Kilntainers

Name: Kilntainers
Author: Kiln-AI

kilntainers · by Kiln-AI

MCP server to give every agent an ephemeral Linux sandboxes for executing shell commands.

40 0 tools GitHub PyPI

No known CVEs

MIT license

Maintained

Last commit 87d ago

Works with most clients

Transport: stdio, sse

0 tools

Grade F

Edit this pageView history

Developer Tools DevOps

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "kilntainers": {
      "command": "kilntainers"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/kilntainers)](https://mcppedia.org/s/kilntainers)

Read me

What Kilntainers does

Give Every Agent an Ephemeral Linux Sandbox — via MCP

Test This Server

This server supports HTTP transport. Be the first to test it — help the community know if it works.

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

56/100across 5 weighted dimensions

How we score →

0255075100

−44

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

Checked kilntainers against OSV.dev.

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Kilntainers safe to use?: Kilntainers has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.
How do I install Kilntainers?: Kilntainers supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What AI clients work with Kilntainers?: Kilntainers is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse transport.
Is Kilntainers actively maintained?: Kilntainers is recently maintained — last commit was 87 days ago. It has 40 GitHub stars.

Similar servers

Others in developer-tools / devops

View all →

XcodeBuildMCP97

A Model Context Protocol (MCP) server and CLI that provides tools for agent use when working on iOS and macOS projects.

5.8k 2

XcodeBuildMCP97

XcodeBuildMCP provides tools for Xcode project management, simulator management, and app utilities.

5.8k 1

Figma Console Mcp96

MCP server for accessing Figma plugin console logs and screenshots via Cloudflare Workers or local mode

1.7k 2

Mcp Gitlab96

MCP server for using the GitLab API

1.6k 12

MCP Security Weekly

Get CVE alerts and security updates for Kilntainers and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Why Kilntainers?

Agents are already excellent at using terminals, and can save thousands of tokens by leveraging common Linux utilities like grep, find, jq, awk, etc. However giving an agent access to the host OS is a security nightmare, and running thousands of parallel agents on a service is painful. Kilntainers gives every agent its own isolated, ephemeral sandbox.

How It Works

┌─────────────┐ MCP ┌──────────────┐ ┌─────────────────────────┐ │ LLM Agent │◄───────►│ Kilntainers │◄────►│ Sandboxes │ │ (client) │ │ MCP Server │ │ - Docker/Podman │ │ │ │ │ │ - Cloud VM (Modal,E2B) │ │ │ │ │ │ - WASM Sandbox │ └─────────────┘ └──────────────┘ └─────────────────────────┘

An MCP client connects to Kilntainers

On the first sandbox_exec call, Kilntainers creates an isolated sandbox. Each connection gets its own independent sandbox.

Commands run inside the sandbox; stdout, stderr, and exit code are returned

When the session ends, the sandbox is destroyed and resources are cleaned up.

Security: The agent communicates with the sandbox over MCP — it doesn't run inside it. This is intentional: agents often need secrets (API keys, system prompts, code), and those should never be exposed inside a sandbox where a prompt injection could ex

Frequently Asked Questions

Is Kilntainers safe to use?

Kilntainers has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.

How do I install Kilntainers?

Kilntainers supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What AI clients work with Kilntainers?

Kilntainers is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse transport.

Is Kilntainers actively maintained?

Kilntainers is recently maintained — last commit was 87 days ago. It has 40 GitHub stars.