What are the requirements for MCP Files?

MCP Files requires a compatible MCP client such as Claude Desktop, Claude Code, or Cursor. No additional environment variables are needed for basic setup.

Is MCP Files free to use?

Yes, MCP Files is open source and free to use. You can find the source code on GitHub.

What MCP clients support MCP Files?

MCP Files works with any MCP-compatible client including Claude Desktop (Anthropic's official desktop app), Claude Code (CLI tool), Cursor, and other editors with MCP support.

How do I configure MCP Files?

Configure MCP Files by adding it to your MCP client's config file. For Claude Desktop, edit claude_desktop_config.json and add the server configuration. See the Configuration section above for a ready-to-use example.

MCP Files MCP Server

Q: What tools does MCP Files provide?

list: List files and directories within the authorized root.. read: Read the contents of a file.. write: Write content to a file.. patch: Apply patches or updates to existing files.. delete: Delete a file or directory.. stat: Get metadata information about a file or directory..

Q: How do I install MCP Files?

Install MCP Files by running: pip install mcpfiles

Local setup required. This server has to be cloned and prepared on your machine before you register it in Claude Code.

Set the server up locally

Run this once to clone and prepare the server before adding it to Claude Code.

Run in terminal

pip install mcpfiles

Register it in Claude Code

After the local setup is done, run this command to point Claude Code at the built server.

Run in terminal

claude mcp add mcp-files -- node "<FULL_PATH_TO_MCPFILES>/dist/index.js"

Replace <FULL_PATH_TO_MCPFILES>/dist/index.js with the actual folder you prepared in step 1.

README.md

Provides a secure, constrained filesystem workspace for LLM agents

MCP Files MCP Server

MCP Files exposes a constrained filesystem workspace (notes, knowledge bases, code artifacts) to LLM agents and automations. It supports stdio and remote HTTP mode.

Features

Tool suite for listing, reading, writing, patching, deleting, and stat’ing files and project directory helpers.
Per API key roots, extension whitelists, recursive-delete flags, quotas, and logging overrides.
Structured logging/tracing with per security domain toggles and optional dedicated log files.

Installation

Either from PyPi

pip install mcpfiles

or via

git clone git@github.com:tspspi/mcpfiles.git
pip install -e .

Quick Start

Create a configuration file at ~/.config/mcpfiles.conf (or another path). Each entry in api_keys defines a root directory and permissions.
Run in stdio mode (default):
```
mcpfiles [--config ~/.config/mcpfiles.conf]
```
This binds the server to the root defined in the stdio block.
Run in remote HTTP mode:
```
mcpfiles --remote
```
The --remote flag is shorthand for --transport remotehttp and requires remote_server and api_keys blocks in the configuration file. Authentication accepts Authorization: Bearer, X-API-Key, or ?api_key= query string tokens.
Generate or rotate an API key for an existing entry:
```
mcpfiles --genkey knowledge-base
```
The command prints the plaintext secret once once on stdout and patches the matching api_keys[].kdf configuration.

Logging & Tracing

Global defaults live under the top-level logging block. Per-key overrides inherit those defaults and may specify their own log file, categories (trace_access, trace_write, trace_delete, trace_metadata) and debug_all.
Each MCP tool invocation emits one structured log entry containing the key ID, optional project ID, category, path, status and compact metrics (bytes written, entries listed, etc.).

Configuration

The default path for the configuration file is ~/.config/mcpfiles.conf. This path can be overriden with --config /path/to/config.json. To generate API keys one can utilize

mcpfiles --genkey <id>

An example is shown below:

{
  "mode": "remotehttp",
  "stdio": {
    "root": "/srv/mcpfiles/stdio",
    "projects_enabled": false,
    "extension_whitelist": [".md", ".txt", ".json"],
    "mime_validation": true,
    "allow_nonempty_delete": false,
    "immutable_paths": ["reference"],
    "quota": { "soft_limit_bytes": 268435456, "hard_limit_bytes": 322122547 },
    "logging": { "level": "INFO", "trace_access": true, "trace_write": true }
  },
  "logging": {
    "level": "INFO",
    "logfile": "/var/log/mcpfiles/main.log",
    "trace_access": true,
    "trace_write": true,
    "trace_delete": false,
    "trace_metadata": false,
    "debug_all": false
  },
  "remote_server": {
    "transport": { "uds": "/var/run/mcpfiles.sock" }
  },
  "api_keys": [
    {
      "id": "knowledge-base",
      "kdf": { "...": "..." },
      "root": "/srv/mcpfiles/agentA",
      "projects_enabled": true,
      "extension_whitelist": [".md", ".txt"],
      "mime_validation": true,
      "allow_nonempty_delete": false,
      "immutable_paths": ["reference"],
      "quota": { "soft_limit_bytes": 536870912, "hard_limit_bytes": 644245094 },
      "logging": { "logfile": "/var/log/mcpfiles/agentA.log" }
    }
  ]
}

