playbooks

home / mcp / filesystem mcp server

Filesystem MCP Server

A Bun-based MCP server enabling secure filesystem operations with granular permissions and comprehensive utilities.

Installation
Add the following to your MCP client configuration file.

Configuration

View docs
{
  "mcpServers": {
    "rawr-ai-mcp-filesystem": {
      "url": "https://glama.ai/rawr-ai/mcp-filesystem"
    }
  }
}

You can run a Bun-based MCP server that provides filesystem operations with granular permissions and safe, sandboxed access within designated directories. This server lets you read, write, modify, move, search, and manage files and directories, while enforcing strict security rules and per-operation permissions to keep your data safe.

How to use

Use an MCP client to connect to the filesystem MCP server and perform operations such as reading files, listing directories, creating or deleting folders, moving items, or converting XML to JSON. You can configure permissions to grant exactly the actions you need, and you can restrict operations to specific directories you specify at startup.

How to install

Prerequisites: you need a runtime capable of executing JavaScript/TypeScript MCP code. This server is Bun-based but can be run with Node for Node-compatible JavaScript clients.

Step by step commands:

curl -fsSL https://bun.sh/install | bash
bun install
bun run build
bun test

Configuration and usage notes

- The server enforces operations only within directories specified at startup via the args parameter. All path validations ensure you cannot traverse outside allowed paths or access symlink targets outside those directories.

- You can start the server in a local, Node-based or Bun-based fashion. If you run the TypeScript entry with Bun, you can execute the TypeScript entry directly. For Node-based runtimes, use a built JavaScript entry like node dist/index.js with the path to an allowed directory.

- Security features include symlink handling controls, path validation, and sandboxed operations to minimize risk when performing file operations.

Security, permissions and directories

- Permissions are granular. You can enable read-only mode or full access, or selectively enable create, edit, move, and delete permissions.

- Symlinks are followed by default only when both the link and its target reside within allowed directories. You can disable following symlinks to prevent escapes via linked paths.

Hosted access option

If you prefer a hosted MCP endpoint, you can connect to a remote MCP server that runs in the managed hosting environment. This provides centralized access to filesystem MCP capabilities without running your own instance.

Available tools

read_file

Read contents of a file with a limit on bytes returned to protect downstream consumers.

read_multiple_files

Read multiple files in a single operation; failed reads do not stop the entire call.

create_file

Create a new file with specified content; fails if the file already exists; requires create permission.

modify_file

Modify an existing file with new content; fails if the file is missing; requires edit permission.

edit_file

Perform selective edits using pattern matching with dry-run preview, diff output, and indentation preservation; requires edit permission.

create_directory

Create a new directory or ensure it exists; creates parent directories as needed; requires create permission.

list_directory

List directory contents with file or directory prefixes for quick inspection.

directory_tree

Get a recursive tree view of a directory's structure as JSON.

move_file

Move or rename files or directories; fails if destination exists; requires move permission.

delete_file

Delete a file; fails if the file does not exist; requires delete permission.

delete_directory

Delete a directory, with optional recursive deletion; fails if non-empty and recursive is false; requires delete permission.

search_files

Recursively search for files or directories by pattern with include/exclude options.

find_files_by_extension

Find all files with a specific extension within a path, with optional exclusions.

get_file_info

Retrieve detailed metadata for a file or directory.

get_permissions

Query the current server permissions and access controls.

list_allowed_directories

Return the list of directories the server is permitted to access.

xml_to_json

Convert XML to JSON with options to ignore attributes, preserve order, and format output.

xml_to_json_string

Convert XML to a JSON string with options and a capped response size.

xml_query

Execute XPath queries against an XML file and return structured results.

xml_structure

Analyze the XML structure, including elements and attributes, with optional depth and attribute details.

regex_search_content

Search file contents using a regular expression with file containment and depth controls.