Is Sandbox Mcp Server safe to use?

Sandbox Mcp Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.

How do I install Sandbox Mcp Server?

Sandbox Mcp Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What can Sandbox Mcp Server do?

Sandbox Mcp Server provides 9 tools: file_read, file_write, file_list, editor_search, editor_replace and 4 more. See the full tools list on the server page for descriptions and parameters.

What AI clients work with Sandbox Mcp Server?

Sandbox Mcp Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.

Is Sandbox Mcp Server actively maintained?

Sandbox Mcp Server is recently maintained — last commit was 83 days ago. It has 1 GitHub stars.

Sandbox Mcp Server

Name: Sandbox Mcp Server
Author: nizovtsevnv

by nizovtsevnv

1 9 tools GitHub

No known CVEs

MIT license

Maintained

Last commit 83d ago

Works with most clients

Transport: stdio, sse, http

9 tools · ~388 tok

Grade A · 0.2% of 200K ctx

Edit this pageView history

Security Developer Tools

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "sandbox": {
      "args": [
        "--image",
        "debian:latest"
      ],
      "command": "/path/to/sandbox-mcp-server"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/sandbox-mcp-server)](https://mcppedia.org/s/sandbox-mcp-server)

Read me

What Sandbox Mcp Server does

Docker sandbox MCP server with per-session containers. Each MCP session gets its own isolated Docker container with a dedicated data directory mounted as /home/user.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

66/100across 5 weighted dimensions

How we score →

0255075100

−34

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Inventory

Tools (9)

Click any tool to inspect its schema.

~388 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Sandbox Mcp Server safe to use?: Sandbox Mcp Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.
How do I install Sandbox Mcp Server?: Sandbox Mcp Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Sandbox Mcp Server do?: Sandbox Mcp Server provides 9 tools: file_read, file_write, file_list, editor_search, editor_replace and 4 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Sandbox Mcp Server?: Sandbox Mcp Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is Sandbox Mcp Server actively maintained?: Sandbox Mcp Server is recently maintained — last commit was 83 days ago. It has 1 GitHub stars.

Similar servers

Others in security / developer-tools

View all →

XcodeBuildMCP97

A Model Context Protocol (MCP) server and CLI that provides tools for agent use when working on iOS and macOS projects.

5.8k 2

XcodeBuildMCP97

XcodeBuildMCP provides tools for Xcode project management, simulator management, and app utilities.

5.8k 1

Mcp_agent_mail96

Asynchronous coordination layer for AI coding agents: identities, inboxes, searchable threads, and advisory file leases over FastMCP + Git + SQLite

2.0k 6

Figma Console Mcp96

MCP server for accessing Figma plugin console logs and screenshots via Cloudflare Workers or local mode

1.7k 2

MCP Security Weekly

Get CVE alerts and security updates for Sandbox Mcp Server and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Security Developer Tools

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "sandbox": {
      "args": [
        "--image",
        "debian:latest"
      ],
      "command": "/path/to/sandbox-mcp-server"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/sandbox-mcp-server)](https://mcppedia.org/s/sandbox-mcp-server)

Read me

What Sandbox Mcp Server does

Docker sandbox MCP server with per-session containers. Each MCP session gets its own isolated Docker container with a dedicated data directory mounted as /home/user.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

README

sandbox-mcp-server

Docker sandbox MCP server with per-session containers. Each MCP session gets its own isolated Docker container with a dedicated data directory mounted as /home/user.

Features

Per-session containers — each session gets its own Docker container (sandbox-{session_id})
Isolated data — data_dir/sessions/{session_id}/ mounted as /home/user in container
9 MCP tools — file operations, editor operations, and shell commands
Dual transport — stdio (default) or HTTP mode via --transport flag
HTTP authentication — Bearer token auth and session management
Session resumption — reconnect to a previous session by ID, preserving files on disk
Automatic cleanup — containers are removed when sessions end or server shuts down

Architecture

Single crate, seven source modules:

