{"id":"mathematic-inc-claude-tools-mcp","name":"claude-tools-mcp","homepage":null,"repo_url":"https://github.com/mathematic-inc/claude-tools-mcp","category":"devtools","subcategories":[],"tags":["mcp","claude","tools","filesystem","shell","go","http-server","code-execution","automation"],"what_it_does":"An MCP (Model Context Protocol) server that exposes Claude Code-like file and shell tools (bash with background execution, file read/write/edit, glob, grep) over HTTP so an MCP client can use these tools remotely. Includes basic operational hardening such as path validation, timeouts, and result/file size limits.","use_cases":["Remote codebase editing by an MCP client (read/write/edit files)","Searching a repository (glob/grep) via an MCP client","Running controlled shell commands (bash) with timeouts and background process management","Automating refactors or file modifications through a tool-driven workflow"],"not_for":["Untrusted multi-tenant environments without additional network/auth controls","Running arbitrary/privileged commands where remote code execution risk must be minimized","Public internet exposure (no mention of authentication/TLS requirements beyond HTTP server defaults)","Workloads that exceed the documented file size / grep-glob result limits"],"best_when":"Used in a controlled environment (e.g., local network, CI runner, or trusted internal service) where an MCP client needs filesystem and shell tool access and the operator accepts the inherent risk of remote command execution.","avoid_when":"Avoid exposing the server to untrusted clients or the public internet, and avoid environments where strong identity-based authorization, audit logging, and least-privilege isolation are required but not provided by the server.","alternatives":["Use a hosted/managed MCP tool provider with built-in auth and sandboxing","Run tools locally in the same environment as the agent (no remote HTTP tool execution)","Build a custom MCP server with sandboxing (e.g., containers), per-user auth, and tighter filesystem access controls","Use workflow-based automation (CI jobs, GitHub Actions) instead of remote bash execution"],"af_score":44.5,"security_score":35.2,"reliability_score":28.8,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T15:39:49.362674+00:00","interface":{"has_rest_api":true,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":[],"oauth":false,"scopes":false,"notes":"README does not mention any authentication/authorization mechanism (no API key, OAuth, or mTLS). Access appears to be whatever the HTTP server exposes."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"Open-source; pricing not applicable from provided content."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":44.5,"security_score":35.2,"reliability_score":28.8,"mcp_server_quality":85.0,"documentation_accuracy":65.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":15.0,"rate_limit_clarity":10.0,"tls_enforcement":60.0,"auth_strength":10.0,"scope_granularity":20.0,"dependency_hygiene":45.0,"secret_handling":50.0,"security_notes":"README lists several protective measures (timeouts to mitigate slowloris, graceful shutdown, path validation to prevent directory traversal, file size limit ~10MB, output token/size limits, and result limits). However, it does not mention authentication/authorization, encryption requirements (TLS), sandboxing/least-privilege, auditing, or fine-grained permissions; given it can execute shell commands, risk remains high if exposed to untrusted users.","uptime_documented":0.0,"version_stability":40.0,"breaking_changes_history":30.0,"error_recovery":45.0,"idempotency_support":"false","idempotency_notes":"Some operations (write/edit/kill_shell) are inherently non-idempotent or stateful; no explicit idempotency guarantees documented.","pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["The server supports background bash processes; agents may need to manage process lifecycle using bash_output and kill_shell.","Tool outputs are limited (e.g., max lines for grep/glob and max output size), so large results may be truncated.","Path validation rejects relative paths (per README), so agents must supply paths in the expected allowed form.","The grep tool depends on ripgrep (rg) being installed in the runtime environment."]}}