Sandbox MCP

<img align="right" src="logo.png" alt="Sandbox MCP Logo" width="200" height="200">

Sandbox MCP is a Model Context Protocol (MCP) server that lets LLMs (MCP hosts/clients) run code and configuration in secure, isolated Docker containers.

While LLMs are really good at generating code, most can't run the code they generate. This could result in you running untested code directly on your machine, which could have unintended consequences.

Sandbox MCP gives the LLMs an easy-to-use execution environment that anyone can create and configure through a simple, AI-native MCP server that runs locally.

Inspired by Codapi. Some sandboxes are the same as Codapi sandboxes.

Demo

The demo below shows how the MCP works with Claude Desktop. See the video if the GIF below isn't clear.

Installation

Download Binary

You can download and use the appropriate binary for your operating system and processor archetecture from the "Releases" page.

Install via Go

Prerequisites:

• Go 1.24 or higher

go install github.com/pottekkat/sandbox-mcp/cmd/sandbox-mcp@latest

Get the path to the sandbox-mcp binary:

which sandbox-mcp

Build from Source

See Development section below.

Usage

Initilization

Before you use sandbox-mcp with LLMs, you need to initialize its configuration:

# Create the configuration directory and
# pull the default sandboxes from GitHub
sandbox-mcp --pull

# Build the Docker images for the sandboxes
sandbox-mcp --build

[!NOTE] Make sure you have Docker installed and running.

With MCP Hosts/Clients

Add this to your claude_desktop_config.json for Claude Desktop or mcp.json for Cursor:

{
    "mcpServers": {
        "sandbox-mcp": {
            "command": "path/to/sandbox-mcp",
            "args": [
                "--stdio"
            ]
        }
    }
}

[!NOTE] Make sure to replace path/to/sandbox-mcp with the actual path to the sandbox-mcp binary.

Available Sandboxes

shell

Run shell commands in a Linux environment with strict security and network constraints.

python

Run Python code with a set of pre-installed libraries.

[!IMPORTANT]

Your Own Sandbox

You can create your own sandboxes by creating a new directory in the sandboxes directory with your sandbox name and adding a Dockerfile and config.json to it. See /sandboxes/ for examples.

network-tools

Use various network tools in an isolated Linux sandbox. The container has network access.

See jonlabelle/docker-network-tools for a list of available tools.

go

Run simple Go code in an isolated sandbox.

javascript

Run JavaScript code using Node.js.

Development

Fork and clone the repository:

git clone https://github.com/username/sandbox-mcp.git

Change into the directory:

cd sandbox-mcp

Install dependencies:

make deps

Build the project:

make build

Update your MCP servers configuration to point to the local build:

{
    "mcpServers": {
        "sandbox-mcp": {
            "command": "/path/to/sandbox-mcp/dist/sandbox-mcp",
            "args": [
                "--stdio"
            ]
        }
    }
}

License

MIT License