Workspace Model

Each stdio run is limited to the root resolved from the stdio block
Remote mode: Every API key maps to a root directory. When project_id is provided, the server resolves into <root>/.projects/<uuid>/. Access to .projects outside the requested UUID is denied.
An optional extension whitelist per root ensures agents only create/modify allowed file types (suffix checks plus optional file --mime-type verification when mime_validation is enabled).
Optional quotas (soft_limit_bytes, hard_limit_bytes) cap total storage consumption per key/project. Hard limits block writes. Soft limits only log events (no response flag), letting agents query usage on demand.
Hidden .metadata/usage.json directories store accounting data and are automatically excluded from MCP listings/reads. Manual tampering is prevented by treating .metadata as immutable.
Immutable paths (relative to the key/project root) can expose reference material while prohibiting writes; mutation requests targeting these paths return an authorization error.
Recursive deletions require allow_nonempty_delete=true in the key config; otherwise only empty directories can be removed.

FreeBSD Daemon Setup

Copy the sample rc.d script (contrib/freebsd/mcpfiles) into /usr/local/etc/rc.d/mcpfiles and make it executable:

install -m 755 contrib/freebsd/mcpfiles /usr/local/etc/rc.d/mcpfiles

Create a dedicated runtime account with no login shell (adjust UID/GID as needed):

pw useradd mcpfiles -d /nonexistent -s /usr/sbin/nolo

Tools (6)

listList files and directories within the authorized root.

readRead the contents of a file.

writeWrite content to a file.

patchApply patches or updates to existing files.

deleteDelete a file or directory.

statGet metadata information about a file or directory.

Configuration

claude_desktop_config.json

{"mode": "remotehttp", "stdio": {"root": "/srv/mcpfiles/stdio", "extension_whitelist": [".md", ".txt", ".json"], "quota": { "soft_limit_bytes": 268435456, "hard_limit_bytes": 322122547 }}, "api_keys": [{"id": "knowledge-base", "root": "/srv/mcpfiles/agentA", "extension_whitelist": [".md", ".txt"]}]}

Try it

→List all markdown files in my knowledge-base directory.

→Read the content of project_notes.md and summarize the current status.

→Create a new file named todo.txt with a list of tasks for today.

→Check the file metadata for the reference folder to see when it was last modified.

→Delete the temporary file temp_log.txt from the workspace.

Frequently Asked Questions

What are the key features of MCP Files?

Constrained filesystem workspace with extension whitelisting. Granular access controls via per-API key roots. Storage quotas with soft and hard limits. Immutable paths to protect reference material. Structured logging and tracing for security auditing.

What can I use MCP Files for?

Managing local knowledge bases for LLM agents. Providing secure, sandboxed file access for automated coding tasks. Maintaining project-specific notes with restricted directory access. Enforcing storage limits for automated agent file operations.

How do I install MCP Files?

Install MCP Files by running: pip install mcpfiles

What MCP clients work with MCP Files?

MCP Files works with any MCP-compatible client including Claude Desktop, Claude Code, Cursor, and other editors with MCP support.

Turn this server into reusable context

Keep MCP Files docs, env vars, and workflow notes in Conare so your agent carries them across sessions.

Need the old visual installer? Open Conare IDE.

Open Conare

View all file-management servers →

MCP Files MCP Server

Set the server up locally

Register it in Claude Code

MCP Files MCP Server

Features

Installation

Quick Start

Logging & Tracing

Configuration

Workspace Model

FreeBSD Daemon Setup

Tools (6)

Configuration

Try it

Frequently Asked Questions

Turn this server into reusable context

Related MCP Servers