vulcan-file-ops
Verified Safeby n0zer0d4y
Overview
Transforms desktop AI assistants into powerful development partners by providing secure, user-controlled filesystem operations and code manipulation capabilities.
Installation
npx @n0zer0d4y/vulcan-file-opsEnvironment Variables
- APPROVED_COMMANDS
Security Notes
The server demonstrates a very strong focus on security, actively mitigating several common vulnerabilities. It rigorously validates all file paths against a whitelist of 'allowed directories' using canonical path resolution and symlink dereferencing to prevent directory traversal (CWE-23) and symlink attacks (CVE-2025-53109). A recent 'SECURITY FIX' explicitly blocks all unapproved shell commands (CVE-2025-54795) and validates the working directory, even when unspecified, preventing execution bypasses. It also includes checks for dangerous command patterns (e.g., 'rm -rf', 'sudo') and command substitution. Write operations use atomic renames to prevent race conditions. The overall architecture is designed for secure, user-controlled access to local resources.
Similar Servers
tiger-linear-mcp-server
This server acts as a wrapper for the Linear API, providing focused tools for LLMs to manage and query issue tracking and project data.
tiger-gh-mcp-server
Provides a set of focused tools to Large Language Models (LLMs) for interacting with the GitHub API, enabling capabilities like fetching issues, pull requests, commits, releases, and searching code within a specified organization.
tiger-memory-mcp-server
A backend server for a Minecraft-related application, likely providing data management or proxy services.
overseerr-mcp
Provides AI assistants with direct integration to Overseerr for automated media discovery, requests, and management within a Plex ecosystem.