✓ Verified 💻 Development ✓ Enhanced Data

Filesystem Mcp

Official Filesystem MCP Server for secure file operations with configurable access controls.

Rating
4.5 (282 reviews)
Downloads
8,052 downloads
Version
1.0.0

Overview

Official Filesystem MCP Server for secure file operations with configurable access controls.

Complete Documentation

View Source →

Filesystem MCP Server

Secure File Operations for AI Agents

Official MCP reference implementation providing safe, sandboxed filesystem access with fine-grained permission controls.

Why Filesystem MCP?

🔒 Security-First Design

  • Sandboxed Access: Agents can only access explicitly allowed directories
  • Permission Controls: Read-only, write, or full access per directory
  • Path Validation: Prevents directory traversal and unauthorized access
  • Audit Trail: All operations logged for security review

🤖 Essential for Agent Workflows

Most agent tasks involve files:
  • Reading documentation
  • Writing code files
  • Analyzing logs
  • Generating reports
  • Managing project files
  • Organizing content

📦 Zero External Dependencies

Pure implementation using Node.js built-in modules. No external API dependencies or rate limits.

Installation

bash
# Official reference implementation
npm install -g @modelcontextprotocol/server-filesystem

# Or build from source
git clone https://github.com/modelcontextprotocol/servers
cd servers/src/filesystem
npm install
npm run build

Configuration

Add to your MCP client config:

json
{
  "mcpServers": {
    "filesystem": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-filesystem",
        "/Users/yourname/Documents",
        "/Users/yourname/Projects"
      ]
    }
  }
}

Arguments = allowed directories (one or more paths)

Permission Modes

Read-Only Access:

json
"args": ["--read-only", "/path/to/docs"]

Full Access (default):

json
"args": ["/path/to/workspace"]

Example Configurations

#### Development Workspace

json
{
  "mcpServers": {
    "filesystem": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-filesystem",
        "/Users/dev/projects",
        "/Users/dev/workspace"
      ]
    }
  }
}

#### Documentation Access (Read-Only)

json
{
  "mcpServers": {
    "filesystem": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-filesystem",
        "--read-only",
        "/Users/docs/knowledge-base"
      ]
    }
  }
}

Available Tools

Directory Operations

#### 1. List Directory (list_directory)

text
Agent: "What files are in my Projects folder?"
Agent: "Show contents of /workspace/src"

Returns:

  • File names
  • File types (file, directory, symlink)
  • File sizes
  • Last modified timestamps
#### 2. Create Directory (create_directory)
text
Agent: "Create a new folder called 'components'"
Agent: "Make directory /workspace/tests"

#### 3. Move/Rename (move_file)

text
Agent: "Rename old-name.txt to new-name.txt"
Agent: "Move report.pdf to /Documents/Reports/"

File Operations

#### 4. Read File (read_file)

text
Agent: "Read the contents of config.json"
Agent: "Show me the README.md file"

Supports:

  • Text files (UTF-8)
  • JSON, YAML, XML
  • Markdown, code files
  • Large files (streaming)
#### 5. Write File (write_file)
text
Agent: "Create a file called notes.txt with meeting notes"
Agent: "Write the generated code to src/index.ts"

#### 6. Edit File (edit_file)

text
Agent: "Replace 'version: 1.0' with 'version: 2.0' in package.json"
Agent: "Add a new function to utils.js"

#### 7. Get File Info (get_file_info)

text
Agent: "When was report.pdf last modified?"
Agent: "What's the size of data.csv?"

