Secure file operations with configurable access controls
## Filesystem MCP Server: Secure File System Access for AI The **Filesystem MCP Server** is the official MCP server that provides safe, controlled access to your local file system from Google Antigravity. Read, write, and manage files within specified directories while maintaining security boundaries that prevent unauthorized access. ### Why Filesystem MCP? AI assistants need file system access to be truly useful for development tasks. However, unrestricted access poses security risks. The Filesystem MCP solves this by providing: - **Sandboxed Access**: Only access directories you explicitly allow - **Safe Operations**: Prevent accidental deletion of critical files - **Flexible Permissions**: Read-only or read-write access per directory - **Cross-Platform**: Works on macOS, Linux, and Windows ### Key Features #### 1. File Reading Read files with natural language: ``` "Read the contents of package.json" "Show me the README.md file" "List all TypeScript files in the src directory" "Read the last 100 lines of the log file" ``` Supports: - Text files with automatic encoding detection - Binary files as base64 - Large files with pagination - File metadata (size, modified date, permissions) #### 2. File Writing Create and modify files safely: ``` "Create a new file called config.ts with this content" "Append this log entry to debug.log" "Update the version in package.json to 2.0.0" "Create the src/components directory" ``` Features: - Atomic writes to prevent corruption - Backup creation before modifications - Directory creation with nested paths - Write permissions validation #### 3. Directory Operations Manage directories effectively: ``` "List all files in the project root" "Show the directory structure of src" "Create a new tests directory" "Find all JavaScript files recursively" ``` Operations include: - Directory listing with filtering - Recursive tree views - Directory creation and deletion - Path normalization #### 4. File Search Find files quickly: ``` "Find all files containing TODO" "Search for files named config" "List all .env files in the project" "Find files modified in the last hour" ``` #### 5. File Operations Manage files efficiently: - Copy files and directories - Move and rename files - Delete files with confirmation - Create symbolic links ``` "Copy the template to a new project file" "Rename utils.js to helpers.ts" "Move all test files to the __tests__ directory" ``` ### Configuration Set up Filesystem MCP with allowed directories: ```json { "mcpServers": { "filesystem": { "command": "npx", "args": [ "-y", "@modelcontextprotocol/server-filesystem", "/Users/you/projects", "/Users/you/documents" ] } } } ``` ### Security Model The Filesystem MCP implements several security measures: #### Directory Sandboxing Only directories specified in the configuration are accessible: ```json { "args": [ "@modelcontextprotocol/server-filesystem", "/allowed/path1", "/allowed/path2" ] } ``` Attempts to access files outside these directories are blocked. #### Path Traversal Protection The server prevents path traversal attacks: - `../` sequences are blocked - Symbolic links are resolved within bounds - Absolute paths must be within allowed directories #### Permission Preservation The server respects system file permissions: - Cannot read files you cannot read - Cannot write to read-only locations - Cannot delete protected files ### Common Workflows #### Project Setup ``` 1. "Create a new project directory structure" 2. "Initialize package.json with basic settings" 3. "Create the src, tests, and docs directories" 4. "Add a .gitignore file with common patterns" ``` #### Code Analysis ``` 1. "Find all files importing the deprecated module" 2. "List all React components in the project" 3. "Show me files that haven't been modified recently" ``` #### Batch Operations ``` 1. "Rename all .jsx files to .tsx" 2. "Add license headers to all source files" 3. "Update imports across all files" ``` ### Best Practices 1. **Minimal Access**: Only allow directories you actually need 2. **Separate Configs**: Different configurations for different projects 3. **Avoid System Dirs**: Never allow access to /etc, /usr, or system folders 4. **Regular Review**: Periodically review what directories are accessible 5. **Use Relative Paths**: When possible, reference files relative to project root ### Integration with Development The Filesystem MCP is essential for: - **Code Generation**: Creating new files and components - **Refactoring**: Updating code across multiple files - **Documentation**: Reading and updating project docs - **Configuration**: Managing project settings ### Advanced Features #### Watch Mode Monitor files for changes: ``` "Watch for changes in the src directory" "Alert me when config files change" ``` #### File Comparison Compare file contents: ``` "Compare the old and new config files" "Show differences between these two files" ``` #### Encoding Handling Handle various file encodings: - UTF-8 (default) - UTF-16 and UTF-32 - ASCII and Latin-1 - Binary files ### Troubleshooting Common issues: - **Permission Denied**: Check file and directory permissions - **Path Not Found**: Verify the path is within allowed directories - **Encoding Errors**: Specify encoding for non-UTF-8 files - **Large Files**: Use pagination for very large files The Filesystem MCP Server is the foundation of AI-assisted development, providing the secure file access that makes intelligent code editing possible.
{
"mcpServers": {
"filesystem": {
"args": [
"-y",
"@modelcontextprotocol/server-filesystem",
"/Users/username/Desktop",
"/path/to/other/allowed/dir"
],
"command": "npx"
}
}
}