Skip to main content
mcpFirst-partyLow risk Safety Privacy
Anthropic logo

Filesystem MCP Server - MCP Servers

Official MCP server providing secure file system operations for Claude Desktop and Claude Code

by Anthropic·added 2025-09-15·
HarnessClaude CodeClaude Desktop

Citation facts

Source-backed facts for citing this resource, derived directly from the registry — also available as plain text for AI assistants.

Source URLs
https://github.com/modelcontextprotocol/servers/blob/main/src/filesystem/README.md, https://github.com/JSONbored/awesome-claude/blob/main/content/mcp/filesystem-mcp-server.mdx
Brand
Anthropic
Brand domain
anthropic.com
Brand asset source
brandfetch
Package URL
/downloads/mcp/filesystem-mcp-server.mcpb
Package SHA256
da141637f603f2298808a0aa503696894f46ec0b651afd4a4042c9464e44eb97
Safety notes
Limit allowed roots to the specific folders Claude needs because file operations can read, write, overwrite, or delete local data.
Privacy notes
Local file contents, filenames, directory structure, and system paths may be sent through the MCP client and model context.
Author
Anthropic
Claim status
unclaimed
Last verified
2025-09-15

Decision playbook

Ready to evaluate for your workflow

Signals are comparatively strong, but you should still validate source, privacy posture, and package provenance for your environment.

Compare context
Selected

0

Current score

96

Baseline

Delta

No baseline selected

No major trust-signal divergence detected in the current selection.

Source and provenance checks

Complete

Confirm ownership and provenance before trusting install instructions.

  • Source link availableRequired

    Open the canonical repository and verify ownership.

    Done
  • Source provenance statusRequired

    Marked as first-party.

    Done
  • Metadata reviewed

    Registry metadata indicates a reviewed listing.

    Done

Safety and privacy checks

Complete

Validate risk disclosures before installation or API wiring.

  • Safety notes presentRequired

    Review the listed safety guidance before running commands.

    Done
  • Privacy notes presentRequired

    Review data handling notes before connecting accounts or secrets.

    Done
  • Trust level risk gateRequired

    Trust level does not block evaluation.

    Done

Package and install checks

Complete

Check package metadata and artifact integrity signals.

  • Install payload available

    Install or copy payload is available for review.

    Done
  • Package verification flag

    Package marked verified.

    Done
  • Checksum metadata

    SHA-256 hash is present.

    Done

Compare-driven decision checks

Needs review

Use compare context to validate trade-offs before adoption.

  • Compare tray has multiple entries

    Add at least one more entry to compare trust differences.

    Pending
  • Baseline comparison available

    No baseline peer selected yet.

    Pending
  • Diverging trust signals identified

    No major trust-signal divergence found.

    Pending

Setup at a glance

Package install

Copy-ready — paste the snippet to get started.

3 minutes

Install command

Provided

Config snippet

Provided

Copy snippet

Provided

Prerequisites

10 to clear

Platforms

2 listed

Difficulty

1/100

Adoption plan

Balanced adoption plan

Current risk score 0/100. Use staged verification before broader rollout.

Risk 0

Pre-adoption checks

Validate source and review signals before any execution.

  • Confirm source provenanceRequired

    Source URL/provenance metadata is present.

    Done
  • Confirm metadata review state

    Listing has review metadata.

    Done
  • Verify install payload

    Install/config payload exists and can be inspected.

    Done

Security checks

Confirm safety, privacy, and package integrity signals.

  • Review safety notesRequired

    Safety notes are present.

    Done
  • Review privacy notesRequired

    Privacy notes are present.

    Done
  • Verify package integrity metadata

    Package verification/checksum metadata is available.

    Done

Rollout

Adopt in controlled steps based on the selected plan.

  • Run in isolated sandbox firstRequired

    Use a constrained sandbox and observe behavior across multiple tasks.

    Pending
  • Roll out graduallyRequired

    Roll out to a small cohort before wider usage.

