mcp-shell and shellguard
About mcp-shell
sonirico/mcp-shell
Give hands to AI. MCP server to run shell commands securely, auditably, and on demand.
Implements a dual-security model: secure mode enforces an executable allowlist without shell interpretation to prevent injection, while legacy mode allows full shell execution with command-pattern filtering. Built as a Go-based MCP server using mark3labs/mcp-go, it integrates directly with Claude Desktop via stdio transport and supports granular controls like argument pattern blocking, execution timeouts, output size limits, and audit logging. Deployable via Docker, source, or as a standalone binary with configurable security policies through YAML.
About shellguard
fawdyinc/shellguard
MCP server that gives LLM agents read-only shell access over SSH
Implements command parsing into ASTs and allowlist-based validation to block destructive operations before execution, with actionable error messages guiding the LLM toward safe alternatives. Operates as a stdio MCP server compatible with Cursor, Claude Desktop, VS Code, and other MCP clients, supporting both native Go SSH and system `ssh` binary modes for complex network topologies. Exposes six tools (connect, execute, disconnect, provision, download_file, sleep) with per-command timeouts, output truncation, and SFTP file downloads capped at 50MB.
Related comparisons
Scores updated daily from GitHub, PyPI, and npm data. How scores work