Returns:

  • File size (bytes)
  • Creation time
  • Last modified time
  • Permissions
  • File type

Advanced Operations

#### 8. Search Files (search_files)

text
Agent: "Find all Python files in the project"
Agent: "Search for files containing 'API_KEY'"

Search by:

  • File name pattern (glob)
  • File content (regex)
  • File type
  • Date modified
#### 9. Delete File (delete_file)
text
Agent: "Delete the temporary log files"
Agent: "Remove old-backup.zip"

Safety:

  • Requires confirmation for large files
  • Cannot delete files outside allowed directories
  • Logged for audit

Agent Workflow Examples

Code Generation

text
Human: "Create a React component for a login form"

Agent:
1. create_directory("/workspace/components")
2. write_file("/workspace/components/LoginForm.tsx", generated_code)
3. write_file("/workspace/components/LoginForm.test.tsx", test_code)
4. "Created LoginForm component at components/LoginForm.tsx"

Log Analysis

text
Human: "Analyze error logs and summarize issues"

Agent:
1. list_directory("/var/log/app")
2. read_file("/var/log/app/error.log")
3. search_files(pattern="ERROR", path="/var/log/app")
4. generate_summary()
5. write_file("/reports/error-summary.md", summary)

Project Organization

text
Human: "Organize my documents by type"

Agent:
1. list_directory("/Documents")
2. For each file:
   - get_file_info(file)
   - Determine file type
   - create_directory("/Documents/[type]")
   - move_file(file, destination_folder)

Documentation Generation

text
Human: "Generate API documentation from code comments"

Agent:
1. search_files(pattern="*.ts", path="/src")
2. For each file:
   - read_file(file)
   - extract_doc_comments()
3. Generate markdown docs
4. write_file("/docs/API.md", generated_docs)

Security Model

Sandbox Enforcement

What Agents CAN Do:

  • ✅ Access explicitly allowed directories
  • ✅ Create/read/write files within allowed paths
  • ✅ List directory contents
  • ✅ Search within allowed paths
What Agents CANNOT Do:
  • ❌ Access parent directories (../)
  • ❌ Access system files (/etc/, /sys/)
  • ❌ Follow symlinks outside allowed paths
  • ❌ Execute binaries or scripts
  • ❌ Modify file permissions

Path Validation

text
Allowed: /Users/dev/projects
Agent tries: /Users/dev/projects/src/index.ts → ✅ Allowed
Agent tries: /Users/dev/projects/../secret → ❌ Blocked
Agent tries: /etc/passwd → ❌ Blocked

Best Practices

  • Principle of Least Privilege
  • Grant only necessary directories
  • Use --read-only when write not needed
  • Never Allow Root Access
  • Don't add / or system directories
  • Restrict to user workspace
  • Audit Agent Actions
  • Review MCP server logs regularly
  • Monitor for unexpected file access patterns
  • Separate Sensitive Data
  • Keep credentials, keys in separate directories
  • Don't include in allowed paths

Use Cases

📝 Content Management

Agents generate blog posts, reports, documentation and save to organized folders.

🤖 Code Assistants

Read project files, generate code, create tests, update configurations.

📊 Data Analysis

Read CSV/JSON data files, analyze, generate reports and visualizations.

🗂️ File Organization

Scan directories, categorize files, move to appropriate folders, cleanup duplicates.

📚 Knowledge Base

Index markdown files, search documentation, extract information, update wikis.

🔍 Log Analysis

Parse log files, identify errors, generate summaries, create alerts.

Performance

Large Files

  • Streaming for files >10MB
  • Incremental reads supported
  • Memory-efficient processing

Directory Scanning

  • Recursive search optimized
  • Glob pattern matching
  • Ignore patterns (e.g., node_modules/)

Concurrent Operations

  • Safe for parallel file access
  • Atomic write operations
  • File locking where needed

Troubleshooting

"Permission denied" Error

  • Verify path is in allowed directories
  • Check filesystem permissions
  • Ensure MCP server has read/write access

"Path not found" Error

  • Confirm directory exists
  • Check for typos in path
  • Verify path format (absolute vs relative)

Read-Only Mode Issues

  • Can't write in --read-only mode
  • Reconfigure server with write access if needed

vs Other File Access Methods

MethodSecurityAgent IntegrationSetup
Filesystem MCP✅ Sandboxed✅ Auto-discoveredSimple
Direct FS Access❌ Full system❌ ManualNone
File Upload/Download✅ Manual control⚠️ LimitedComplex
Cloud Storage API✅ API-level⚠️ Requires SDKComplex

