MCP tools
Lima implements the “MCP Sandbox Interface” (tentative name): https://pkg.go.dev/github.com/lima-vm/lima/v2/pkg/mcp/msi
MCP Sandbox Interface defines MCP (Model Context Protocol) tools that can be used for reading, writing, and executing local files with an appropriate sandboxing technology, such as Lima.
The sandboxing technology can be more secure and/or efficient than the default tools provided by an AI agent.
MCP Sandbox Interface was inspired by Google Gemini CLI’s built-in tools.
glob
Description
Finds files matching specific glob patterns (e.g., src/**/*.ts, *.md)
Input Schema
{
"additionalProperties": false,
"properties": {
"path": {
"description": "The absolute path to the directory to search within. If omitted, searches the tool's root directory.",
"type": [
"null",
"string"
]
},
"pattern": {
"description": "The glob pattern to match against (e.g., '*.py', 'src/**/*.js').",
"type": "string"
}
},
"required": [
"pattern"
],
"type": "object"
}
Output Schema
{
"additionalProperties": false,
"properties": {
"matches": {
"description": "A list of absolute file paths that match the provided glob pattern.",
"items": {
"type": "string"
},
"type": "array"
}
},
"required": [
"matches"
],
"type": "object"
}
list_directory
Description
Lists the names of files and subdirectories directly within a specified directory path.
Input Schema
{
"additionalProperties": false,
"properties": {
"path": {
"description": "The absolute path to the directory to list.",
"type": "string"
}
},
"required": [
"path"
],
"type": "object"
}
Output Schema
{
"additionalProperties": false,
"properties": {
"entries": {
"description": "The directory content entries.",
"items": {
"additionalProperties": false,
"properties": {
"is_dir": {
"description": "true for a directory",
"type": [
"null",
"boolean"
]
},
"mode": {
"description": "file mode bits",
"type": [
"null",
"integer"
]
},
"name": {
"description": "base name of the file",
"type": "string"
},
"size": {
"description": "length in bytes for regular files; system-dependent for others",
"type": [
"null",
"integer"
]
},
"time": {
"description": "modification time",
"type": "string"
}
},
"required": [
"name"
],
"type": "object"
},
"type": "array"
}
},
"required": [
"entries"
],
"type": "object"
}
read_file
Description
Reads and returns the content of a specified file.
Input Schema
{
"additionalProperties": false,
"properties": {
"path": {
"description": "The absolute path to the file to read.",
"type": "string"
}
},
"required": [
"path"
],
"type": "object"
}
Output Schema
{
"additionalProperties": false,
"properties": {
"content": {
"description": "The content of the file.",
"type": "string"
}
},
"required": [
"content"
],
"type": "object"
}
run_shell_command
Description
Executes a given shell command.
Input Schema
{
"additionalProperties": false,
"properties": {
"command": {
"description": "The exact shell command to execute. Defined as a string slice, unlike Gemini's run_shell_command that defines it as a single string.",
"items": {
"type": "string"
},
"type": "array"
},
"description": {
"description": "A brief description of the command's purpose, which will be potentially shown to the user.",
"type": "string"
},
"directory": {
"description": "The absolute directory in which to execute the command. Unlike Gemini's run_shell_command, this must not be a relative path, and must not be empty.",
"type": "string"
}
},
"required": [
"command",
"directory"
],
"type": "object"
}
Output Schema
{
"additionalProperties": false,
"properties": {
"error": {
"description": "Any error message reported by the subprocess.",
"type": "string"
},
"exit_code": {
"description": "Exit code of the command.",
"type": [
"null",
"integer"
]
},
"stderr": {
"description": "Output from the standard error stream.",
"type": "string"
},
"stdout": {
"description": "Output from the standard output stream.",
"type": "string"
}
},
"required": [
"stdout",
"stderr"
],
"type": "object"
}
search_file_content
Description
Searches for a regular expression pattern within the content of files in a specified directory. Internally calls ‘git grep -n –no-index’.
Input Schema
{
"additionalProperties": false,
"properties": {
"include": {
"description": "A glob pattern to filter which files are searched (e.g., '*.js', 'src/**/*.{ts,tsx}'). If omitted, searches most files (respecting common ignores).",
"type": [
"null",
"string"
]
},
"path": {
"description": "The absolute path to the directory to search within. Defaults to the current working directory.",
"type": [
"null",
"string"
]
},
"pattern": {
"description": "The regular expression (regex) to search for (e.g., 'function\\s+myFunction').",
"type": "string"
}
},
"required": [
"pattern"
],
"type": "object"
}
Output Schema
{
"additionalProperties": false,
"properties": {
"git_grep_output": {
"description": "The raw output from the 'git grep -n --no-index' command, containing matching lines with filenames and line numbers.",
"type": "string"
}
},
"required": [
"git_grep_output"
],
"type": "object"
}
write_file
Description
Writes content to a specified file. If the file exists, it will be overwritten. If the file doesn’t exist, it (and any necessary parent directories) will be created.
Input Schema
{
"additionalProperties": false,
"properties": {
"content": {
"description": "The content to write into the file.",
"type": "string"
},
"path": {
"description": "The absolute path to the file to write to.",
"type": "string"
}
},
"required": [
"path",
"content"
],
"type": "object"
}
Output Schema
{
"additionalProperties": false,
"type": "object"
}