Sudo FAQs

Question 1

What problem does Sudo (sudo-mcp) solve for AI coding agents?

Accepted Answer

Sudo enables AI coding agents to run `sudo` commands securely. It addresses the issue of `sudo` failing in environments like Claude Code due to lack of a terminal, and prevents insecure workarounds that expose passwords to the AI model, conversation transcripts, or grant agents unmonitored root access.

Question 2

What security features does Sudo offer for command execution?

Accepted Answer

Sudo accepts command arguments as a list (not a shell string), which inherently prevents shell injection vulnerabilities. It also displays a user-provided justification in the password dialog, ensuring clarity on what is being authorized. While Sudo itself doesn't have a command denylist, users are encouraged to implement their own guardrails using `sudoers` `Cmnd_Alias` or wrapper scripts.

Question 3

How does Sudo prevent password exposure to AI models?

Accepted Answer

When an AI agent requests a `sudo` command via Sudo, a native OS password dialog pops up on the user's screen. The user types the password directly into this dialog, ensuring credentials never enter the model context, MCP transport, conversation transcript, or any training data.

Question 4

Can I set timeouts for `sudo` commands executed by AI agents?

Accepted Answer

Yes, Sudo supports configurable command execution timeouts. On macOS/Linux, it runs `sudo` in its own process group and attempts to kill that entire group, including root-owned descendants, if the specified timeout is exceeded, providing robust cleanup.

Question 5

Is Sudo compatible with different operating systems?

Accepted Answer

Sudo requires `sudo` to be installed. It works out-of-the-box on macOS. On Linux, it requires at least one of `ssh-askpass`, `ksshaskpass`, `zenity`, or `kdialog` to display the native password dialog.

Sudo

Sudo

主な機能

ユースケース

主な機能

ユースケース