Filesystem (Reference)
Secure local file operations with configurable directory access controls for AI agents.
🛡️ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for Filesystem (Reference), derived from its capabilities.
AIVSS 7.8 · High
View MAESTRO 7-layer threat model →Overview
Official MCP reference server giving an agent read/write/search access to the local filesystem, scoped to explicitly allowed directories. Tools cover reading files, writing/editing files, creating and moving directories, and searching by name. Its security surface is broad: over-wide allowed paths can expose the whole disk, and tool output can carry injected instructions from file contents.
Key features
- Scoped allowed-directory access controls
- Read/write/edit/move file tools
- Directory listing and name search
Use cases
- Let an agent read and edit a local project
- Search and summarize files on disk