Content
**Sandbox MCP** is a Model Context Protocol (MCP) server that enables LLMs (MCP hosts/clients) to **run code in secure, isolated Docker containers**.
While LLMs are really good at generating code, most **can't run the code they generate**. You end up running this untested code directly on your machine, which could have drastic unintended consequences.
Giving LLMs the tools to test the code safely prevents such issues and helps you **generate more accurate code in fewer iterations**.
Sandbox MCP gives the LLMs an **easy-to-use execution environment that anyone can create and configure** through a simple, AI-native MCP server that runs locally.
_Inspired by [Codapi](https://codapi.org). Some sandboxes are the same as [Codapi sandboxes](https://github.com/nalgeon/sandboxes)._
## Use Cases
Sandbox MCP can be used for many different tasks, including but not limited to:
- **Secure code execution**: Run any code generated by an LLM in a secure, isolated environment, protecting your system from untrusted or potentially harmful code.
- **Code testing**: Automatically test and validate code in various languages and or configurations in various environments before integrating it into larger projects or production systems.
- **User code validation**: Safely execute and check user-submitted code or scripts, ensuring they behave as expected and do not perform malicious actions.
- **Network troubleshooting**: Diagnose connectivity issues, test endpoints, and analyze network performance using isolated network tools, all without exposing your system.
- **Educational and interview coding**: Instantly compile and run code snippets for learning, teaching, or technical interviews, providing immediate feedback in a safe, temporary environment.
- **Automated code review and feedback**: Enable LLMs to execute, test, and review code automatically, offering actionable feedback or suggestions before code is merged or deployed.
## Demo
This demo shows how Sandbox MCP works with Claude Desktop.
Try the [video](demo.mp4) if the GIF isn't clear.
## Installation
### Download Binary
You can download the appropriate binary for your operating system (for example, `Darwin`) and processor architecture (`arm64`) from the [Releases page](https://github.com/pottekkat/sandbox-mcp/releases) (`sandbox-mcp_Darwin_arm64.tar.gz`).
### Install via Go
Prerequisites:
- Go 1.24 or higher
```bash
go install github.com/pottekkat/sandbox-mcp/cmd/sandbox-mcp@latest
```
Get the path to the `sandbox-mcp` binary:
```bash
which sandbox-mcp
```
### Build from Source
See the [Development section](#development).
## Usage
### Initilization
Before you use `sandbox-mcp` with LLMs, you need to initialize its configuration:
```bash
# Create the configuration directory in
# $XDG_CONFIG_HOME/sandbox-mcp and pull
# the default sandboxes from GitHub
sandbox-mcp --pull
# Build the Docker images for the sandboxes
sandbox-mcp --build
```
> [!NOTE]
> Make sure you have Docker installed and running.
### With MCP Hosts/Clients
Add this to your `claude_desktop_config.json` for Claude Desktop or `mcp.json` for Cursor IDE:
```json
{
"mcpServers": {
"sandbox-mcp": {
"command": "path/to/sandbox-mcp",
"args": [
"--stdio"
]
}
}
}
```
> [!NOTE]
> Make sure to replace `path/to/sandbox-mcp` with the actual path to the `sandbox-mcp` binary.
## Available Sandboxes
| Sandbox | Description |
|---------|-------------|
| [shell](/sandboxes/shell) | A secure, isolated Linux environment for running lightweight commands that does not require network access. |
| [python](/sandboxes/python) | Safely execute Python code in a secure, isolated environment. |
| [rust](/sandboxes/rust) | Compile and run Rust code in an isolated environment. |
| [network-tools](/sandboxes/network-tools) | Use various network utilities in an isolated Linux sandbox. Perfect for network diagnostics and troubleshooting. See https://github.com/jonlabelle/docker-network-tools for a list of available tools. |
| [go](/sandboxes/go) | Run Go code securely in an isolated environment with network access. |
| [javascript](/sandboxes/javascript) | Run JavaScript code in an isolated environment using Node.js. |
| [apisix](/sandboxes/apisix) | Run a lightweight instance of Apache APISIX, which can be configured through a YAML file and can be interacted through the curl command provided in the main.sh file. For example, curl -sI `http://127.0.0.1:9080/ip`. |
| [java](/sandboxes/java) | Compile and run Java code in an isolated sandbox. Supports Java preview features. |
> [!IMPORTANT]
> ### Your Own Sandbox
>
> You can create and add your own sandboxes in `$XDG_CONFIG_HOME/sandbox-mcp/sandboxes`. A sandbox is essentially a Dockerfile and a JSON configuration. Check out the [examples and the guide](/sandboxes) to learn more.
## Development
Fork and clone the repository:
```bash
git clone https://github.com/username/sandbox-mcp.git
```
Change into the directory:
```bash
cd sandbox-mcp
```
Install dependencies:
```bash
make deps
```
Build the project:
```bash
make build
```
Update your MCP servers configuration to point to the local build:
```json
{
"mcpServers": {
"sandbox-mcp": {
"command": "/path/to/sandbox-mcp/dist/sandbox-mcp",
"args": [
"--stdio"
]
}
}
}
```
## License
[MIT License](LICENSE)
