Is anyone here giving their MCP server a code execution environment?

I built an MCP to handle all my wearables data, and it was super helpful, but the types of questions that agent could answer without access to write its own programs was limited. A single wearables stream can have 20k data points for 1 hr of activity (1Hz across GPS, barometer, temperature, and HR), and the typical MCP design either has the MCP author manually defining the aggregation methods (e.g., get_average_heartrate) or the LLM has to hold in it's context the large data representation.

I recently gave the MCP tools to create and access an iPython kernel, where it has the ability to specify what package to download before the session is created, and it can manipulate a copy of the data by writing its own code.

Making sure data was kept private and tools / code were secure was what took most of the time, and I'm wondering if there are any tools folks are using to make this easier. I know there are tools like e2b.dev which provide code sandboxes, but I feel like other data providing MCPs will run into this issue, so there must be some solution / architecture design I'm missing.