Add sandbox-container with no auth and basic local development

Author: cmsparks

apps/sandbox-container/Dockerfile

@@ -0,0 +1,59 @@
+# Use an official Ubuntu as a base image
+FROM ubuntu:20.04
+
+# Set non-interactive mode to avoid prompts during package installation
+ARG DEBIAN_FRONTEND=noninteractive
+
+# Use bash for the shell
+SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+
+# Update and install useful CLI utilities
+RUN apt-get update && apt-get install -y \
+    curl \
+    git \
+    htop \
+    vim \
+    wget \
+    net-tools \
+    build-essential \
+    nmap \
+    sudo \
+    ca-certificates \
+    lsb-release \
+    nodejs \
+    npm \
+    python3 \
+    python3-pip \
+    && apt-get clean
+
+RUN pip3 install matplotlib numpy pandas
+
+# Install Node.js and Corepack
+RUN curl -fsSL https://deb.nodesource.com/setup_22.x | bash - \
+    && apt-get install -y nodejs \
+    && corepack enable
+
+# ENV NODE_VERSION 22.14.0
+
+# Download and install nvm
+# RUN curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.2/install.sh | PROFILE="${BASH_ENV}" bash
+# RUN echo node > .nvmrc
+# RUN nvm install $NODE_VERSION
+# RUN nvm use $NODE_VERSION
+
+# Set working directory
+WORKDIR /app
+
+# Expose the port your Node.js server will run on
+EXPOSE 8080
+
+COPY . ./
+
+RUN npm i
+
+# add node and npm to path so the commands are available
+# ENV NODE_PATH $NVM_DIR/v$NODE_VERSION/lib/node_modules
+# ENV PATH $NVM_DIR/versions/node/v$NODE_VERSION/bin:$PATH
+
+# Default command (run your Node.js server here)
+CMD ["npm", "run", "start:container"]

apps/sandbox-container/README.md

@@ -0,0 +1,59 @@
+# Container MCP Server
+
+This is a simple MCP-based interface for a sandboxed development environment.
+
+## Local dev
+
+Currently a work in progress. Cloudchamber local dev isn't implemented yet, so we are doing a bit of a hack to just run the server in your local environment.
+
+TODO: replace locally running server with the real docker container.
+
+## Deploying
+
+1. Make sure the docker daemon is running
+
+2. Disable WARP and run 
+
+```
+npx https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/runs/14387504770/npm-package-wrangler-8740 deploy
+```
+
+3. Add to your Claude config. If using with Claude, you'll need to disable WARP:
+
+```
+{
+    "mcpServers": {
+        "container": {
+            "command": "npx",
+            "args": [
+                "mcp-remote",
+                // this is my deployed instance
+                "https://container-starter-2.cmsparks.workers.dev/sse"
+            ]
+        }
+    }
+}
+```
+
+## Tools
+
+- `container_initialize`: (Re)start a container. Containers are intended to be ephemeral and don't save any state. Containers are only guaranteed to last 10m (this is just because I have a max of like ~5 containers per account).
+- `container_ping`: Ping a container for connectivity
+- `container_exec`: Run a command in the shell
+- `container_files_write`: Write to a file
+- `container_files_list`: List all files in the work directory
+- `container_file_read`: Read the contents of a single file or directory
+
+## Resources
+
+TODO
+
+Tried implementing these, but MCP clients don't support resources well at all.
+
+## Prompts
+
+TODO
+
+## Container support
+
+The container currently runs python and node. It's connected to the internet and LLMs can install whatever packages.

