Filesystem MCP Server

Read, write, and manage files on the local filesystem

CommunityActiveNot tested★MCPpedia VerifiedUpdated 4/3/2026

Developer Tools

★ 82.8k↓ 605.7k/wknpm

Edit this page

MCPpedia
Score

2 CVE(s)Active7 toolsstdioMIT

How we score →

Should you use this server?

The Filesystem MCP Server gives your AI assistant read and write access to files on your local machine. You specify which directories it can access when configuring the server. It can read, write, create, move, search, and get metadata about files. Essential for any development workflow.

✗

Is it safe?

2 open CVEs. Verify on OSV.dev →

No authentication — any process on your machine can connect to this server.

MIT. View license →

Last scanned 0 days ago.

✓

Is it maintained?

Last commit 5 days ago. 82,844 GitHub stars. 605,701 weekly downloads.

Will it work with my client?

Transport: stdio. Works with claude-desktop, cursor, claude-code, windsurf.

Quick Install

{
  "mcpServers": {
    "filesystem": {
      "args": [
        "-y",
        "@modelcontextprotocol/server-filesystem",
        "/Users/username/Desktop"
      ],
      "command": "npx"
    }
  }
}

Setup guide

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y @modelcontextprotocol/server-filesystem 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Tools (7)

read_file

Read the contents of a file

write_file

Write content to a file

list_directory

List directory contents

create_directory

Create a new directory

move_file

Move or rename a file

search_files

Search for files by pattern

get_file_info

Get metadata about a file

Score Breakdown

MCPpedia Score

Click each category to see evidence

88A

Scored 1h ago

How we score →

Security

20/30

Last scanned 1h ago

2 open vulnerabilities.

✗

CVEs — 2 found — 2 open, 0 fixedcheck OSV.dev \u2192

○

Authentication — None required — easy to connect

✓

License — MITview license \u2192

✓

Repository — Activeview repo \u2192

✗

MCPpedia review — Not yet reviewed by MCPpedia

Advisories (2 open, 0 fixed)

mediumCVSS 4CVE-2025-53110Open

@modelcontextprotocol/server-filesystem vulnerability allows for path validation bypass via colliding path prefix

Versions of Filesystem prior to 0.6.3 & 2025.7.1 could allow access to unintended files in cases where the prefix matches an allowed directory. Users are advised to upgrade to 2025.7.1 to resolve the issue. Thank you to Elad Beber (Cymulate) for reporting these issues.

Affected: >= 0Published Jul 1, 2025source \u2192

mediumCVSS 4CVE-2025-53109Open

@modelcontextprotocol/server-filesystem allows for path validation bypass via prefix matching and symlink handling

Versions of Filesystem prior to 0.6.3 & 2025.7.1 could allow access to unintended files via symlinks within allowed directories. Users are advised to upgrade to 2025.7.1 to resolve. Thank you to Elad Beber (Cymulate) for reporting these issues.

Affected: >= 0Published Jul 1, 2025source \u2192

CVEs checked daily via OSV.dev. Score algorithm is open source.

Embed this score in your READMEPreview badge

[![MCPpedia Score](https://mcppedia.org/api/badge/filesystem)](https://mcppedia.org/s/filesystem)

Reviews

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?