Happy slice of mcp pizzaMCP.pizza
Fire in da houseTop Tip:Paying $100+ per month for Perplexity, MidJourney, Runway, ChatGPT and other tools is crazy - get all your AI tools in one site starting at $15 per month with Galaxy AI Fire in da houseCheck it out free

mcp_safe_local_python_executor

MCP.Pizza Chef: maxim-saplin

The mcp_safe_local_python_executor is an MCP server that wraps Hugging Face's LocalPythonExecutor from the smolagents framework. It provides a secure, isolated Python runtime environment for executing code generated by LLMs locally without requiring Docker or virtual machines. This server limits operations and imports to ensure safer execution, making it ideal for integrating code interpretation capabilities into LLM applications like Claude Desktop or Cursor via MCP.

Use This MCP server To

Run Python code generated by LLMs safely on local machines Integrate a secure code interpreter into LLM-powered desktop apps Execute isolated Python scripts without Docker or VM overhead Provide a safer alternative to direct Python eval in AI workflows Enable LLM clients to run custom Python tools with operation limits Add code execution capabilities to MCP-compatible AI assistants

README

Safe Local Python Executor

An MCP server (stdio transport) that wraps Hugging Face's LocalPythonExecutor (from the smolagents framework). It is a custom Python runtime that provides basic isolation/security when running Python code generated by LLMs locally. It does not require Docker or VM. This package allows to expose the Python executor via MCP (Model Context Protocol) as a tool for LLM apps like Claude Desktop, Cursor or any other MCP compatible client. In case of Claude Desktop this tool is an easy way to add a missing Code Interpreter (available as a plugin in ChatGPT for quite a while already).

image

Features

  • Exposes run_python tool
  • Safer execution of Python code compared to direct use of Python eva()l
  • Ran via uv in Python venv
  • No file I/O ops are allowed
  • Restricted list of imports
    • collections
    • datetime
    • itertools
    • math
    • queue
    • random
    • re
    • stat
    • statistics
    • time
    • unicodedata

Security

Be careful with execution of code produced by LLM on your machine, stay away from MCP servers that run Python via command line or using eval(). The safest option is using a VM or a docker container, though it requires some effort to set-up, consumes resources/slower. There're 3rd party servcices providing Python runtime, though they require registration, API keys etc.

LocalPythonExecutor provides a good balance between direct use of local Python environment (which is easier to set-up) AND remote execution in Dokcer container or a VM/3rd party service (which is safe). Hugginng Face team has invested time into creating a quick and safe option to run LLM generated code used by their code agents. This MCP server builds upon it:

To add a first layer of security, code execution in smolagents is not performed by the vanilla Python interpreter. We have re-built a more secure LocalPythonExecutor from the ground up.

Read more here.

Installation and Execution

  1. Install uv (e.h. brew install uv on macOS or use official docs)
  2. Clone the repo, change the directory cd mcp_safe_local_python_executor
  3. The server can be started via command line uv run mcp_server.py, venv will be created automatically, depedencies (smollagents, mcp) will be installed

Configuring Claude Desktop

  1. Make sure you have Claude for Desktop installed (download from claude.ai)

  2. Edit your Claude for Desktop configuration file:

    • macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
    • Windows: %APPDATA%\Claude\claude_desktop_config.json
    • Or open Claude Desktop -> Settings -> Developer -> click "Edit Config" button

  3. Add the following configuration:

{
    "mcpServers": {
        "safe-local-python-executor": {
            "command": "uv",
            "args": [
                "--directory", 
                "/path/to/mcp_local_python_executor/",
                "run",
                "mcp_server.py"
            ]
        }
    }
}
  1. Restart Claude for Desktop
  2. The Python executor tool will now be available in Claude (you'll see hammer icon in the message input field)

Example Prompts

Once configured, you can use prompts like:

  • "Calculate the factorial of 5 using Python"
  • "Create a list of prime numbers up to 100"
  • "Solve this equation (use Python): x^2 + 5x + 6 = 0"

Development

Clone the repo. Use uv to create venv, install dev dependencies, run tests:

uv venv .venv
uv sync --group dev
python -m pytest tests/

mcp_safe_local_python_executor FAQ

How does mcp_safe_local_python_executor ensure safe Python code execution?
It restricts allowed operations and imports within a custom Python runtime to prevent unsafe actions.
Does this server require Docker or virtual machines to run?
No, it runs locally without Docker or VM, simplifying setup and resource use.
Can I use this server with any MCP-compatible client?
Yes, it exposes a standard MCP interface usable by clients like Claude Desktop or Cursor.
What Python features are limited or disabled for safety?
Potentially dangerous imports and operations are blocked to maintain isolation and security.
Is this suitable for running arbitrary user Python code?
It is designed for LLM-generated code with safeguards but not for fully untrusted arbitrary code.
How does this compare to using Python eval directly?
It provides a safer, sandboxed environment reducing risks of malicious or harmful code execution.
Can this server be extended with additional safety policies?
Yes, its design allows customization of allowed operations and imports for tailored security.
What LLM platforms can benefit from this server?
Platforms like Claude Desktop, Cursor, and other MCP clients can integrate it for code execution features.