Expand description
shell-mcp: scoped, allowlisted shell access exposed over the Model Context Protocol.
Public modules are re-exported so integration tests and embedders can use the configuration, allowlist, and execution machinery without going through the MCP server layer.
Re-exports§
pub use allowlist::Allowlist;pub use allowlist::Rule;pub use config::Config;pub use config::LoadedConfig;pub use exec::ExecOptions;pub use exec::ExecOutcome;pub use root::resolve_root;pub use root::ResolvedRoot;pub use root::RootError;pub use root::RootSource;pub use safety::Rejection;pub use safety::RejectionKind;
Modules§
- allowlist
- Allowlist representation and matching.
- config
- TOML configuration: parsing, walks-up discovery, and merging.
- exec
- Command execution with separate stdout/stderr capture, CRLF normalisation, and a per-stream truncation cap.
- root
- Resolution of the launch root.
- safety
- Hard safety checks that the user’s TOML configuration cannot override.
- tools
- MCP tool definitions and the underlying
Enginethat performs the reject/allow/execute pipeline.