    Pending
  • Set monitoring and fallback

    Define rollback path and monitor errors after adoption.

    Pending

Evidence readiness

Evidence readiness matrix · balanced

Required evidence gates are covered (6/6 signals complete).

Risk 0

Source provenance

Present

Source repository/provenance is listed.

Required in this preset

Metadata review

Present

Review metadata is present.

Required in this preset

Safety notes

Present

Safety notes are present.

Required in this preset

Privacy notes

Present

Privacy notes are present.

Optional in this preset

Package integrity

Present

Package integrity metadata is present.

Optional in this preset

Install payload

Present

Install payload is available.

Required in this preset

Required evidence gates are covered for this preset.

Decision timeline

Decision timeline · balanced

6/6 steps complete with no blocking gaps for this preset.

Risk 0

triage

Confirm source provenanceRequired

Source/provenance metadata is available.

Done

triage

Check metadata review statusRequired

Review metadata is available.

Done

verify

Review safety notesRequired

Safety notes are available.

Done

verify

Review privacy notes

Privacy notes are available.

Done

verify

Validate package integrity metadata

Package integrity metadata is available.

Done

rollout

Verify install payload and commandsRequired

Install payload is available.

Done

No required blockers for this timeline preset.

Prerequisite readiness

Prerequisite readiness

10 prerequisites to line up before setup.

0/10 ready
Install & runtime2Configuration2Permissions & scopes4Network & hosting23 minutes

Safety & privacy surface

Safety & privacy surface

1 safety and 1 privacy notes across 1 risk area.

1 area
  • SafetyLocal filesLimit allowed roots to the specific folders Claude needs because file operations can read, write, overwrite, or delete local data.
  • PrivacyLocal filesLocal file contents, filenames, directory structure, and system paths may be sent through the MCP client and model context.

Safety notes

  • Limit allowed roots to the specific folders Claude needs because file operations can read, write, overwrite, or delete local data.

Privacy notes

  • Local file contents, filenames, directory structure, and system paths may be sent through the MCP client and model context.

Prerequisites

  • Node.js 14 or higher installed (verify with: node --version)
  • npx available (comes with Node.js, verify with: npx --version)
  • File system read/write permissions for directories you want to access
  • Understanding of absolute vs relative paths (must use absolute paths in configuration for security)
  • Claude Desktop 0.7.0+ or Claude Code with MCP support
  • Understanding of directory access controls (server only accesses explicitly allowed directories)
  • Platform: macOS, Windows, or Linux (cross-platform support)
  • Ability to create and edit JSON configuration files (.mcp.json or claude_desktop_config.json)
  • Understanding of file system operations and permissions (for troubleshooting access issues)
  • Knowledge that only directories specified in configuration are accessible (security feature prevents unauthorized access)

Schema details

Install type
package
Reading time
1 min
Difficulty score
1
Troubleshooting
Yes
Breaking changes
No
Package metadata
Package verified
Yes
SHA-256
da141637f603f2298808a0aa503696894f46ec0b651afd4a4042c9464e44eb97
Skill and platform metadata
Retrieval sources
https://github.com/modelcontextprotocol/servers/blob/main/src/filesystem/README.mdhttps://modelcontextprotocol.io/introduction
Collection metadata
Estimated setup
3 minutes
Difficulty
beginner
Full copyable content
{
  "filesystem": {
    "args": [
      "-y",
      "@modelcontextprotocol/server-filesystem",
      "/path/to/allowed/directory"
    ],
    "command": "npx"
  }
}

About this resource

Content

Securely enable Claude to read, write, and manage files in your local file system with granular directory access controls. The official Filesystem MCP Server from Anthropic provides safe file operations with built-in protections, allowing you to work with project files, analyze codebases, create new files, and perform refactoring operations through natural language commands.

