VERIFIED

Filesystem

Safety: 45/100

0.0(0)

This MCP server provides access to the local filesystem, enabling read, write, and management operations within specified allowed directories.

MCP ServersFreemium

Boost this tool

Subscribe to listing upgrades or segmented pushes.

Overview

This MCP server provides access to the local filesystem, enabling read, write, and management operations within specified allowed directories.

This server is relatively safe when configured with carefully chosen allowed directories and used for read-only operations. However, the write and delete capabilities pose a significant risk if the allowed directories are too broad or if the server is used by untrusted actors.

Performance will be limited by disk I/O speed. Large file operations may take significant time. Consider the impact of recursive directory searches on performance.

The primary cost is the computational resources used to run the server. Disk I/O can also be a factor in terms of resource utilization.

Go598 starsMITReleased 6/22/2025CI/CD

Connections & Capabilities

Connects To

GitHubDockerFilesystem

Capabilities

ReadWriteAdmin

Client Compatibility

Claude Desktop

full

Cursor

untested

Windsurf

untested

VS Code (Copilot)

untested

Quickstart

Claude Desktop Config

{
  "mcpServers": {
    "filesystem": {
      "command": "mcp-filesystem-server",
      "args": ["/path/to/allowed/directory", "/another/allowed/directory"]
    }
  }
}

Tools (14)

safe

read_file

Reads the complete contents of a specified file.

Read-only operation, no side effects.

safe

read_multiple_files

Reads the contents of multiple files in a single operation.

Read-only operation, no side effects.

critical

write_file

Creates a new file or overwrites an existing file with specified content.

Can overwrite or create files, potentially leading to data loss or corruption.

high

copy_file

Copies files and directories from a source to a destination.

Can create copies of sensitive files in unintended locations.

high

move_file

Moves or renames files and directories.

Can move files to unintended locations, potentially disrupting workflows or hiding data.

critical

delete_file

Deletes a file or directory from the file system.

Can permanently delete files and directories, leading to data loss.

high

modify_file

Updates a file by finding and replacing text using string matching or regex.

Can modify file contents, potentially introducing errors or malicious code.

safe

list_directory

Gets a detailed listing of all files and directories in a specified path.

Read-only operation, no side effects.

moderate

create_directory

Creates a new directory or ensures a directory exists.

Can create new directories, potentially altering the file system structure.

safe

tree

Returns a hierarchical JSON representation of a directory structure.

Read-only operation, no side effects.

safe

search_files

Recursively searches for files and directories matching a pattern.

Read-only operation, no side effects.

safe

search_within_files

Searches for text within file contents across directory trees.

Read-only operation, no side effects.

safe

get_file_info

Retrieves detailed metadata about a file or directory.

Read-only operation, no side effects.

safe

list_allowed_directories

Returns the list of directories that this server is allowed to access.

Read-only operation, no side effects.

Security

Auth Method

None

Known Risks

!Directory traversal vulnerabilities if path validation is insufficient.
!Accidental or malicious deletion of important files.
!Overwriting files with incorrect or malicious content.
!Information disclosure if allowed directories contain sensitive data.
!Resource exhaustion through excessive file operations.

Safety Score

moderate risk

Positive

+Access is restricted to pre-defined allowed directories.
+Path validation helps prevent directory traversal attacks.
+Symlink resolution includes security checks.
+No external network access required.

Risks

-Includes tools for writing, modifying, and deleting files.
-Incorrect configuration of allowed directories could expose sensitive data.
-Potential for denial-of-service through excessive file operations.
-No built-in authentication or authorization beyond allowed directories.

Use Cases

Code Generation and Editing

-Reading source code files for context.
-Writing generated code to specific locations.
-Modifying existing code files with find and replace.

Configuration Management

-Reading configuration files to understand system settings.
-Writing updated configuration files to apply changes.
-Searching for specific configuration parameters within files.

Document Processing

-Reading text files for analysis.
-Writing processed text to new files.
-Searching for specific keywords within documents.

Data Backup and Recovery

-Copying files to a backup location.
-Restoring files from a backup location.
-Listing directories to identify files for backup.

Who Is This For?

Best For

Automated code generation workflows.
Configuration management tasks.
Simple data processing pipelines.
Internal tools with limited scope.

Not Ideal For

Applications requiring high security or strict access control.
Systems handling sensitive data without proper encryption and access controls.
Publicly exposed services.
Real-time or high-performance applications.

Autonomy & Execution

Default ModeConfigurable

Destructive Tools

Autonomy is highly dependent on the configured allowed directories. Without careful configuration, destructive tools can cause significant damage.

StatelessYes

Retry LogicNot documented

ConcurrencySingle-threaded

Production Tip

Carefully restrict the allowed directories to the minimum necessary set to reduce the risk of accidental or malicious file operations.

FAQ

How do I restrict access to specific files and directories?

Configure the allowed directories when starting the server. Only files and directories within these allowed paths will be accessible.

What happens if I try to access a file outside the allowed directories?

The server will return an error indicating that the file is not accessible.

Does this server support authentication?

No, this server does not have built-in authentication. Access control is based solely on the allowed directories.

Can I use this server to modify system files?

It depends on the allowed directories configuration. If the allowed directories include system files, then yes. However, this is generally not recommended due to the risk of system instability.

How can I prevent accidental deletion of files?

Carefully configure the allowed directories and limit write access to trusted users or processes. Consider implementing backups.

Is it safe to expose this server to the internet?

No, it is generally not safe to expose this server directly to the internet without additional security measures such as a firewall and intrusion detection system.

What file size limits are enforced by this server?

The documentation mentions size limits for inline content and base64 encoding, but specific values are not provided. You may need to test to determine the exact limits.

Metrics

Discovered2/14/2026

Reviews0

Saved By0 users

Related Tools

Filesystem - AI Tool Review & Alternatives | Flaex AI