What features does Onyx MCP Sandbox MCP server provide?

Q: What features does Onyx MCP Sandbox MCP server provide?

Multi-language support: Supports Python 3.11, Java 17, C 12, C++ 12, Node.js 20, and Rust 1.72 via dedicated Docker images.. Docker sandboxing: Isolated containers with network disabled, read-only FS, tmpfs writable areas, CPU/memory/process limits, and non-root execution.. MCP protocol: run_code: Exposes a run_code tool to execute arbitrary code via the MCP protocol.. Logging: All execution logs are emitted to stderr to keep MCP client IO clean.. CI-ready: Automated tests for executors via GitHub Actions.. Pre-pulled images: Setup instructions include pre-pulling language runtimes to minimize first-run latency.. Extensible language support: Extending to new languages involves selecting a Docker image, implementing an executor, registering it in main.go, writing tests, and pre-pulling the image.

Onyx MCP Sandbox MCP Server 2025: Features & Setup Guide

Overview

Onyx is a MCP server that securely executes code inside Docker sandboxes, enabling safe execution of user-supplied code across multiple languages. It supports Python 3.11, Java 17 (OpenJDK), C/C++ toolchains (gcc 12), Node.js 20, and Rust 1.72, running each job in isolated containers. The server exposes a run_code tool through the MCP protocol, allowing clients to send code and receive results while logs are emitted to stderr to avoid interfering with MCP client IO. Sandboxing enforces strict limits: network is disabled, filesystems are read-only with tmpfs for writable areas, CPU, memory, and process limits are applied, and execution runs as a non-root user (uid 1000, gid 1000). The project includes automated tests (CI-ready) for executors and comprehensive setup instructions. Onyx is designed to integrate with Claude Desktop or other MCP clients, simplifying the workflow for power users and developers building AI applications that execute arbitrary code as part of the pipeline. The repository includes a Go-based server and language-specific executors, and provides clear steps to extend to new languages. Setup also suggests pre-pulling language runtimes to minimize first-run latency.

Features

Multi-language support

Supports Python 3.11, Java 17, C 12, C++ 12, Node.js 20, and Rust 1.72 via dedicated Docker images.

Docker sandboxing

Isolated containers with network disabled, read-only FS, tmpfs writable areas, CPU/memory/process limits, and non-root execution.

MCP protocol: run_code

Exposes a run_code tool to execute arbitrary code via the MCP protocol.

Logging

All execution logs are emitted to stderr to keep MCP client IO clean.

CI-ready

Automated tests for executors via GitHub Actions.

Pre-pulled images

Setup instructions include pre-pulling language runtimes to minimize first-run latency.

Extensible language support

Extending to new languages involves selecting a Docker image, implementing an executor, registering it in main.go, writing tests, and pre-pulling the image.