Features

  • Secure file operations with proper permissions
  • Directory management and browsing
  • Configurable access controls to specific directories
  • Built-in protections against unauthorized access
  • Read, write, and manage files safely
  • Create and manage directory structures
  • Advanced filesystem operations with recursive directory traversal, file metadata management, and permission handling
  • Batch operations support for efficient bulk file operations, directory management, and content processing with automatic error handling
  • Real-time file system monitoring capabilities with change detection support for tracking file modifications and triggering automated workflows

Use Cases

  • Read file contents and analyze code
  • Create and modify files in your project
  • Browse directory structures and file organization
  • Search for files containing specific content
  • Manage project files and folders
  • Backup and organize important files
  • Build automated file management workflows that sync external systems with local filesystems for real-time document processing and content management

Installation

Claude Code

  1. Create a .mcp.json file in your project root directory
  2. Add the Filesystem server configuration with your allowed directory path (use absolute path)
  3. Verify installation: claude mcp list
  4. Test connection: claude mcp status filesystem

Claude Desktop

  1. Open your Claude Desktop configuration file (see configPath below)
  2. Add the Filesystem MCP server configuration with your allowed directory path (use absolute path)
  3. Restart Claude Desktop
  4. Verify the connection by asking Claude to list files in the allowed directory

Requirements

  • Node.js 14 or higher installed (verify with: node --version)
  • npx available (comes with Node.js, verify with: npx --version)
  • File system read/write permissions for directories you want to access
  • Understanding of absolute vs relative paths (must use absolute paths in configuration for security)
  • Claude Desktop 0.7.0+ or Claude Code with MCP support
  • Understanding of directory access controls (server only accesses explicitly allowed directories)
  • Platform: macOS, Windows, or Linux (cross-platform support)
  • Ability to create and edit JSON configuration files (.mcp.json or claude_desktop_config.json)
  • Understanding of file system operations and permissions (for troubleshooting access issues)
  • Knowledge that only directories specified in configuration are accessible (security feature prevents unauthorized access)

Configuration

{
  "filesystem": {
    "args": [
      "-y",
      "@modelcontextprotocol/server-filesystem",
      "/path/to/allowed/directory"
    ],
    "command": "npx"
  }
}

Examples

Reading Project Configuration Files

Access configuration files to understand project setup, dependencies, and build configurations. Claude can analyze and suggest optimizations.

// Read package.json and analyze dependencies
"Show me the contents of package.json and explain the dependencies";

// Read TypeScript config
"Read tsconfig.json and suggest improvements for a Next.js project";

Creating New Files and Directories

Generate new files and directory structures. Perfect for scaffolding components, modules, or configuration files.

// Create a new React component
"Create src/components/Button.tsx with a reusable Button component using TypeScript"

// Create multiple related files
"Set up a new feature module:
- Create src/features/auth/
- Add index.ts, types.ts, and hooks.ts files"

Searching and Analyzing Codebase

Search through your codebase for patterns, imports, comments, or specific code structures. Essential for code reviews and refactoring.

// Find specific patterns
"Find all TypeScript files in src/ that use useState";

// Search for TODOs and FIXMEs
"List all files containing TODO or FIXME comments";

// Analyze imports
"Show me all files that import from 'react-query'";

Reading and Modifying Multiple Files

Work with multiple files simultaneously. Perfect for refactoring, updating configurations, or analyzing project architecture.

// Update multiple related files
"Update all API client files in src/api/ to use the new authentication header";

// Read project structure
"Show me the directory structure of src/ and list all component files";

Project Setup and Configuration

Set up project configuration files, environment templates, and development tools. Claude can generate properly structured config files.

// Initialize new configuration
"Create .env.example file with all required environment variables from the codebase";

// Setup linting
"Create .eslintrc.json with React and TypeScript rules";

Code Migration and Refactoring

Perform large-scale code migrations and refactoring operations. The filesystem server handles file moves and updates safely.

