What is Mcp Permission Server Claude Code

mcp_permission_server_claude_code is an experimental project designed to implement custom security policies for Claude Code MCP tools, utilizing a Docker environment for testing and development.

Use cases

Use cases include developing and testing security policies for MCP tools, running isolated tests to evaluate permission settings, and experimenting with custom server configurations in a controlled Docker environment.

How to use

To use mcp_permission_server_claude_code, set your Anthropic API key as an environment variable, build the Docker image, and run the provided scripts to test permissions and execute commands within the Docker container.

Key features

Key features include a fully configured Docker environment, the ability to run permission servers, isolated testing capabilities with the ‘–dangerously-skip-permissions’ flag, and a convenient script for executing tests inside the Docker container.

Where to use

mcp_permission_server_claude_code can be used in software development environments, particularly for testing security policies and permissions in applications utilizing Claude Code MCP tools.

MCP Permission Server - Claude Code in Docker

WORK IN PROGRESS: This repository contains experimental code for implementing custom security policies for Claude Code MCP (Model Control Panel) tools, along with a Docker environment for testing and development.

💡 Related repo/effort: for running Claude Code with --dangerously-skip-permissions in isolated (without internet except Claude servers) docker container: https://github.com/CLIAI/isolated-docker-claude-code

Purpose

This project aims to:

1. Develop minimal working examples for MCP tool approval/denial servers that could serve as a foundation for implementing security policies
2. Provide a Docker-based environment for safely testing Claude Code with MCP tools
3. Allow isolated testing with the --dangerously-skip-permissions flag in a controlled environment

Docker Environment

The repository now includes a fully configured Docker environment for running Claude Code with MCP tools:

Requirements

• Docker installed on your system
• Anthropic API key (set as environment variable ANTHROPIC_API_KEY)

Quick Start

# Set your Anthropic API key
export ANTHROPIC_API_KEY=your_api_key_here

# Example: Run a permission server and prompt in one call
make ; ./test_in_docker.py --time-limit 180 --debug mcp_permission_server_allow_always_fastmcp 'write hello world program in c++ , compile and execute'

# Build the Docker image
make build

# Run an interactive container with the current directory mounted
make run

# Test a specific script
make test-script SCRIPT=path/to/your/script.py

Using the test_in_docker.py Script

The test_in_docker.py script provides a convenient way to run a file inside the Docker container:

# Basic usage
./test_in_docker.py your_script.py

# Run with a custom tool name
./test_in_docker.py your_script.py --tool-name custom_tool

# Run with a custom server name
./test_in_docker.py your_script.py --server-name my_server

Important Note on --prompt-permission-tool Flag

The --prompt-permission-tool flag may require the tool name to include both the server name and tool name (e.g., mcp__server_name__tool_name). If you encounter errors, check the server error messages for the expected format.

Directory Structure

The repository contains:

• docker_configs/: Configuration files for the Docker environment
  • dot_bashrc: Bash configuration for the container
• specs/: Specification documents
  • how_we_do_dockerfiles.md: Docker best practices documentation
• Dockerfile: Defines the Claude Code Docker environment
• Makefile: Provides targets for building and running the Docker environment
• test_in_docker.py: Helper script for testing files in the Docker environment
• MCP server implementations:
  • mcp_permission_server_allow_always_fastmcp: Simple FastAPI implementation intended to always allow tool use
  • mcp_permission_server_fastmcp_another: Alternative FastAPI implementation
  • mcp_permission_server_fastmcp_with_typing: FastAPI with explicit type definitions
  • mcp_permission_server_genai_by_gemini: Implementation using Gemini
  • mcp_permission_server_genai_by_gemini_another: Alternative Gemini implementation
  • mcp_permission_server_genai_by_perplexity: Implementation using Perplexity
  • mcp_permission_server_return_json_string: Simple server returning JSON strings

Current Status

The Docker environment is ready for testing Claude Code with MCP tools. The MCP server implementations are still works in progress.

⚠️ NOTE: Some MCP server implementations might be non-functional due to lack of clear documentation and examples.

Usage Examples

Running an Interactive Session

# Start an interactive session with the current directory mounted
make run

# Inside the container
claude-code --dangerously-skip-permissions

Testing an MCP Tool

# Create a simple MCP tool script
echo '#!/bin/bash
echo "This is a test MCP tool"
' > test_tool.sh
chmod +x test_tool.sh

# Test it in the Docker container
./test_in_docker.py test_tool.sh --tool-name test_tool

Future Work

Plans for future development:

• Add more comprehensive MCP server implementations
• Improve error handling and debugging
• Add automated testing
• Enhance documentation based on findings

Contributing

If you have insights on how to make these examples work or have successfully implemented an MCP permission server, please open an issue or submit a pull request with your findings.

License

See the LICENSE file for details.