Full autonomous embedded firmware workspace MCP server for ESP-IDF
Project description
ESP-Workspace MCP
A full autonomous embedded firmware workspace server — the MCP (Model Context Protocol) infrastructure layer for AI agents working with ESP-IDF projects.
What it does
ESP-Workspace MCP turns an AI coding assistant into an autonomous firmware engineer. It provides tools for:
- Filesystem operations — read, write, list, glob with path sandboxing
- Shell execution — run commands with timeout, background jobs, output capture
- ESP-IDF build system — build, flash, clean, reconfigure via
eim runwithWISH_PRODUCTsupport - Security — Bearer token auth, path traversal prevention, configurable filesystem roots
Quick Start
Prerequisites
- Python 3.10+
- Espressif Install Manager (
eim— handles ESP-IDF installation and environment setup
Installation
pip install esp-workspace-mcp
Or from source:
git clone https://github.com/AIRcableLLC/esp-workspace-mcp.git
cd esp-workspace-mcp
python -m venv .venv
source .venv/bin/activate
pip install -e ".[dev]"
Configuration
Create a .env file:
MCP_API_TOKEN=your-secret-token-here
MCP_HOST=0.0.0.0
MCP_PORT=8765
MCP_ALLOWED_ROOTS=/home/user/projects
MCP_WISH_PRODUCT=TargetS3
MCP_EIM_PATH=eim
Or set environment variables directly.
Run the server
# SSE mode (default, for network access)
python run_server.py
# Stdio mode (for local MCP clients)
python run_server.py --stdio
The server exposes:
GET /sse— SSE connection endpoint (requires Bearer token)POST /messages— MCP message endpointGET /health— health check (no auth required)
MCP Tools
Filesystem Tools
| Tool | Description |
|---|---|
read_file(path, offset, limit) |
Read text file with pagination |
write_file(path, content) |
Write content to a file |
append_file(path, content) |
Append to an existing file |
list_dir(path) |
List directory entries |
create_dir(path) |
Create directory recursively |
delete_path(path) |
Delete file or empty directory |
file_stat(path) |
Get file/directory metadata |
glob_search(pattern, path) |
Find files by glob pattern |
Shell Tools
| Tool | Description |
|---|---|
run_command(cmd, cwd, timeout) |
Execute command and wait |
start_process(cmd, cwd) |
Start background job |
get_job_output(job_id, offset) |
Read job output |
kill_job(job_id) |
Terminate background job |
list_jobs() |
List all jobs |
ESP-IDF Tools
All ESP-IDF operations are invoked through eim run "WISH_PRODUCT=<product> idf.py ..." which handles environment setup automatically.
| Tool | Description |
|---|---|
eim_run(commands, project_dir, wish_product) |
Run any idf.py command via eim |
build_project(project_dir, wish_product, reconfigure) |
Build an ESP-IDF project |
set_target(project_dir, target, wish_product) |
Set target chip (esp32, esp32s3, etc.) |
flash_project(project_dir, port, wish_product) |
Flash firmware to device |
clean_project(project_dir) |
Clean build artifacts |
fullclean_project(project_dir) |
Remove entire build directory |
reconfigure_project(project_dir, wish_product) |
Regenerate sdkconfig + CMake cache |
Build Step Decision Tree
Is sdkconfig missing or have defaults changed?
├── YES → eim_run("reconfigure build", project_dir, wish_product)
└── NO → eim_run("build", project_dir, wish_product)
Security
| Control | Implementation |
|---|---|
| Filesystem sandbox | All paths validated against MCP_ALLOWED_ROOTS |
| Path traversal prevention | Symlink-resolved, .. escapes rejected |
| Shell timeout | Configurable, default 30s, max 300s |
| Output truncation | 50 KB max per response |
| Authentication | Bearer token on every request |
| Credential safety | Tokens in env vars only, never logged |
Integration with AI Agents
Hermes
hermes mcp add esp-workspace \
--url http://host:port/sse \
--header "Authorization: Bearer your-token"
Generic MCP Client
Any MCP-compatible client can connect to the SSE endpoint. The server implements the standard MCP protocol over SSE/HTTP transport.
Architecture
esp_workspace_mcp/
├── config.py # Settings from env, fail-fast validation
├── server.py # FastMCP server, tool registration
├── auth.py # Bearer token middleware
├── tools/
│ ├── filesystem.py # 8 path-validated file operations
│ ├── shell.py # Command execution + background jobs
│ └── esp_idf.py # eim-run wrapper, build/flash/clean
├── utils/
│ ├── security.py # Path sandboxing, symlink resolution
│ └── process.py # Subprocess management, JobManager
└── resources/
└── project.py # MCP resources (project status, etc.)
License
Apache-2.0
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
esp_workspace_mcp-0.5.0.tar.gz
(42.4 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file esp_workspace_mcp-0.5.0.tar.gz.
File metadata
- Download URL: esp_workspace_mcp-0.5.0.tar.gz
- Upload date:
- Size: 42.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
85725428f4a5963c2431f80393ac9ee0f4e89c009e4c6a39163549d75f600972
|
|
| MD5 |
c54615b62d2d9a3062c5b2e40aebd970
|
|
| BLAKE2b-256 |
960960d6fb8c799610a684b570c10885229eed1f86136bef1c03d2520e458f24
|
File details
Details for the file esp_workspace_mcp-0.5.0-py3-none-any.whl.
File metadata
- Download URL: esp_workspace_mcp-0.5.0-py3-none-any.whl
- Upload date:
- Size: 50.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
72322a6a27fb69ed0d5e1b3760ae3b83db9dad18283ca392bd00f00dc790acc9
|
|
| MD5 |
d6766939f3f9a078a7f7671875aa0cbc
|
|
| BLAKE2b-256 |
4bdd0a1344f847db289da6949bf2cba19c3d11bb12e9064745c43b7f85b40682
|