// Migrate file structure
"Move all files from src/old-components/ to src/components/ and update all imports";

// Refactor code style
"Convert all CommonJS requires in src/ to ES6 imports";

Read and Write File

Read a file, modify its content, and write it back to the filesystem

// Read and write file using filesystem MCP
const content = await filesystem.readFile({
  path: "/path/to/file.txt",
});
await filesystem.writeFile({
  path: "/path/to/output.txt",
  content: content + "\nModified by Claude",
});

Security

  • Limit directory access to only necessary paths
  • Use absolute paths to prevent directory traversal
  • Monitor file operations in Claude Desktop logs
  • Backup important files before allowing write operations
  • Built-in protections against unauthorized access
  • Filesystem MCP server grants file system access - ensure server is configured with restricted directory paths and never granted access to sensitive system directories
  • File paths and directory structures may expose system architecture and user data - ensure filesystem resource paths are kept private and not shared in public configurations
  • Filesystem operations execute with user privileges and could potentially access sensitive files - review server configuration and restrict access to specific directories only
  • Rate limiting and resource management are critical for filesystem MCP servers - implement proper error handling, retry logic, and resource monitoring to prevent system overload
  • Filesystem change events and file content may contain sensitive information - ensure file monitoring and content access are properly secured and access-controlled

Troubleshooting

Permission denied when accessing files or directories

Verify filesystem server has read/write permissions to target directories. Run ls -l (Unix) or icacls (Windows) to check ownership and permissions. Use absolute paths in ALLOWED_DIRS config, not relative paths.

Directory not allowed error from MCP server

Add directory to allowed directories in MCP server config args. Use absolute path: npx -y @modelcontextprotocol/server-filesystem /absolute/path/to/directory. Restart Claude Desktop after config change.

MCP server fails to start or connect

Verify Node.js is installed: run node --version (requires v14+). Check Claude Desktop config syntax is valid JSON. Ensure no other process is using same MCP server instance.

File operations fail or return no results

Confirm target files exist in allowed directories. Check file paths are absolute and accessible. Verify filesystem server process is running via Claude Desktop logs or MCP status.

Filesystem MCP server permission denied errors

Verify file and directory permissions allow read/write access. Check user permissions for target paths. Ensure server process has necessary filesystem permissions. For restricted directories, adjust permissions or use sudo (with caution).

Filesystem operations failing with path errors

Verify file paths are correct and use absolute paths. Check path format matches operating system requirements (forward slashes on Unix, backslashes on Windows). Ensure directories exist before file operations.

Filesystem MCP server connection timeouts or performance issues

Check filesystem performance and disk I/O. Verify network filesystem connectivity if using remote mounts. Increase request timeout values. Implement connection pooling and retry mechanisms with exponential backoff.

Filesystem operations failing with disk space errors

Check available disk space on target filesystem. Verify disk quotas are not exceeded. Clean up temporary files. Monitor disk usage and implement cleanup routines for large file operations.

Source citations

Add this badge to your README

Show that Filesystem MCP Server - MCP Servers is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.

Listed on HeyClaude
[![Listed on HeyClaude](https://heyclau.de/badge/mcp/filesystem-mcp-server.svg)](https://heyclau.de/entry/mcp/filesystem-mcp-server)

How it compares

Filesystem MCP Server - MCP Servers side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.

1 trust signal differ across this comparison (Source provenance).

Field

Official MCP server providing secure file system operations for Claude Desktop and Claude Code

Open dossier

Official MCP server providing Git repository tools for reading, searching, and manipulating Git repositories

Open dossier

Official MCP server providing read-only access to PostgreSQL databases with schema inspection and query capabilities

Open dossier

Analyze, troubleshoot, and optimize Plaid integrations for banking data and financial account linking

