files-stdio-mcp-server
Verified Safeby iceener
Overview
Provides sandboxed filesystem access for AI agents to explore directories, read/search file content, and safely edit text files with checksum verification.
Installation
bun run src/index.tsEnvironment Variables
- FS_ROOTS
- LOG_LEVEL
- MAX_FILE_SIZE
Security Notes
The server implements strong sandboxing by preventing absolute paths and directory traversal (`..`) outside configured mount points (`FS_ROOTS`). All file operations are routed through a robust path resolution layer (`src/lib/paths.ts`). Input validation is performed using Zod, mitigating common injection risks. File write operations (`fs_write`) strongly recommend checksum verification to prevent stale or unintended overwrites, enhancing data integrity. There is no apparent use of `eval` or direct arbitrary command execution. Glob patterns for searching are converted to safe regular expressions, not shell commands. Communication is via stdin/stdout, reducing network attack surface.
Similar Servers
aleph
Aleph is an MCP server that provides LLMs programmatic access to gigabytes of local data without consuming context, implementing the Recursive Language Model (RLM) architecture.
ipybox
A Python code execution sandbox for AI agents to programmatically interact with MCP tools and execute code actions in a stateful, sandboxed environment.
filesystem-mcp
Provides secure, efficient, and token-optimized filesystem operations for AI agents via the Model Context Protocol.
dev-kit-mcp-server
A Model Context Protocol (MCP) server targeted for agent development tools, providing scoped authorized operations in the root project directory.