claude-tools-mcp
An MCP (Model Context Protocol) server that exposes Claude Code-like file and shell tools (bash with background execution, file read/write/edit, glob, grep) over HTTP so an MCP client can use these tools remotely. Includes basic operational hardening such as path validation, timeouts, and result/file size limits.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
README lists several protective measures (timeouts to mitigate slowloris, graceful shutdown, path validation to prevent directory traversal, file size limit ~10MB, output token/size limits, and result limits). However, it does not mention authentication/authorization, encryption requirements (TLS), sandboxing/least-privilege, auditing, or fine-grained permissions; given it can execute shell commands, risk remains high if exposed to untrusted users.
⚡ Reliability
Best When
Used in a controlled environment (e.g., local network, CI runner, or trusted internal service) where an MCP client needs filesystem and shell tool access and the operator accepts the inherent risk of remote command execution.
Avoid When
Avoid exposing the server to untrusted clients or the public internet, and avoid environments where strong identity-based authorization, audit logging, and least-privilege isolation are required but not provided by the server.
Use Cases
- • Remote codebase editing by an MCP client (read/write/edit files)
- • Searching a repository (glob/grep) via an MCP client
- • Running controlled shell commands (bash) with timeouts and background process management
- • Automating refactors or file modifications through a tool-driven workflow
Not For
- • Untrusted multi-tenant environments without additional network/auth controls
- • Running arbitrary/privileged commands where remote code execution risk must be minimized
- • Public internet exposure (no mention of authentication/TLS requirements beyond HTTP server defaults)
- • Workloads that exceed the documented file size / grep-glob result limits
Interface
Authentication
README does not mention any authentication/authorization mechanism (no API key, OAuth, or mTLS). Access appears to be whatever the HTTP server exposes.
Pricing
Open-source; pricing not applicable from provided content.
Agent Metadata
Known Gotchas
- ⚠ The server supports background bash processes; agents may need to manage process lifecycle using bash_output and kill_shell.
- ⚠ Tool outputs are limited (e.g., max lines for grep/glob and max output size), so large results may be truncated.
- ⚠ Path validation rejects relative paths (per README), so agents must supply paths in the expected allowed form.
- ⚠ The grep tool depends on ripgrep (rg) being installed in the runtime environment.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for claude-tools-mcp.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.