Add sandbox MCP server with secure Python code execution#187
Add sandbox MCP server with secure Python code execution#187florenzi002 wants to merge 6 commits intomainfrom
Conversation
|
@florenzi002, in my understanding, if there is an existing MCP Server, do I need to write the code again, or is there an economic way of just registering it into the current ecosystem? I was originally under the impression that - existing MCP server stays where they are, MCP client gets registered. And we do not need to write code. |
My understanding is that #166 was about registering a new MCP server to run code. This PR addresses the following in #166
All the other servers stay the same, this is just an additional one registered alongside all the others e.g., utility server |
|
@florenzi002 I discussed this with @ShuxinLin, and I will be primarily reviewing this PR. |
|
@florenzi002 - Any further comments on what makes the existing MCP-Sandbox tough will be highly valuable. |
I've found that sandbox-mcp is primarily a GO utility. This means a need to install a whole GO compiler for a single dependency. Then it doesn't provide a way to install a subset of the sandboxes, so it always install about 6GB of sandboxes some of which we would probably never use, i think for starter a python only sandbox is all we need. Furthermore the current AssetOpsBench can be used with both Conceptually what is proposed in this PR is largely the same as what the library provides. Ultimately it expose a couple of tools to run python code, either passed as string or file, in a dedicated lightweight and secure container. this PR would work by registering the sandbox tools as top level mcp servers and could be reached by all the other tools, servers or agent, including the planner executor if needed. |
There was a problem hiding this comment.
- This PR needs test cases at the tool level testing.
- This PR also needs some example scenarios to be tested: where we typically download data from IoT and then perform the same data aggregation (obtain first-order statistics) using Python code sandbox. Some example query - ``Give me the mean and max value of temperature for Chiller 6.''
- The Docker should also expose the library available as a part of the MCP-doc string, and this will enable efficient coding at the LLM side
- version (typically we fix library version to avoid a mismatch in APIs, etc)
Adds sandbox for code execution in a python secure container via mcp (#166)
The main contribution is in
mcp/servers/sandbox.Downgrades required python version to
>=3.12for pydantic compatibilityConceptually what is proposed in this PR is largely the same as what the mcp-sandbox utility provides. It exposes a couple of tools to run python code, either passed as string or file, in a dedicated lightweight and secure container.
this PR would work by registering the sandbox tools as top level mcp servers and could be reached by all the other tools, servers or agent, including the planner executor if needed.