apps/sandbox-container/container/index.ts

@@ -0,0 +1,169 @@
+import { exec } from 'node:child_process'
+import * as fs from 'node:fs/promises'
+import path from 'node:path'
+import { serve } from '@hono/node-server'
+import { zValidator } from '@hono/zod-validator'
+import { Hono } from 'hono'
+import { streamText } from 'hono/streaming'
+import mime from 'mime'
+
+import { ExecParams, FileList, FilesWrite } from '../shared/schema.ts'
+
+process.chdir('workdir')
+
+const app = new Hono()
+
+app.get('/ping', (c) => c.text('pong!'))
+
+/**
+ * GET /files/ls
+ *
+ * Gets all files in a directory
+ */
+app.get('/files/ls', async (c) => {
+	const directoriesToRead = ['.']
+	const files: FileList = { resources: [] }
+
+	while (directoriesToRead.length > 0) {
+		const curr = directoriesToRead.pop()
+		if (!curr) {
+			throw new Error('Popped empty stack, error while listing directories')
+		}
+		const fullPath = path.join(process.cwd(), curr)
+		const dir = await fs.readdir(fullPath, { withFileTypes: true })
+		for (const dirent of dir) {
+			const relPath = path.relative(process.cwd(), `${fullPath}/${dirent.name}`)
+			if (dirent.isDirectory()) {
+				directoriesToRead.push(dirent.name)
+				files.resources.push({
+					uri: `file:///${relPath}`,
+					name: dirent.name,
+					mimeType: 'inode/directory',
+				})
+			} else {
+				const mimeType = mime.getType(dirent.name)
+				files.resources.push({
+					uri: `file:///${relPath}`,
+					name: dirent.name,
+					mimeType: mimeType ?? undefined,
+				})
+			}
+		}
+	}
+
+	return c.json(files)
+})
+
+/**
+ * GET /files/contents/{filepath}
+ *
+ * Get the contents of a file or directory
+ */
+app.get('/files/contents/*', async (c) => {
+	let reqPath = c.req.path.replace('/files/contents', '')
+	reqPath = reqPath.endsWith('/') ? reqPath.substring(0, reqPath.length - 1) : reqPath
+	try {
+		const mimeType = mime.getType(reqPath)
+		const headers = mimeType ? { 'Content-Type': mimeType } : undefined
+		const contents = await fs.readFile(path.join(process.cwd(), reqPath))
+		return c.newResponse(contents, 200, headers)
+	} catch (e: any) {
+		if (e.code) {
+			// handle directory
+			if (e.code === 'EISDIR') {
+				const files: string[] = []
+				const dir = await fs.readdir(path.join(process.cwd(), reqPath), {
+					withFileTypes: true,
+				})
+				for (const dirent of dir) {
+					const relPath = path.relative(process.cwd(), `${reqPath}/${dirent.name}`)
+					if (dirent.isDirectory()) {
+						files.push(`file:///${relPath}`)
+					} else {
+						const mimeType = mime.getType(dirent.name)
+						files.push(`file:///${relPath}`)
+					}
+				}
+				return c.newResponse(files.join('\n'), 200, {
+					'Content-Type': 'inode/directory',
+				})
+			}
+
+			if (e.code === 'ENOENT') {
+				return c.notFound()
+			}
+		}
+
+		throw e
+	}
+})
+
+/**
+ * POST /files/contents
+ *
+ * Create or update file contents
+ */
+app.post('/files/contents', zValidator('json', FilesWrite), async (c) => {
+	const file = c.req.valid('json')
+	const reqPath = file.path.endsWith('/') ? file.path.substring(0, file.path.length - 1) : file.path
+	try {
+		await fs.writeFile(reqPath, file.text)
+		return c.newResponse(null, 200)
+	} catch (e) {
+		return c.newResponse(`Error: ${e}`, 400)
+	}
+})
+
+/**
+ * POST /exec
+ *
+ * Execute a command in a shell
+ */
+app.post('/exec', zValidator('json', ExecParams), (c) => {
+	const execParams = c.req.valid('json')
+	const proc = exec(execParams.args)
+	return streamText(c, async (stream) => {
+		return new Promise(async (resolve, reject) => {
+			if (proc.stdout) {
+				// Stream data from stdout
+				proc.stdout.on('data', async (data) => {
+					await stream.write(data.toString())
+				})
+			} else {
+				await stream.write('WARNING: no stdout stream for process')
+			}
+
+			if (execParams.streamStderr) {
+				if (proc.stderr) {
+					proc.stderr.on('data', async (data) => {
+						await stream.write(data.toString())
+					})
+				} else {
+					await stream.write('WARNING: no stderr stream for process')
+				}
+			}
+
+			// Handle process exit
+			proc.on('exit', async (code) => {
+				await stream.write(`Process exited with code: ${code}`)
+				if (code === 0) {
+					stream.close()
+					resolve()
+				} else {
+					console.error(`Process exited with code ${code}`)
+					reject(new Error(`Process failed with code ${code}`))
+				}
+			})
+
+			proc.on('error', (err) => {
+				console.error('Error with process: ', err)
+				reject(err)
+			})
+		})
+	})
+})
+
+serve({
+	fetch: app.fetch,
+	port: 8080,
+})

apps/sandbox-container/container/tsconfig.json

@@ -0,0 +1,16 @@
+{
+	"compilerOptions": {
+		"lib": ["es2023"],
+		"module": "ES2022",
+		"target": "es2022",
+		"types": ["@types/node"],
+		"strict": true,
+		"esModuleInterop": true,
+		"skipLibCheck": true,
+		"moduleResolution": "bundler",
+		"noEmit": true,
+		"allowImportingTsExtensions": true
+	},
+	"include": ["**/*.ts"],
+	"exclude": []
+}

apps/sandbox-container/package.json

@@ -0,0 +1,34 @@
+{
+	"name": "containers-starter",
+	"version": "0.0.0",
+	"private": true,
+	"type": "module",
+	"scripts": {
+		"deploy": "wrangler deploy",
+		"dev": "concurrently \"tsx container/index.ts\" \"wrangler dev --var \"ENVIRONMENT:dev\"\"",
+		"build": "docker build .",
+		"start": "wrangler dev",
+		"start:container": "tsx container/index.ts"
+	},
+	"dependencies": {
+		"@cloudflare/workers-types": "^4.20250320.0",
+		"@hono/node-server": "^1.13.8",
+		"@hono/zod-validator": "^0.4.3",
+		"@modelcontextprotocol/sdk": "^1.7.0",
+		"@types/node": "^22.13.10",
+		"agents": "^0.0.42",
+		"cron-schedule": "^5.0.4",
+		"esbuild": "^0.25.1",
+		"hono": "^4.7.5",
+		"mime": "^4.0.6",
+		"octokit": "^4.1.2",
+		"partyserver": "^0.0.65",
+		"tsx": "^4.19.3",
+		"workers-mcp": "0.1.0-3",
+		"zod": "^3.24.2"
+	},
+	"devDependencies": {
+		"concurrently": "^9.1.2",
+		"wrangler": "^4.9.1"
+	}
+}