{"id":"anentrypoint-gm-exec","name":"gm-exec","homepage":null,"repo_url":"https://github.com/AnEntrypoint/gm-exec","category":"devtools","subcategories":[],"tags":["mcp","code-execution","cli","bun","pm2","sandboxing-risk","multi-language"],"what_it_does":"gm-exec is a code execution tool intended for MCP clients and a CLI. It runs user-provided code/commands in multiple languages (JS/TS, Python, Go, Rust, C/C++, Java, Deno, bash) with a 15s execution ceiling; after that it background-executes and returns a task id that can be polled/closed.","use_cases":["Execute small snippets of code across multiple languages from an MCP client","Run build/test commands in a temporary working directory via CLI (bash/other language toolchains)","Background long-running tasks and poll their output via task id","Provide a general-purpose execution backend for code-analysis or coding assistants (with MCP integration)"],"not_for":["Executing untrusted or sensitive code without strong isolation and auditing","Production workloads requiring strict reliability guarantees or comprehensive observability","Use cases needing fine-grained authorization, per-user rate limits, or managed multi-tenant security"],"best_when":"You control the execution environment (host/container), understand the security implications of running arbitrary code, and need an MCP-compatible execution backend with multi-language support.","avoid_when":"You need strong access control and safe sandboxing for untrusted users, or you require well-specified operational/SLA and clear retry/idempotency semantics.","alternatives":["Other MCP code execution/sandbox services (containerized runners)","Self-hosted sandbox runners (e.g., Docker-based exec services)","Language-specific sandboxes or CI runners (where available)","OpenAI/LLM tooling that supports secured tool execution via established sandbox providers"],"af_score":56.2,"security_score":15.2,"reliability_score":21.2,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T13:44:30.957475+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":[],"oauth":false,"scopes":false,"notes":"No authentication mechanism is described in the provided README/manifest. Security is therefore likely dependent on network/process isolation external to the tool."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing information provided; appears self-hosted/open-source tooling."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":56.2,"security_score":15.2,"reliability_score":21.2,"mcp_server_quality":55.0,"documentation_accuracy":70.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":95.0,"rate_limit_clarity":5.0,"tls_enforcement":10.0,"auth_strength":10.0,"scope_granularity":0.0,"dependency_hygiene":45.0,"secret_handling":20.0,"security_notes":"The tool executes arbitrary code/commands across multiple languages and shells, which is inherently high-risk. The provided material does not describe authentication/authorization, TLS, sandboxing boundaries, or secret handling. Bun+PM2 process isolation is mentioned, but without details on resource limits, filesystem/network restrictions, or permissioning—so safety likely depends on how it is deployed and isolated (e.g., containerization, firewall rules, least privilege).","uptime_documented":0.0,"version_stability":55.0,"breaking_changes_history":0.0,"error_recovery":30.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Execution is capped at 15 seconds; long commands are backgrounded and must be polled/closed with the task id.","Because it executes arbitrary code/commands, agents should assume potential side effects (files/network/processes) unless additional isolation controls are enforced outside this tool."]}}