Open dossier
Next steps
Trust
Review statusReviewedMaintainer reviewedReviewedMaintainer reviewedReviewedMaintainer reviewedReviewedMaintainer reviewed
Package trustPackage verifiedPackage verifiedPackage verifiedPackage verified
Source provenanceDiffersSource-backedNo submission linkNo submission linkNo submission link
Submitter
Install riskLow riskLow riskLow riskLow risk
Notes Safety Privacy Safety Privacy Safety Privacy Safety Privacy
BrandAnthropic logoAnthropicAnthropic logoAnthropicAnthropic logoAnthropicPlaid logoPlaid
Categorymcpmcpmcpmcp
Sourcefirst-partyfirst-partyfirst-partyfirst-party
AuthorAnthropicAnthropicAnthropicPlaid
Added2025-09-152025-09-162025-09-162025-09-18
Platforms
Claude CodeClaude Desktop
Claude CodeClaude Desktop
Claude CodeClaude Desktop
Claude CodeClaude Desktop
Source repo
Safety notesLimit allowed roots to the specific folders Claude needs because file operations can read, write, overwrite, or delete local data.Restrict access to intended repositories and review write operations because commands can alter branches, commits, and working trees.Use a read-only database user with restricted schemas unless write access is explicitly needed and reviewed.Use sandbox or restricted Plaid credentials and avoid exposing production banking tokens outside the required workflow.
Privacy notesLocal file contents, filenames, directory structure, and system paths may be sent through the MCP client and model context.Source code, commit history, author metadata, file paths, and repository configuration may be sent through tool calls.Queried schemas, table names, rows, connection details, and application data may be exposed through tool calls.Account-linking data, balances, transactions, institution identifiers, and financial metadata may be sent through model context.
Prerequisites
  • Node.js 14 or higher installed (verify with: node --version)
  • npx available (comes with Node.js, verify with: npx --version)
  • File system read/write permissions for directories you want to access
  • Understanding of absolute vs relative paths (must use absolute paths in configuration for security)
  • Git installed (verify with: git --version, install via sudo apt install git (Linux) or brew install git (macOS))
  • Node.js and npx available (comes with Node.js, verify with: npx --version)
  • Local Git repository (server works with local repositories only, navigate to repository root directory)
  • File system read permissions for repository directory (check with ls -l or icacls)
  • PostgreSQL database (local or remote PostgreSQL server)
  • PostgreSQL connection string (PostgreSQL connection URI with user, password, host, port, and database format)
  • Node.js and npx (for running @modelcontextprotocol/server-postgres package)
  • Network access (if connecting to remote PostgreSQL server)
  • Plaid account (create account on Plaid Dashboard to get API credentials)
  • API credentials (client_id and secret from Plaid Dashboard)
  • SSE or HTTP transport support (remote MCP server at https://api.dashboard.plaid.com/mcp/sse or https://api.dashboard.plaid.com/mcp)
  • Internet connection (remote Plaid API access required)
Install
claude mcp list && claude mcp status filesystem
claude mcp list && claude mcp status git
claude mcp list && claude mcp status postgres
claude mcp list && claude mcp status plaid
Config
Manual-only setup:
{
  "filesystem": {
    "args": [
      "-y",
      "@modelcontextprotocol/server-filesystem",
      "/path/to/allowed/directory"
    ],
    "command": "npx"
  }
}
{
  "mcpServers": {
    "git": {
      "args": [
        "-y",
        "@modelcontextprotocol/server-git"
      ],
      "command": "npx",
      "type": "stdio"
    }
  }
}
Manual-only setup:
{
  "postgres": {
    "args": [
      "-y",
      "@modelcontextprotocol/server-postgres",
      "postgresql://localhost/mydb"
    ],
    "command": "npx"
  }
}
{
  "mcpServers": {
    "plaid": {
      "url": "https://api.dashboard.plaid.com/mcp/sse",
      "type": "sse"
    }
  }
}
Citations
ClaimUnclaimedUnclaimedUnclaimedUnclaimed
Open 4 picks in the interactive comparison tool

Signals

Loading live community signals…

More like this, weekly

A short, calm digest of reviewed Claude resources. Unsubscribe any time.