ufm
by rem5357
Overview
A cross-platform MCP server for comprehensive and secure file management, enabling AI clients to interact with the local filesystem.
Installation
ufmSecurity Notes
The server implements strong sandboxing, path traversal protection, sensitive file blocking, and granular operation controls for local file system access. However, the auto-update mechanism (enabled by default) fetches version information, including checksums, over unencrypted HTTP. This makes it vulnerable to Man-in-the-Middle (MITM) attacks, where an attacker could intercept the `version.json` response, provide a malicious binary's download URL, and a matching (but fake) SHA256 checksum for that malicious binary. The client would then download and apply the malicious update, leading to arbitrary code execution. P2P connections do not currently enforce TLS, though it is planned for the future.
Similar Servers
mcp-filesystem-server
Provides secure and controlled access to the local filesystem via the Model Context Protocol (MCP) for AI agents and other applications.
ssh-mcp-server
Bridging AI assistants to remote SSH server operations for command execution, file transfer, and server status retrieval via the Model Context Protocol (MCP).
dev-kit-mcp-server
A Model Context Protocol (MCP) server targeted for agent development tools, providing scoped authorized operations in the root project directory.
AI-Prompt-Guide-MCP
Orchestrates AI agents for project management and development workflows by linking structured markdown specifications and tasks.