gomcpgo/filesys

3.3

If you are the rightful owner of filesys and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.

A secure Model Context Protocol (MCP) server that provides filesystem operations with controlled access to specified directories.

Tools

Resources

Prompts

Filesystem MCP Server

A secure Model Context Protocol (MCP) server that provides filesystem operations with controlled access to specified directories.

Features

Directory access controlled via environment variables
File operations within allowed directories only
Thread-safe caching of allowed directories
Proper handling of paths with spaces

Installation

go get github.com/gomcpgo/filesys

Configuration

Set allowed directories using the environment variable:

export MCP_ALLOWED_DIRS="/path1,/path2,/path with spaces/dir3"

Tools

File Reading

read_file: Read single file contents
read_multiple_files: Read multiple files simultaneously

File Writing

write_file: Create or overwrite files

Directory Operations

create_directory: Create new directories
list_directory: List directory contents
list_allowed_directories: Show accessible directories

File Management

move_file: Move or rename files and directories
get_file_info: Get file metadata
search_files: Search files recursively with pattern matching

Usage with Claude Desktop

Add to claude_desktop_config.json:

{
  "mcpServers": {
    "filesystem": {
      "command": "/path/to/filesys",
      "env": {
        "MCP_ALLOWED_DIRS": "/path1,/path2,/path with spaces/dir3"
      }
    }
  }
}

Tool Examples

Reading a File

{
    "name": "read_file",
    "arguments": {
        "path": "/allowed/path/file.txt"
    }
}

Listing Directory

{
    "name": "list_directory",
    "arguments": {
        "path": "/allowed/path"
    }
}

Security

The filesystem MCP server implements comprehensive security measures to prevent unauthorized file access:

Path Validation

Symbolic link resolution: All paths are resolved to their canonical form using filepath.EvalSymlinks() before validation
Canonical path checking: Paths are validated against allowed directories only after resolving all symbolic links
Path traversal prevention: Attempts to escape allowed directories using ../ or similar techniques are blocked
Prefix matching protection: Directory prefixes are validated with path separators to prevent /allowed from matching /allowed_attacker

Symbolic Link Handling

Legitimate symlinks: Symbolic links within allowed directories are permitted (if their target is also within allowed directories)
Attack prevention: Symbolic links pointing outside allowed directories are automatically blocked
Broken symlinks: Broken symbolic links (pointing to non-existent targets) are rejected for security
Allowed directory symlinks: Allowed directories themselves may be symbolic links (resolved during initialization)

Write Operation Security

Non-existent paths: When creating new files or directories, the parent directory chain is validated
Parent validation: Only paths whose parent directories are within allowed areas can be created
Atomic validation: Path resolution and validation occur atomically to prevent race conditions

Attack Prevention

The server protects against:

Symlink-based directory traversal attacks
Path traversal with ../ sequences
Broken symlink exploitation
Prefix matching attacks (/allowed vs /allowed_attacker)
Nested symlink chains escaping allowed directories

Security Logging

All blocked access attempts are logged with "SECURITY:" prefix
Logs include both the requested path and its canonical resolution
Helps detect and investigate potential attack attempts

Best Practices

Configure MCP_ALLOWED_DIRS with the minimum necessary directories
Use absolute paths for allowed directories
Monitor logs for "SECURITY:" messages indicating blocked access attempts
Regularly review allowed directory configurations

Building

go build -o bin/filesys cmd/main.go

License

MIT License

Contributing

Pull requests welcome. Please ensure:

Tests pass
New features include documentation
Code follows project style

Related MCP Servers

View all file_systems servers →

edgeone-pages-mcp

4.7

by TencentEdgeOne

An MCP service for deploying HTML content, folder, and zip file to EdgeOne Pages and obtaining a publicly accessible URL.

cloud_platforms

mcp-filesystem-server

4.5

by mark3labs

This MCP server provides secure access to the local filesystem via the Model Context Protocol (MCP).

file_systems

mcp-everything-search

4.4

by mamertofabian

An MCP server that provides fast file searching capabilities across Windows, macOS, and Linux.

file_systems

Office-Word-MCP-Server

4.4

by GongRzhe

A Model Context Protocol (MCP) server for creating, reading, and manipulating Microsoft Word documents.

file_systems

DesktopCommanderMCP

4.3

by wonderwhy-er

Desktop Commander MCP is a tool that allows users to search, update, manage files, and run terminal commands using AI, without incurring API token costs.

