mcp-filesystem-server
Verified Safeby mark3labs
Overview
Provides secure and controlled access to the local filesystem via the Model Context Protocol (MCP) for AI agents and other applications.
Installation
docker run -i --rm ghcr.io/mark3labs/mcp-filesystem-server:latest /appSecurity Notes
The server implements robust path validation including absolute path resolution, explicit allowed directories, and comprehensive symlink resolution with security checks to prevent directory traversal attacks. All file operations leverage this validation. The 'modify_file' tool uses regex, which could theoretically be vulnerable to ReDoS if patterns are untrusted, but this is mitigated by the overall path restrictions. No hardcoded secrets or arbitrary code execution mechanisms ('eval') were found. The server operates with the privileges of its running user, which is standard for local tools.
Similar Servers
ssh-mcp-server
Enables AI assistants to securely execute remote SSH commands and perform file transfers on target servers via the Model Context Protocol (MCP).
toolhive-studio
ToolHive simplifies and secures the discovery, deployment, and management of Model Context Protocol (MCP) servers, enabling connections to AI agents and clients.
mcp-sdk-go
Go SDK for integrating large language models (LLMs) and external tools/resources via the Model Context Protocol (MCP).
filesystem-mcp
Provides secure, efficient, and token-optimized filesystem operations for AI agents via the Model Context Protocol.