filesys
Verified Safeby gomcpgo
Overview
A secure Model Context Protocol (MCP) server that provides controlled filesystem operations for client applications and coding agents.
Installation
go run ./cmd/main.goEnvironment Variables
- MCP_ALLOWED_DIRS
Security Notes
The server implements robust security measures for path validation, including: 1) Resolving all symbolic links (`filepath.EvalSymlinks`) to prevent traversal attacks. 2) Converting all paths to absolute form. 3) Strict prefix matching with path separators to prevent `/allowed` matching `/allowed_attacker`. 4) Validation of parent directories for non-existent paths (write operations). Broken symlinks are explicitly rejected. All access attempts are logged with a 'SECURITY:' prefix. No `eval` or similar dangerous patterns are used. No hardcoded secrets are evident in the provided code. The security model appears comprehensive and well-implemented.
Similar Servers
mcp-filesystem-server
Provides secure and controlled access to the local filesystem via the Model Context Protocol (MCP) for AI agents and other applications.
tinystruct-mcp
This server provides a JSON-RPC interface for Git, GitHub API, and file system operations, intended for integration into DevOps, automation, and AI-driven workflows.
dev-kit-mcp-server
A Model Context Protocol (MCP) server for agent development tools, enabling secure, scoped operations within a root project directory.
server-filesystem
Provides a secure Node.js server implementing Model Context Protocol (MCP) for AI clients to perform a wide range of filesystem operations with strict access control.