file_systems

gistpad-mcp

4.2

by lostintangent

GistPad MCP is a server for managing and sharing personal knowledge, daily notes, and reusable prompts via GitHub Gists, integrated with VS Code and GistPad.dev.

knowledge_and_memory

python-mcp-server-client

4.2

by GobinFan

MCP Server is a server implementing the Model Context Protocol (MCP) to provide a standardized interface for AI models, connecting external data sources and tools like file systems, databases, or APIs.

ai_chatbot

mcp-text-editor

4.1

by tumf

A Model Context Protocol (MCP) server that provides line-oriented text file editing capabilities through a standardized API. Optimized for LLM tools with efficient partial file access to minimize token usage.

file_systems

skydeckai-code

4.1

by skydeckai

SkyDeckAI Code is an MCP server offering a suite of tools for AI-driven development workflows, enhancing AI's ability to assist in software development by providing access to local and remote resources.

developer_tools

needle-mcp

4.0

by needle-ai

MCP (Model Context Protocol) server to manage documents and perform searches using Needle through Claude’s Desktop Application.

file_systems

FileScopeMCP

3.9

by admica

FileScopeMCP is a TypeScript-based tool designed to analyze codebases, rank files by importance, track dependencies, and provide summaries to enhance code understanding.

developer_tools

mcp-obsidian

3.8

by MarkusPfundstein

MCP server to interact with Obsidian via the Local REST API community plugin.

file_systems

paperless-mcp

3.8

by baruchiro

An MCP server for interacting with a Paperless-NGX API server, providing tools for managing documents, tags, correspondents, and document types.

file_systems

editor-mcp

3.7

by danielpodrazka

Editor MCP is a Python-based text editor server built with FastMCP, providing tools for file operations through a standardized API.

file_systems

pdf-reader-mcp

3.6

by SylphxAI

PDF Reader MCP is a high-performance server designed to enhance AI agents with advanced PDF processing capabilities.

file_systems

ultimate_mcp_server

3.6

by Dicklesworthstone

Ultimate MCP Server is a comprehensive AI agent operating system that provides advanced capabilities for cognitive augmentation, tool use, and intelligent orchestration.

ai_chatbot

OpenSCAD-MCP-Server

3.5

by jhacksman

A Model Context Protocol (MCP) server that enables users to generate 3D models from text descriptions or images, with a focus on creating parametric 3D models using multi-view reconstruction and OpenSCAD.

cloud_platforms

rust-mcp-filesystem

3.5

by rust-mcp-stack

Rust MCP Filesystem is a high-performance, asynchronous MCP server for efficient filesystem operations, rewritten in Rust for enhanced capabilities.

file_systems

mcp-tool-kit

3.5

by getfounded

The MCP Tool Kit is a modular server implementation designed for building high precision vertical AI agents, reducing code usage by over 50% compared to the Python MCP SDK alone.

ai_chatbot

google-workspace-mcp

3.5

by aaronsb

The Google Workspace MCP Server is a Model Context Protocol server that allows users to manage their Google Workspace, including Gmail, Calendar, and Drive, through a secure and efficient interface.

cloud_platforms

mcp-excel-server

3.5

by yzfly

An MCP server that provides comprehensive Excel file management and data analysis capabilities.

file_systems

notes-mcp

3.5

by krasun

An MCP server that connects with your Apple Notes on macOS.

file_systems

paperless-mcp

3.5

by nloui

An MCP server for managing documents, tags, correspondents, and document types in Paperless-NGX.

file_systems

gdrive-mcp-server

3.5

by felores

A powerful Model Context Protocol (MCP) server that provides seamless integration with Google Drive, allowing AI models to search, list, and read files from Google Drive.

file_systems

obsidian-mcp-rest

3.5

by PublikPrinciple

An MCP server implementation that provides access to Obsidian vaults through a local REST API.

file_systems

UnityMCPIntegration

3.5

by quazaai

This package provides a seamless integration between Model Context Protocol (MCP) and Unity Editor, allowing AI assistants to understand and interact with Unity projects in real-time.

developer_tools

raindrop-mcp

3.5

by adeze

The Raindrop.io MCP Server allows interaction with the Raindrop.io bookmarking service using the Model Context Protocol (MCP), enabling AI agents to manage bookmarks efficiently.

file_systems