- Home
- MCP servers
- Container-MCP
Container-MCP
- python
19
GitHub Stars
python
Language
6 months ago
First Indexed
2 months ago
Catalog Refreshed
Documentation & install
Readme and setup notes from the catalogue, plus a client-ready config you can copy for your MCP host.
Container-MCP provides a secure, container-based environment that exposes the Model Context Protocol as executable tools for large language models. It runs tools in isolated sandboxes, enforces strong security boundaries, and exposes discovery and execution endpoints so your AI systems can safely request code execution, file operations, web access, knowledge base queries, and more.
How to use
You will interact with this MCP server through a client that speaks the MCP protocol. Connect to the server’s endpoint, discover available tools, and call the tools you need. Use the server to run safe, sandboxed commands, execute code, manipulate files, perform web requests, query knowledge storage, fetch market data, and manage lists. Ensure your client uses the SSE endpoint for communication and points to the correct host and port.
How to install
Prerequisites you need before installing Container-MCP:
-
- Linux system with Podman or Docker
-
- Python 3.12 or newer
-
- Firejail installed
-
- AppArmor available on your system
Step-by-step installation flow you can follow exactly in your environment:
# Quick start all-in-one approach
git clone https://github.com/54rt1n/container-mcp.git
cd container-mcp
chmod +x bin/00-all-in-one.sh
./bin/00-all-in-one.sh
# Or perform steps individually
./bin/01-init.sh
./bin/02-build-container.sh
./bin/03-setup-environment.sh
./bin/04-run-container.sh
Configuration and operation notes
Container-MCP relies on environment-based configuration. You can customize server settings, tool behavior, and resource limits through environment variables. A typical setup involves configuring the server host and port, enabling or disabling specific managers, and tuning timeout and memory limits for each execution environment. The system is designed to run in a container and expose an HTTP/SSE interface for clients to connect and issue commands.
Security, troubleshooting, and notes
Security is layered through container isolation, AppArmor, Firejail sandboxing, and strict resource limits. Paths are validated, extensions are controlled, and network access is restricted to protect the host system. If you encounter issues, check container health, review sandbox permissions, and verify that the client connects to the correct SSE endpoint.
Available tools
system_run_command
Executes bash commands in a secure sandbox environment with stdout, stderr, exit code, and a success flag.
system_run_python
Executes Python code in a secure sandbox and returns printed output, error output, a possible return value, and a success flag.
system_env_var
Fetches environment variable values with an optional specific var name.
health_check
Reports server health, including system metrics and manager statuses.
fs_read
Safely reads contents of a file within the sandbox and returns content, size, and modification time.
fs_write
Safely writes content to a file inside the sandbox and returns the target path and status.
fs_list
Lists directory contents safely, with optional pattern filtering and recursive option.
fs_delete
Deletes a file safely and returns the path of the deleted file.
fs_move
Moves or renames a file within the sandbox and reports source and destination paths.
fs_apply_diff
Applies a unified diff patch to a file in the sandbox and reports lines changed and new size.
web_search
Performs a web search and returns results with titles, URLs, and snippets.
web_scrape
Scrapes a URL content with optional CSS selector targeting and returns content, URL, and title.
web_browse
Interactively browses a website using a headless browser and returns the final page content, URL, and title.
kb_create_document
Creates a knowledge base document with optional metadata and content and returns the document index.
kb_write_content
Writes content to an existing knowledge base document.
kb_read
Reads knowledge base documents. Supports listing, bulk reads, and single document reads with optional content and index inclusion.
kb_update_triples
Manages RDF-style triples for documents, including preferences, references, and metadata.
kb_search
Performs semantic search within the knowledge base with graph expansion options.
kb_manage
Performs knowledge base maintenance like moving documents or rebuilding indices.
list_create
Creates an organized list or collection with metadata and storage path.
list_get
Retrieves lists with items, metadata, and statistics using flexible filters.
list_modify
Adds, updates, or removes items within a list with status and tag support.
list_update
Updates list properties with merge semantics for metadata.
list_delete
Permanently deletes or archives a list and its items.
list_search
Searches across lists by text or tags and returns matches with context.
market_query
Fetches stock or cryptocurrency data, fundamentals, news, and trend analysis.
rss_fetch
Fetches and parses RSS or Atom feeds and returns structured items.