filesystem-mcp
Verified Safeby Tabeeh
Overview
This server provides AI agents secure, relative filesystem access to a project's files and directories via the Model Context Protocol (MCP) over standard I/O.
Installation
npx @shtse8/filesystem-mcpSecurity Notes
The server uses `StdioServerTransport` for communication, meaning it doesn't directly expose HTTP endpoints, limiting its direct network attack surface. A critical `resolvePath` utility rigorously prevents path traversal and absolute path usage, confining all file operations strictly to the `PROJECT_ROOT`. No instances of `eval`, obfuscation, or hardcoded secrets were found. While tools like `chmod_items` and `chown_items` offer powerful capabilities, they operate within the confined project root, and the server itself implements robust path validation to prevent misuse outside these boundaries. The primary security consideration would be a compromised AI agent misusing these powerful tools within the allowed project scope.
Similar Servers
mcp-filesystem-server
Provides secure and controlled access to the local filesystem via the Model Context Protocol (MCP) for AI agents and other applications.
claude-faf-mcp
Optimizes AI understanding of software projects by providing persistent context, fixing context-drift, and enabling bi-directional synchronization between project metadata and AI documentation.
filesystem-mcp
Provides secure, efficient, and token-optimized filesystem operations for AI agents via the Model Context Protocol.
dev-kit-mcp-server
A Model Context Protocol (MCP) server targeted for agent development tools, providing scoped authorized operations in the root project directory.