MCP.so
ログイン

Secure Agent Workspace

@HrRodan

Secure Agent Workspace について

A sandboxed, agentic workspace providing secure filesystem, bash, and uv-powered Python execution.

基本情報

カテゴリ

AI とエージェント

ランタイム

python

トランスポート

stdio

公開者

HrRodan

投稿者

Martin

設定

以下の設定を使って、このサーバーを MCP 対応クライアントに追加してください。

{
  "mcpServers": {
    "agent-workspace-mcp": {
      "command": "docker",
      "args": [
        "run",
        "-i",
        "--rm",
        "--init",
        "--memory=2g",
        "--cpus=2.0",
        "--pids-limit=256",
        "--cap-drop=ALL",
        "--security-opt=no-new-privileges:true",
        "--read-only",
        "--tmpfs",
        "/tmp:size=64m",
        "--tmpfs",
        "/home/mcpuser/.cache:size=512m",
        "--user",
        "1000:1000",
        "-v",
        "/path/to/your/projects:/workspace",
        "ghcr.io/hrrodan/agent-workspace-mcp:latest"
      ]
    }
  }
}

ツール

ツールは検出されませんでした

ツールは README から自動的に抽出されます。メンテナーは ## Tools という見出しの下に記載することで、このタブに反映できます。

概要

What is Secure Agent Workspace?

Secure Agent Workspace is a Model Context Protocol (MCP) server that provides a highly secure, containerized workspace for LLM agents. It allows agents to autonomously code, test, and debug in an isolated Docker sandbox, protecting the host machine.

How to use Secure Agent Workspace?

Pull or build the Docker image, then configure your MCP client (e.g., Claude Desktop) with a docker run command that includes resource limits, security options, and a volume mount to your project directory. Alternatively, use the OpenAI Agents SDK with an MCPServerStdio to invoke the server programmatically. Environment variables such as COMMAND_TIMEOUT and LOG_LEVEL can be set via Docker --env.

Key features of Secure Agent Workspace

  • Full project lifecycle (uv init, add, run)
  • Secure bash execution with timeouts
  • Token-optimized output via RTK (60–90% savings)
  • Path-traversal protected filesystem operations
  • Multi-layer security (non-root, dropped capabilities, read-only)
  • Precision editing with fuzzy matching and syntax validation

Use cases of Secure Agent Workspace

  • Agents autonomously create, test, and debug code in a sandboxed environment
  • Manage project dependencies using uv add and uv run
  • Perform precise file edits with syntax validation to prevent broken code
  • Search workspace for files using glob patterns, excluding high-noise directories

FAQ from Secure Agent Workspace

What runtime environment does Secure Agent Workspace require?

The server runs inside a Docker container. The host needs Docker Engine, and the container image can be pulled from GHCR or built locally.

How does Secure Agent Workspace protect the host system?

コメント

「AI とエージェント」の他のコンテンツ