Module	Responsibility
`src/main.rs`	CLI parsing, Docker connection, entry point, transport selection
`src/mcp.rs`	JSON-RPC 2.0 types, dispatch, tool definitions, stdio loop, server state
`src/http.rs`	HTTP transport: axum server, Bearer auth, session management
`src/sandbox.rs`	Path resolution: strip home prefix, reject traversal
`src/file.rs`	File operations: read, write, list
`src/editor.rs`	Editor operations: search, replace, replace_lines
`src/shell.rs`	Docker shell: exec, spawn, kill, container lifecycle

Requirements

Docker daemon running locally
Docker images pulled (default: debian:latest)

CLI

sandbox-mcp-server [OPTIONS]

Options:
  --image <IMAGE>        Docker image [default: debian:latest]
  --data-dir <PATH>      Base data directory [default: XDG_DATA_HOME/sandbox-mcp-server]
  --timeout <MS>         Shell command timeout in ms [default: 60000]
  --max-output <BYTES>   Max shell output bytes [default: 65536]
  --transport <MODE>     stdio or http [default: stdio]
  --host <HOST>          HTTP bind address [default: 127.0.0.1]
  --port <PORT>          HTTP port [default: 8080]
  --auth <TOKEN>         Bearer token for HTTP auth
  --session-id <UUID>    Resume an existing session by ID (stdio only)
  --version              Print version

Build

Prerequisites

Rust toolchain (stable)
Docker (for runtime, not build)

Build

cargo build --release

With Nix

nix develop   # reproducible dev environment with git hooks
nix build     # build package

MCP Tools

File operations

file_read — read a file and return its contents
file_write — create or overwrite a file (parent directory must exist)
file_list — list directory contents (directories have trailing /)

Editor operations

editor_search — search for text in a file, returns matching lines with line numbers
editor_replace — replace a unique substring (fails if ambiguous or not found)
editor_replace_lines — replace a range of lines [start, end] inclusive (1-indexed)

Shell operations

shell_exec — execute a command and return output
shell_spawn — spawn a background process (detached)
shell_kill — kill a process by PID

MCP Protocol

Stdio Transport

One JSON-RPC 2.0 object per line on stdin/stdout. A session is created automatically on startup.

echo '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{}}' | cargo run

To resume a previous session, pass --session-id with the UUID from a prior run:

echo '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{}}' | \
  cargo run -- --session-id 550e8400-e29b-41d4-a716-446655440000

HTTP Transport

cargo run -- --transport http --port 8080 --auth secret123

Initialize (creates session, returns Mcp-Session-Id header):

curl -s -D- -X POST http://127.0.0.1:8080/mcp

... [View full README on GitHub](https://github.com/nizovtsevnv/sandbox-mcp-server#readme)

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

66/100across 5 weighted dimensions

How we score →

0255075100

−34

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Inventory

Tools (9)

Click any tool to inspect its schema.

~388 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Sandbox Mcp Server safe to use?: Sandbox Mcp Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.
How do I install Sandbox Mcp Server?: Sandbox Mcp Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Sandbox Mcp Server do?: Sandbox Mcp Server provides 9 tools: file_read, file_write, file_list, editor_search, editor_replace and 4 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Sandbox Mcp Server?: Sandbox Mcp Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is Sandbox Mcp Server actively maintained?: Sandbox Mcp Server is recently maintained — last commit was 83 days ago. It has 1 GitHub stars.

Similar servers

Others in security / developer-tools

View all →

XcodeBuildMCP97

A Model Context Protocol (MCP) server and CLI that provides tools for agent use when working on iOS and macOS projects.

5.8k 2

XcodeBuildMCP97

XcodeBuildMCP provides tools for Xcode project management, simulator management, and app utilities.

5.8k 1

Mcp_agent_mail96

Asynchronous coordination layer for AI coding agents: identities, inboxes, searchable threads, and advisory file leases over FastMCP + Git + SQLite

2.0k 6

Figma Console Mcp96

MCP server for accessing Figma plugin console logs and screenshots via Cloudflare Workers or local mode

1.7k 2

MCP Security Weekly

Get CVE alerts and security updates for Sandbox Mcp Server and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?