Resources

  • GitHub: https://github.com/modelcontextprotocol/servers/tree/main/src/filesystem
  • MCP Docs: https://modelcontextprotocol.io/
  • Security Best Practices: https://modelcontextprotocol.io/docs/concepts/security

Advanced Configuration

json
{
  "mcpServers": {
    "filesystem": {
      "command": "node",
      "args": [
        "/path/to/filesystem-server/build/index.js",
        "/workspace",
        "/documents"
      ],
      "env": {
        "MAX_FILE_SIZE": "10485760",
        "ENABLE_LOGGING": "true",
        "LOG_PATH": "/var/log/mcp-filesystem.log"
      }
    }
  }
}

Safe, secure filesystem access for agents: From code generation to log analysis, Filesystem MCP is the foundation for agent file operations.

Installation

Terminal bash 

openclaw install filesystem-mcp
Copied!

💻Code Examples

npm run build

npm-run-build.txt
## Configuration

Add to your MCP client config:

}

.txt
**Arguments** = allowed directories (one or more paths)

### Permission Modes

**Read-Only Access:**

"args": ["/path/to/workspace"]

args-pathtoworkspace.txt
### Example Configurations

#### Development Workspace

}

.txt
## Available Tools

### Directory Operations

#### 1. **List Directory** (`list_directory`)

Agent: "Show contents of /workspace/src"

agent-show-contents-of-workspacesrc.txt
**Returns:**
- File names
- File types (file, directory, symlink)
- File sizes
- Last modified timestamps

#### 2. **Create Directory** (`create_directory`)

Agent: "Move report.pdf to /Documents/Reports/"

agent-move-reportpdf-to-documentsreports.txt
### File Operations

#### 4. **Read File** (`read_file`)

Agent: "Show me the README.md file"

agent-show-me-the-readmemd-file.txt
**Supports:**
- Text files (UTF-8)
- JSON, YAML, XML
- Markdown, code files
- Large files (streaming)

#### 5. **Write File** (`write_file`)

Agent: "What's the size of data.csv?"

agent-whats-the-size-of-datacsv.txt
**Returns:**
- File size (bytes)
- Creation time
- Last modified time
- Permissions
- File type

### Advanced Operations

#### 8. **Search Files** (`search_files`)

Agent: "Search for files containing 'API_KEY'"

agent-search-for-files-containing-apikey.txt
**Search by:**
- File name pattern (glob)
- File content (regex)
- File type
- Date modified

#### 9. **Delete File** (`delete_file`)

Agent: "Remove old-backup.zip"

agent-remove-old-backupzip.txt
**Safety:**
- Requires confirmation for large files
- Cannot delete files outside allowed directories
- Logged for audit

## Agent Workflow Examples

### Code Generation

Tags

#devops_and-cloud

Quick Info

Category Development
Model Claude 3.5
Complexity One-Click
Author buddhasource
Last Updated 3/10/2026
🚀
Optimized for
Claude 3.5
🧠

Ready to Install?

Get started with this skill in seconds

openclaw install filesystem-mcp

Resources

📂
OpenClaw Skills
View on OpenClaw GitHub

Related Skills

✓ Verified 💻 Development

4claw

4claw — a moderated imageboard for AI agents.

🧠 Claude-Ready #ai_and-llms
)}
4.4 (118)
4,990
v1.0.0
✓ Verified 💻 Development

Aap Passport

Agent Attestation Protocol - The Reverse Turing Test.

🧠 Claude-Ready #ai_and-llms
)}
4.3 (89)
4,621
v1.0.0
✓ Verified 💻 Development

Acestep Lyrics Transcription

Transcribe audio to timestamped lyrics using OpenAI Whisper or ElevenLabs Scribe API.

GPT-Optimized #ai_and-llms #api #script
)}
3.8 (274)
17,648
v1.0.0
✓ Verified 💻 Development

Adaptive Suite

A continuously adaptive skill suite that empowers Clawdbot.

🧠 Claude-Ready #ai_and-llms #bot
)}
4.7 (88)
1,625
v1.0.0