@modelcontextprotocol/server-filesystem

Minor capabilities, nothing alarming.

Filesystem writes 1

AI review

This is the official Anthropic MCP server for filesystem access. No hidden instructions, prompt injection, or data exfiltration mechanisms were found. The code and documentation match the stated purpose of providing controlled filesystem operations with directory access restrictions.

Model: deepseek-chat

Static findings

Filesystem writes · Reads or writes the filesystem

low dist/lib.js:114 await fs.unlink(tempPath);

Scanning every extension your team installs?

Pro & Team add monitoring, private scans, and a CI gate for unsafe extensions.

MCPVet is a heuristic aid, not a security guarantee. A clean grade does not prove an extension is safe; always review code and instructions you don't trust.

@modelcontextprotocol/server-filesystem

AI review

Static findings

Filesystem writes · Reads or writes the filesystem

Scanning every extension your team installs?

Get early access