites for running Container-MCP?

You need a Linux system with Podman or Docker, Python 3.12+, Firejail, and AppArmor installed.

Can I customize the execution environment?

Yes! The environment can be configured extensively through environment variables.

Research and data