Crate shell_mcp 

shell-mcp: scoped, allowlisted shell access exposed over the Model Context Protocol.

Public modules are re-exported so integration tests and embedders can use the configuration, allowlist, and execution machinery without going through the MCP server layer.

Re-exports

pub use allowlist::Allowlist;

pub use allowlist::Rule;

pub use config::Config;

pub use config::LoadedConfig;

pub use exec::ExecOptions;

pub use exec::ExecOutcome;

pub use safety::Rejection;

pub use safety::RejectionKind;

Modules

allowlist

Allowlist representation and matching.

config

TOML configuration: parsing, walks-up discovery, and merging.

exec

Command execution with separate stdout/stderr capture, CRLF normalisation, and a per-stream truncation cap.

safety

Hard safety checks that the user’s TOML configuration cannot override.

tools

MCP tool definitions and the underlying Engine that performs the reject/allow/execute pipeline.