Filesystem MCP Server

Name: Filesystem MCP Server
Author: Anthropic (reference implementation)

Official★MCPpedia Verified

@modelcontextprotocol/server-filesystem · by Anthropic (reference implementation)

Read, write, and manage files on the local filesystem

85.9k 297.5k/wk 7 tools GitHub npm

2 open CVEs

MIT license

Maintained

Last commit 31d ago

Works with most clients

Transport: stdio

7 tools · ~166 tok

Grade A · 0.1% of 200K ctx

Edit this pageView history

Developer Tools

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "filesystem": {
      "args": [
        "-y",
        "@modelcontextprotocol/server-filesystem",
        "/Users/username/Desktop"
      ],
      "command": "npx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/filesystem)](https://mcppedia.org/s/filesystem)

Read me

What Filesystem MCP Server does

The Filesystem MCP Server gives your AI assistant read and write access to files on your local machine. You specify which directories it can access when configuring the server. It can read, write, create, move, search, and get metadata about files. Essential for any development workflow.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y '@modelcontextprotocol/server-filesystem' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

88/100across 5 weighted dimensions

How we score →

0255075100

−12

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

2 open

CVE-2025-53110mediumCVSS 4

@modelcontextprotocol/server-filesystem vulnerability allows for path validation bypass via colliding path prefix

Versions of Filesystem prior to 0.6.3 & 2025.7.1 could allow access to unintended files in cases where the prefix matches an allowed directory. Users are advised to upgrade to 2025.7.1 to resolve the issue. Thank you to Elad Beber (Cymulate) for reporting these issues.

Affected: >= 0source →

CVE-2025-53109mediumCVSS 4

@modelcontextprotocol/server-filesystem allows for path validation bypass via prefix matching and symlink handling

Versions of Filesystem prior to 0.6.3 & 2025.7.1 could allow access to unintended files via symlinks within allowed directories. Users are advised to upgrade to 2025.7.1 to resolve. Thank you to Elad Beber (Cymulate) for reporting these issues.

Affected: >= 0source →

Inventory

Tools (7)

Click any tool to inspect its schema.

~166 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Filesystem MCP Server safe to use?: Filesystem MCP Server has 2 known CVEs tracked by MCPpedia. You can verify these on OSV.dev by searching for "@modelcontextprotocol/server-filesystem". Review the Security section above for details before installing.
How do I install Filesystem MCP Server?: Filesystem MCP Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Filesystem MCP Server do?: Filesystem MCP Server provides 7 tools: read_file, write_file, list_directory, create_directory, move_file and 2 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Filesystem MCP Server?: Filesystem MCP Server is compatible with claude-desktop, cursor, claude-code. It uses stdio transport.
Is Filesystem MCP Server actively maintained?: Filesystem MCP Server is recently maintained — last commit was 31 days ago. It has 85,853 GitHub stars.

Similar servers

Others in developer-tools

View all →

XcodeBuildMCP97

XcodeBuildMCP provides tools for Xcode project management, simulator management, and app utilities.

5.6k 1

Supabase MCP Server97

Manage Supabase projects — databases, auth, storage, and edge functions

2.7k 4

XcodeBuildMCP97

A Model Context Protocol (MCP) server and CLI that provides tools for agent use when working on iOS and macOS projects.

5.6k 2

Mcp Gitlab96

MCP server for using the GitLab API

1.5k 12

MCP Security Weekly

Get CVE alerts and security updates for Filesystem MCP Server and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Frequently Asked Questions

Is Filesystem MCP Server safe to use?

Filesystem MCP Server has 2 known CVEs tracked by MCPpedia. You can verify these on OSV.dev by searching for "@modelcontextprotocol/server-filesystem". Review the Security section above for details before installing.

How do I install Filesystem MCP Server?

Filesystem MCP Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What can Filesystem MCP Server do?

Filesystem MCP Server provides 7 tools: read_file, write_file, list_directory, create_directory, move_file and 2 more. See the full tools list on the server page for descriptions and parameters.

What AI clients work with Filesystem MCP Server?

Filesystem MCP Server is compatible with claude-desktop, cursor, claude-code. It uses stdio transport.

Is Filesystem MCP Server actively maintained?

Filesystem MCP Server is recently maintained — last commit was 31 days ago. It has 85,853 GitHub stars.