mcp-local-files
Verified Safeby zhangrunhao
Overview
This server provides a Model Context Protocol (MCP) interface for AI agents to list, read, and search local project files, acting as a bridge for code understanding and interaction.
Installation
PROJECT_ROOT=/absolute/path/to/your/project npx tsx src/index.tsEnvironment Variables
- PROJECT_ROOT
- PORT
- MAX_ENTRIES
- MAX_FILE_BYTES
- MAX_SEARCH_RESULTS
Security Notes
The server implements robust security measures for file system access, including a mandatory PROJECT_ROOT environment variable to define the scope, and a 'resolveSafe' function to prevent directory traversal attacks. It explicitly denies access to common sensitive/large directories and binary file extensions. File reading includes truncation and a check for null bytes to reject binary content. No 'eval' or direct arbitrary command execution (outside of controlled SDK dependencies) is observed. The server exits if PROJECT_ROOT is not set, enforcing secure configuration. The use of Zod for input validation is also a positive security practice.
Similar Servers
mcp-filesystem-server
Provides secure and controlled access to the local filesystem via the Model Context Protocol (MCP) for AI agents and other applications.
tenets
Provides intelligent, token-optimized code context and automatically injects guiding principles to AI coding assistants for enhanced understanding and consistent interactions.
dev-kit-mcp-server
A Model Context Protocol (MCP) server targeted for agent development tools, providing scoped authorized operations in the root project directory.
mcp-http-agent-md
This server acts as a central hub for AI agents, managing project knowledge (AGENTS.md), structured tasks, version history, and ephemeral scratchpads, with capabilities to spawn context-isolated subagents for focused tasks.