Python Exec Sandbox
@lu-zhengda
About Python Exec Sandbox
Sandboxed Python execution for AI agents. Scripts run in ephemeral, isolated environments (bubblewrap on Linux, Docker on macOS) with PEP 723 inline dependencies — zero host pollution, zero leftover venvs, zero package conflicts. Supports multi-version Python (3.13–3.15), configu
Basic information
Config
Add this server to your MCP-compatible client using the configuration below.
{
"mcpServers": {
"python-sandbox": {
"command": "uvx",
"args": [
"mcp-python-exec-sandbox"
]
}
}
}Tools
No tools detected
We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.
Overview
What is Python Exec Sandbox?
Python Exec Sandbox is an MCP server that provides sandboxed execution of Python scripts with automatic dependency management. It uses platform-specific isolation (bubblewrap on Linux, Docker on macOS) and the uv package manager to resolve PEP 723 inline metadata, making it ideal for safely running untrusted or third-party code in agent workflows.
How to use Python Exec Sandbox?
Install the server via uvx and add it to Claude: claude mcp add python-sandbox -- uvx mcp-python-exec-sandbox. Then use the three provided tools: execute_python to run a script, check_environment to inspect the runtime, and validate_script to verify dependencies without execution.
Key features of Python Exec Sandbox
- Sandboxed execution with platform-specific isolation (bubblewrap, Docker)
- PEP 723 inline metadata for declaring dependencies in scripts
- Multi-version Python support (3.13, 3.14, 3.15) via automatic uv downloads
- Ephemeral environments with per-execution dependency resolution
- Configurable timeouts (1–300s) and output truncation
Use cases of Python Exec Sandbox
- Running untrusted Python scripts safely in an AI agent pipeline
- Testing scripts with complex dependencies without permanent installation
- Executing code in CI/CD workflows with guaranteed isolation
- Providing a sandboxed Python environment for educational or exploration tools
FAQ from Python Exec Sandbox
What sandbox isolation methods are used?
Bubblewrap is used on Linux and Docker on macOS to prevent host filesystem access.
Can I configure the execution timeout?
Yes, the server supports configurable per-execution timeouts ranging from 1 to 300 seconds.
How are dependencies managed?
Dependencies are declared inline using PEP 723 # /// script blocks and are automatically resolved by uv into ephemeral environments. Package caching via uv makes repeat installs near-instant.
What Python versions are supported?
Python Exec Sandbox supports scripts on Python 3.13, 3.14, and 3.15. The correct version is downloaded automatically by uv.
What tools does the server expose?
Three tools are available: execute_python (run a script with dependency management), check_environment (report runtime details), and validate_script (validate metadata without execution).
More Reasoning MCP servers
mcp-agentic-rag
rukshannetMCP Server for Agentic RAG applications
n8n - Secure Workflow Automation for Technical Teams
n8n-ioFair-code workflow automation platform with native AI capabilities. Combine visual building with custom code, self-host or cloud, 400+ integrations.
n8n Workflow Builder MCP Server
salacosteAI-powered n8n workflow automation through natural language. MCP server enabling Claude AI & Cursor IDE to create, manage, and monitor workflows via Model Context Protocol. Multi-instance support, 17 tools, comprehensive docs. Build workflows conversationally without manual JSON
NeoCoder: Neo4j-Guided AI Coding Workflow
angrysky56An MCP server allowing AI assistants to use a Neo4j knowledge graph as their primary, dynamic instruction manual and long term project memory with adaptive templating and autonomous tool development tools.
Agentic MCP Client
peakmojoA standalone agent runner that executes tasks using MCP (Model Context Protocol) tools via Anthropic Claude, AWS BedRock and OpenAI APIs. It enables AI agents to run autonomously in cloud environments and interact with various systems securely.
Comments