@yigstudio/skill-filesystem
v0.1.0
Published
Secure filesystem operations skill for Yigstudio (MCP Server)
Downloads
50
Readme
@yigstudio/skill-filesystem
Secure filesystem operations skill for Yigstudio (MCP Server).
Features
Provides 4 filesystem tools with security controls:
fs.readFile- Read file contentsfs.writeFile- Write file contentsfs.listDir- List directory contentsfs.deleteFile- Delete files/directories
Security
- Workspace Boundary: Only allows operations within workspace root
- Path Validation: Prevents directory traversal attacks
- Blocked Paths: Denies access to system directories (/etc, /sys, C:\Windows, etc.)
- Delete Protection: Requires explicit
recursive: truefor directory deletion
Installation
npm install @yigstudio/skill-filesystemUsage
As MCP Server
Run as a standalone MCP server:
export FILESYSTEM_WORKSPACE="/path/to/workspace"
npx @yigstudio/skill-filesystemEnvironment Variables
FILESYSTEM_WORKSPACE(optional): Workspace root path (default: current directory)FILESYSTEM_ALLOWED_PATHS(optional): Comma-separated additional allowed pathsFILESYSTEM_BLOCKED_PATHS(optional): Comma-separated additional blocked paths
With Yigstudio
Register in your Yigstudio application:
import { MCPClientManager } from '@yigstudio/mcp-runtime';
import { SkillRegistry } from '@yigstudio/skills';
const mcpClient = new MCPClientManager();
const skillRegistry = new SkillRegistry();
// Register Filesystem skill
await mcpClient.registerServer({
id: 'skill-filesystem',
name: 'Filesystem Skill',
transport: {
type: 'stdio',
command: 'npx',
args: ['@yigstudio/skill-filesystem'],
env: {
FILESYSTEM_WORKSPACE: process.cwd(),
},
},
});
// Register skill metadata
skillRegistry.register({
id: 'fs-read-file',
name: 'Read File',
description: 'Read files from the workspace',
version: '1.0.0',
permissions: ['fs:read'],
mcpServer: {
serverId: 'skill-filesystem',
command: 'npx',
args: ['@yigstudio/skill-filesystem'],
env: {
FILESYSTEM_WORKSPACE: process.cwd(),
},
},
});
skillRegistry.register({
id: 'fs-delete-file',
name: 'Delete File',
description: 'Delete files or directories from the workspace',
version: '1.0.0',
permissions: ['fs:delete'], // Requires elevated permission
mcpServer: {
serverId: 'skill-filesystem',
command: 'npx',
args: ['@yigstudio/skill-filesystem'],
env: {
FILESYSTEM_WORKSPACE: process.cwd(),
},
},
});Tools
fs.readFile
Read the contents of a file.
Parameters:
path(string, required): File path relative to workspace rootencoding(string, optional): File encoding (default: utf-8)
Example:
{
"path": "README.md",
"encoding": "utf-8"
}fs.writeFile
Write content to a file (creates parent directories if needed).
Parameters:
path(string, required): File path relative to workspace rootcontent(string, required): File contentencoding(string, optional): File encoding (default: utf-8)mode(string|number, optional): File permissions
Example:
{
"path": "output/result.txt",
"content": "Hello, Yigstudio!",
"encoding": "utf-8"
}fs.listDir
List contents of a directory.
Parameters:
path(string, required): Directory path relative to workspace rootrecursive(boolean, optional): Recursively list subdirectories (default: false)
Example:
{
"path": "src",
"recursive": true
}fs.deleteFile
Delete a file or directory.
Parameters:
path(string, required): File or directory path relative to workspace rootrecursive(boolean, optional): Delete directory recursively (default: false)
Example:
{
"path": "temp/cache.json"
}⚠️ Warning: This operation cannot be undone. Requires fs:delete permission in Sentinel.
Security Best Practices
- Set Explicit Workspace: Always set
FILESYSTEM_WORKSPACEto limit access - Use Minimal Permissions: Only grant
fs:deleteto trusted agents - Review Blocked Paths: Add sensitive directories to
FILESYSTEM_BLOCKED_PATHS - Enable Sentinel: Use Sentinel for fine-grained access control
Default Blocked Paths
/etc,/sys,/proc,/dev,/boot,/root(Linux)C:\Windows,C:\Program Files,C:\Program Files (x86)(Windows)/System,/Library(macOS)
Permissions
fs:read: Read file, list directoryfs:write: Write filefs:delete: Delete file/directory (elevated)
License
MIT