MCP ExplorerExplorer

Mcp Armor

@rosaboyleon 5 months ago
1 MIT
FreeCommunity
AI Systems
mcp-armor provides a secure, cached environment for running npx commands.

Overview

What is Mcp Armor

mcp-armor is a secure, sandboxed environment designed for running ‘npx’ commands with caching capabilities, ensuring a safe execution of Node.js packages.

Use cases

Use cases for mcp-armor include running npm packages in isolated environments, executing commands in CI/CD pipelines, and ensuring safe execution of untrusted code in development and testing scenarios.

How to use

To use mcp-armor, install it globally via npm with ‘npm install -g mcp-armor’. You can then run commands using ‘mcp-armor-npx’ or its alias ‘npx-armor’ just like you would with ‘npx’.

Key features

Key features include running any ‘npx’ command in a sandboxed Docker environment, caching downloaded npm modules between runs, seamless integration as a drop-in replacement for ‘npx’, no configuration required, and a pre-built Docker image available on Docker Hub.

Where to use

mcp-armor is ideal for developers and teams who need a secure way to execute Node.js packages without risking their system’s integrity, particularly in environments where security is a priority.

Clients Supporting MCP

The following are the main client software that supports the Model Context Protocol. Click the link to visit the official website for more information.

Claude Desktop

Claude Desktop: Official desktop application from Anthropic, natively supports MCP protocol. claude.ai

Cherry Studio

Cherry Studio: Cross-platform desktop client supporting multiple LLM providers, built-in MCP server support. cherry-ai.com

LobeChat

LobeChat: Modern open-source ChatGPT/LLMs UI, supports MCP protocol integration. lobehub.com

DeepChat

DeepChat: Cross-platform desktop AI assistant, compatible with MCP protocol, focusing on privacy and efficiency. deepchat.thinkinai.xyz

5ire

5ire: Cross-platform open-source desktop intelligent assistant MCP client, supports local knowledge base and MCP server. 5ire.app

View More MCP Clients

Content

mcp-armor

A secure, sandboxed environment for running npx commands with caching.

Features

  • ✅ Runs any npx command in a sandboxed Docker environment
  • ✅ Caches downloaded npm modules between runs
  • ✅ Works seamlessly as a drop-in replacement for npx
  • ✅ No configuration required
  • ✅ Pre-built Docker image available on Docker Hub

Prerequisites

  • Docker must be installed on your system
  • Node.js and npm

Installation

npm install -g mcp-armor

After installation, you’ll have access to two CLI commands:

  • mcp-armor-npx - The primary command
  • npx-armor - An alias for the same functionality

Both commands function identically, choose whichever is easier to remember.

Usage

Use either mcp-armor-npx or npx-armor exactly as you would use npx:

# Run a package directly
mcp-armor-npx cowsay "Hello, secure world!"
# Or using the alias
npx-armor cowsay "Hello, secure world!"

# Run a specific version of a package
mcp-armor-npx [email protected] "Version specific"

# Run a package with arguments
mcp-armor-npx figlet "Big text"

Additional Commands

# Push the Docker image to Docker Hub (requires Docker Hub login)
mcp-armor-npx --push-image

How It Works

  1. First run: Downloads the requested package inside Docker container
  2. Second run: Uses cached version for instant execution
  3. All execution happens in a sandboxed Docker environment
  4. Your npm cache is preserved between runs

Docker Hub Image

The Docker image is available on Docker Hub at dheerajpai/mcp-armor-npx.

If you want to use the image directly:

docker run --rm -v ~/.npm:/home/runner/.npm dheerajpai/mcp-armor-npx [your-npx-args]

Security

All commands run inside an isolated Docker container with:

  • A non-root user account
  • Limited access to the host system
  • Only npm cache is shared with the host

Contributing

Contributions are welcome! Feel free to:

  • Report bugs
  • Suggest features
  • Submit pull requests

Please visit our GitHub repository to contribute.

License

ISC

Author

Dheeraj Pai [email protected]

Dev Tools Supporting MCP

The following are the main code editors that support the Model Context Protocol. Click the link to visit the official website for more information.

Zed

Zed: High-performance collaborative code editor, supports MCP protocol, providing a smooth programming experience. zed.dev

Cursor

Cursor: AI code editor built on VS Code, supports MCP protocol for context-aware programming. cursor.com

Windsurf

Windsurf: AI code editor from Codeium, integrates MCP protocol to provide intelligent code assistance. windsurf.com

Continue

Continue: Open-source AI programming assistant plugin, supports VS Code and JetBrains, compatible with MCP protocol. continue.dev

Trae

Trae: AI-driven code editor, supports MCP protocol, focusing on enhancing developer programming experience. trae.ai

View More MCP Dev Tools

Tools

No tools

Comments

Recommend MCP Servers

Tavily MCP Server

Tavily MCP Server The Tavily MCP server provides: search, extract, map, crawl tools Real-time web search capabilities through the tavily-search tool Intelligent data extraction from web pages via the tavily-extract tool Powerful web mapping tool that creates a structured map of website Web crawler that systematically explores websites.

MCP Server Chart

MCP Server Chart This is a TypeScript-based MCP server that provides chart generation capabilities. It allows you to create various types of charts through MCP tools. You can also use it in Dify.

GitHub MCP Server

GitHub MCP Server MCP Server for the GitHub API, enabling file operations, repository management, search functionality, and more.

Brave Search MCP Server

Brave Search MCP Server Web and local search using Brave's Search API

Firecrawl MCP Server

Firecrawl MCP Server Advanced web scraping with JavaScript rendering, PDF support, and smart rate limiting

Context7 MCP

Context7 MCP LLMs rely on outdated or generic information about the libraries you use. You get:

Slack MCP server

Slack MCP server Channel management and messaging capabilities

Sequential Thinking MCP Server

Sequential Thinking MCP Server Dynamic and reflective problem-solving through thought sequences

Fetch MCP Server

Fetch MCP Server A Model Context Protocol server that provides web content fetching capabilities.

Playwright MCP

Playwright MCP A Model Context Protocol (MCP) server that provides browser automation capabilities using [Playwright](https://playwright.dev). This server enables LLMs to interact with web pages through structured accessibility snapshots, bypassing the need for screenshots or visually-tuned models.

View All MCP Servers