[Feature Request] Support shell command substitution in MCP server env values

Resolved 💬 3 comments Opened Jan 12, 2026 by JayToltTech Closed Feb 27, 2026

Summary

MCP server environment variables in config files (claude.json, settings.json) don't support shell command substitution. The $(...) syntax is passed as a literal string rather than being evaluated.

Use Case

Securely retrieving API tokens from password managers like 1Password at MCP server startup:

{
  "mcpServers": {
    "todoist": {
      "type": "stdio",
      "command": "npx",
      "args": ["-y", "@greirson/mcp-todoist"],
      "env": {
        "TODOIST_API_TOKEN": "$(op read 'op://Employee/Todoist/token')"
      }
    }
  }
}

Current Behavior

The MCP server receives the literal string $(op read 'op://Employee/Todoist/token') as the env value, causing authentication failures.

Expected Behavior

Claude Code evaluates $(...) expressions in env values before spawning the MCP server, passing the resolved value.

Workaround

Create a shell wrapper around claude that:

  1. Authenticates with 1Password once
  2. Exports resolved tokens as environment variables
  3. Launches Claude Code with inherited env vars

MCP servers then inherit tokens from the environment. This works but adds friction and requires maintaining a separate wrapper script.

Additional Context

This would enable secure credential management without hardcoding tokens in config files, following security best practices for CLI tools that integrate with password managers.

Platform

  • macOS (Darwin 25.1.0)
  • Claude Code version: latest

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