Happy slice of mcp pizzaMCP.pizza
Fire in da houseTop Tip:Paying $100+ per month for Perplexity, MidJourney, Runway, ChatGPT is crazy - get all your AI tools in one site starting at $15 per month with Galaxy AIFire in da houseCheck it out free

sandbox-mcp

MCP.Pizza Chef: pottekkat

Sandbox MCP is an MCP server that enables large language models to execute code safely within isolated Docker containers. It provides a secure environment for running generated code, preventing unintended consequences on the host machine. This server empowers LLMs to test and validate code snippets in real-time, improving code accuracy and reducing iteration cycles. Sandbox MCP is essential for developers seeking safe, automated code execution integrated with AI workflows.

Use This MCP server To

Run generated code safely in isolated Docker containers Test and validate code snippets from LLMs before deployment Automate code execution within AI-assisted development workflows Prevent security risks by sandboxing code execution Enable multi-language code execution environments for LLMs Integrate safe code running capabilities into MCP clients and hosts

README

Sandbox MCP Logo

GitHub Actions Workflow Status GitHub Release GitHub commits since latest release GitHub License

Sandbox MCP is a Model Context Protocol (MCP) server that enables LLMs (MCP hosts/clients) to run code in secure, isolated Docker containers.

While LLMs are really good at generating code, most can't run the code they generate. You end up running this untested code directly on your machine, which could have drastic unintended consequences.

Giving LLMs the tools to test the code safely prevents such issues and helps you generate more accurate code in fewer iterations.

Sandbox MCP gives the LLMs an easy-to-use execution environment that anyone can create and configure through a simple, AI-native MCP server that runs locally.

Inspired by Codapi. Some sandboxes are the same as Codapi sandboxes.

Use Cases

Sandbox MCP can be used for many different tasks, including but not limited to:

  • Secure code execution: Run any code generated by an LLM in a secure, isolated environment, protecting your system from untrusted or potentially harmful code.
  • Code testing: Automatically test and validate code in various languages and or configurations in various environments before integrating it into larger projects or production systems.
  • User code validation: Safely execute and check user-submitted code or scripts, ensuring they behave as expected and do not perform malicious actions.
  • Network troubleshooting: Diagnose connectivity issues, test endpoints, and analyze network performance using isolated network tools, all without exposing your system.
  • Educational and interview coding: Instantly compile and run code snippets for learning, teaching, or technical interviews, providing immediate feedback in a safe, temporary environment.
  • Automated code review and feedback: Enable LLMs to execute, test, and review code automatically, offering actionable feedback or suggestions before code is merged or deployed.

Demo

This demo shows how Sandbox MCP works with Claude Desktop.

Sandbox MCP demo GIF

Try the video if the GIF isn't clear.

Installation

Download Binary

You can download the appropriate binary for your operating system (for example, Darwin) and processor architecture (arm64) from the Releases page (sandbox-mcp_Darwin_arm64.tar.gz).

Install via Go

Prerequisites:

  • Go 1.24 or higher
go install github.com/pottekkat/sandbox-mcp/cmd/sandbox-mcp@latest

Get the path to the sandbox-mcp binary:

which sandbox-mcp

Build from Source

See the Development section.

Usage

Initilization

Before you use sandbox-mcp with LLMs, you need to initialize its configuration:

# Create the configuration directory in
# $XDG_CONFIG_HOME/sandbox-mcp and pull
# the default sandboxes from GitHub
sandbox-mcp --pull

# Build the Docker images for the sandboxes
sandbox-mcp --build

Note

Make sure you have Docker installed and running.

With MCP Hosts/Clients

Add this to your claude_desktop_config.json for Claude Desktop or mcp.json for Cursor IDE:

{
    "mcpServers": {
        "sandbox-mcp": {
            "command": "path/to/sandbox-mcp",
            "args": [
                "--stdio"
            ]
        }
    }
}

Note

Make sure to replace path/to/sandbox-mcp with the actual path to the sandbox-mcp binary.

Available Sandboxes

Sandbox Description
shell A secure, isolated Linux environment for running lightweight commands that does not require network access.
python Safely execute Python code in a secure, isolated environment.
rust Compile and run Rust code in an isolated environment.
network-tools Use various network utilities in an isolated Linux sandbox. Perfect for network diagnostics and troubleshooting. See https://github.com/jonlabelle/docker-network-tools for a list of available tools.
go Run Go code securely in an isolated environment with network access.
javascript Run JavaScript code in an isolated environment using Node.js.
apisix Run a lightweight instance of Apache APISIX, which can be configured through a YAML file and can be interacted through the curl command provided in the main.sh file. For example, curl -sI http://127.0.0.1:9080/ip.
java Compile and run Java code in an isolated sandbox. Supports Java preview features.

Important

Your Own Sandbox

You can create and add your own sandboxes in $XDG_CONFIG_HOME/sandbox-mcp/sandboxes. A sandbox is essentially a Dockerfile and a JSON configuration. Check out the examples and the guide to learn more.

Development

Fork and clone the repository:

git clone https://github.com/username/sandbox-mcp.git

Change into the directory:

cd sandbox-mcp

Install dependencies:

make deps

Build the project:

make build

Update your MCP servers configuration to point to the local build:

{
    "mcpServers": {
        "sandbox-mcp": {
            "command": "/path/to/sandbox-mcp/dist/sandbox-mcp",
            "args": [
                "--stdio"
            ]
        }
    }
}

License

MIT License

sandbox-mcp FAQ

How does Sandbox MCP ensure code execution safety?
It runs all code inside isolated Docker containers, preventing any impact on the host system.
Can Sandbox MCP execute code in multiple programming languages?
Yes, it supports any language that can run inside a Docker container, making it highly flexible.
How do I integrate Sandbox MCP with my existing MCP client or host?
You connect via the MCP protocol endpoints exposed by Sandbox MCP, allowing seamless interaction.
Does Sandbox MCP support real-time code execution feedback?
Yes, it provides immediate execution results to the LLMs for iterative code refinement.
What are the system requirements for running Sandbox MCP?
You need a Docker-enabled environment with network access for MCP communication.
Is Sandbox MCP compatible with major LLM providers like OpenAI, Claude, and Gemini?
Yes, it is designed to work with any MCP-compliant LLM host or client, including OpenAI, Claude, and Gemini.
How does Sandbox MCP handle resource limits and prevent abuse?
It leverages Docker container resource constraints and timeout settings to control execution.
Can Sandbox MCP be used in production environments?
Yes, it is built for secure, scalable code execution suitable for development and production use.