Kilntainers and mcp-server-code-execution-mode
These are complements: one provides ephemeral Linux sandboxes for arbitrary shell commands while the other offers isolated Python code execution in rootless containers, allowing agents to safely execute different workload types across a shared sandboxing infrastructure.
About Kilntainers
Kiln-AI/Kilntainers
MCP server to give every agent an ephemeral Linux sandboxes for executing shell commands.
Supports multiple isolated execution backends—Docker, Podman, cloud-hosted VMs (Modal, E2B), and WebAssembly sandboxes—each with independent lifecycle management tied to individual MCP connections. Implements agent-sandbox separation where the MCP server acts as an intermediary, preventing exposure of agent secrets or code to the sandbox environment. Provides a single `sandbox_exec` tool exposing full Linux command execution with configurable resource limits, network isolation, and automatic cleanup on session termination.
About mcp-server-code-execution-mode
elusznik/mcp-server-code-execution-mode
An MCP server that executes Python code in isolated rootless containers with optional MCP server proxying. Implementation of Anthropic's and Cloudflare's ideas for reducing MCP tool definitions context bloat.
Implements dynamic tool discovery at runtime via a single `run_python` tool, allowing LLMs to search and compose MCP servers on-demand rather than pre-loading all schemas—reducing context overhead from 30K to ~200 tokens regardless of tool count. Built with rootless container isolation (Podman/Docker) and native Python support for data science workflows, it proxies any stdio-based MCP server while enabling fuzzy schema search and zero-copy execution within sandboxed environments. Targets AI agents and data-intensive applications requiring both strict security boundaries and the ability to discover/call 100+ tools without context explosion.
Scores updated daily from GitHub, PyPI, and npm data. How scores work