unc-filesystem-mcp
Verified Safeby BlockSecCA
Overview
Enables AI agents (specifically Claude Desktop) to perform secure filesystem operations with proper UNC path support on Windows, addressing issues with network drive resolution and subdirectory access.
Installation
node C:/path/to/unc-filesystem-mcp/dist/index.js "\\\\server\\share" "Z:\" "C:\\Users\\Me\\Documents"Security Notes
The server's primary security mechanism is the `validatePath` function, which normalizes all incoming request paths and verifies they fall strictly within pre-configured 'allowedDirectories'. This robustly defends against path traversal vulnerabilities. All file system operations (`fs.readFile`, `fs.writeFile`, `fs.readdir`, `fs.stat`) are gated by this validation. The `edit_file` tool includes checks for unique occurrences to prevent unintended broad replacements. The `searchFiles` tool uses `glob` but limits user input to a wildcard pattern `**/*${pattern}*` within a validated `cwd`, mitigating risks associated with arbitrary glob patterns. No `eval` or obvious malicious patterns are present. The server operates with the permissions of the executing Node.js process.
Similar Servers
mcp-filesystem-server
Provides secure and controlled access to the local filesystem via the Model Context Protocol (MCP) for AI agents and other applications.
filesys
A secure MCP server providing filesystem operations with controlled access to specified directories for agent-based interactions.
enhanced-filesystem-mcp
Provides enhanced filesystem access to an MCP client with named path aliases and fuzzy search capabilities.
server-filesystem
Provides a secure Node.js server implementing Model Context Protocol (MCP) for AI clients to perform a wide range of filesystem operations with strict access control.