{"id":"colinrozzi-fs-mcp-server","name":"fs-mcp-server","homepage":null,"repo_url":"https://github.com/colinrozzi/fs-mcp-server","category":"infrastructure","subcategories":[],"tags":["mcp","filesystem","local-io","rust","security","developer-tools","search","edit"],"what_it_does":"Provides a local Model Context Protocol (MCP) server that exposes filesystem operations (list/read/write-like operations, mkdir/delete/copy/move, info, search, edit, and list_allowed_dirs). All operations are intended to be constrained to configured allowed absolute directories.","use_cases":["Building an MCP client toolchain to inspect and modify files in a controlled local workspace","Automated codebase search (grep-like) within approved directories","LLM-assisted refactoring/editing of specific files using structured edit operations (with optional backups)","Sandboxed access to local filesystem resources for development assistants"],"not_for":["Managing remote or multi-tenant filesystem access over a network without additional isolation","Handling highly sensitive data without stronger operational controls (e.g., least-privilege OS permissions, container sandboxing)","High-throughput bulk file transfer use cases beyond what max-file-size/timeouts support"],"best_when":"You need local filesystem access for an MCP client where you can tightly configure allowed directories and enforce OS-level isolation/permissions.","avoid_when":"You cannot guarantee safe configuration of allowed directories or you cannot provide OS/container isolation; also avoid when you require fine-grained auditing/authorization beyond directory allowlisting.","alternatives":["Local-only scripts or CLI tools invoked directly (no MCP layer)","Other MCP filesystem implementations with documented auth/audit features","A dedicated sandboxed service/container that exposes a narrower file API over IPC/HTTP with strong auth and auditing"],"af_score":62.8,"security_score":41.0,"reliability_score":26.2,"package_type":"mcp_server","discovery_source":["github"],"priority":"low","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-04-04T21:23:10.386410+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":["Rust (example client code shown)"],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["None specified (stdio transport; access controlled by allowed directories config)"],"oauth":false,"scopes":false,"notes":"No authentication mechanism is described in the README; access appears governed by process-level execution and the configured allowed directories/path validation."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"Open-source library/server; no pricing information provided."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":62.8,"security_score":41.0,"reliability_score":26.2,"mcp_server_quality":85.0,"documentation_accuracy":75.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":95.0,"rate_limit_clarity":0.0,"tls_enforcement":20.0,"auth_strength":20.0,"scope_granularity":70.0,"dependency_hygiene":40.0,"secret_handling":60.0,"security_notes":"Security is primarily based on path validation and an allowed-directories allowlist; README claims rejection of access outside allowed dirs to prevent traversal. However, no authentication/authorization model is described, and because it is a local stdio MCP server, TLS is not applicable; the primary risk is misconfiguration of allowed directories and overbroad OS/process permissions. Dependency/vulnerability hygiene cannot be assessed from provided content.","uptime_documented":0.0,"version_stability":35.0,"breaking_changes_history":30.0,"error_recovery":40.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["No explicit auth scheme is documented; agents should assume they only have access to what the server is configured to allow and should not expect user-based authorization.","Path inputs must be full absolute paths within allowed directories; agents must avoid relative paths and should expect rejections for paths outside the allowlist.","Mutating tools (write/delete/edit/copy/move) are likely non-idempotent depending on implementation; agents should plan carefully and use backups where available (e.g., edit.backup).","Search may be time-bounded (timeout_secs) and size-bounded (max_file_size/max_results); agents should handle truncated/limited result sets."]}}