filesystem
A secure, high-performance MCP server that gives AI coding agents like Crush and OpenCode safe access to your local filesystem.
claude mcp add --transport stdio portertech-filesystem-mcp-server docker run -i portertech/filesystem-mcp-server
How to use
The Filesystem MCP Server provides a secure, sandboxed interface for AI agents to interact with your local filesystem. Built in Go with strict directory sandboxing, symlink attack prevention, and atomic writes, it exposes a suite of 17 file-related tools that let agents read, write, copy, move, delete, and inspect files and directories within explicitly allowed roots. The server is optimized for AI agents that need safe, programmatic access to code files, assets, or project directories while preserving system integrity. You can start the server with Docker and then issue the available tool calls to perform operations such as reading text, listing directories, or performing atomic writes, all while honoring the configured allowed paths.
How to install
Prerequisites:
- Docker installed and running
- Optional: Go installed if you want to build from source
Recommended installation (Docker):
- Pull the prebuilt Docker image:
docker pull portertech/filesystem-mcp-server
- Run the server with your allowed directories configured at runtime (example below shows how to expose an allowed root; adjust as needed):
docker run -i portertech/filesystem-mcp-server /path/to/allowed/dir
Alternative (Build from source):
# Install Go if not already installed
# Clone the repository
git clone https://github.com/portertech/filesystem-mcp-server.git
cd filesystem-mcp-server
# Build the binary
make build
# Run locally (example):
./filesystem /path/to/allowed/dir
Prebuilt binaries are also available on the GitHub Releases page for quick deployment.
Additional notes
Tips and common issues:
- Always start the server with at least one allowed root directory. All tool operations are restricted to these roots.
- If you enable verbose logging, you can better diagnose path resolution and symlink handling issues.
- Use read_text_file for reading large text files efficiently; it supports partial reads and line numbers for AI-friendly output.
- Ensure your environment respects file permissions; the server reports metadata including permissions to help you audit access.
- For write operations, atomic writes are used to prevent partial writes in case of interruptions.
- When using Docker, consider mounting a host directory as a volume and passing it as the allowed root to ensure persistence across restarts.
Related MCP Servers
trpc-agent-go
trpc-agent-go is a powerful Go framework for building intelligent agent systems using large language models (LLMs) and tools.
station
Station is our open-source runtime that lets teams deploy agents on their own infrastructure with full control.
tiger-cli
Tiger CLI is the command-line interface for Tiger Cloud. It includes an MCP server for helping coding agents write production-level Postgres code.
gopls
MCP server for golang projects development: Expand AI Code Agent ability boundary to have a semantic understanding and determinisic information for golang projects.
kubernetes
A Model Context Protocol (MCP) server for the Kubernetes API.
gcp-cost
💰 An MCP server that enables AI assistants to estimate Google Cloud costs, powered by Cloud Billing Catalog API and built with Genkit for Go
