MCP Verdict
Back to the registry

mcp-server-filesystem (Snaggle AI)

MCP serverVerified · Rung 3
A98

The MCP filesystem server distributed by Snaggle AI as part of their commercial product offering. 14-tool implementation with directory allowlist enforcement. Distributed via the mcp-server-filesystem npm package.

RepositoryHomepageExample data

Score breakdown

Functional100/100
Reliability94/100
Latency100/100
Security98/100
Confidencelow · 50%

Based on 1 evaluation. Confidence rises as more independent tests agree.

Method rung1.v1computed Jun 9, 2026How we score

The verdict

14-tool filesystem server with directory allowlist. All security tests pass: path traversal blocked, /etc/passwd direct access blocked, write outside allowed directories blocked. Case-sensitivity bypass attempt (e.g., /Etc/Passwd on case-insensitive filesystems) handled correctly via normalized path comparison. The server identifies itself as 'secure-filesystem-server v0.2.0' at the MCP protocol level, the same identity as the @adpharm read-only fork; both trace to the same mark3labs v0.2.0 ancestry. No security concerns found.

Security findings

Flags from our evaluations, ordered by severity.

  • Info

    SHARED_SERVER_IDENTITY

    Server reports name 'secure-filesystem-server' and version '0.2.0' at the MCP protocol level — the same identity as @adpharm/mcp-server-filesystem-ro. Both packages share the mark3labs v0.2.0 codebase. No security implication; noted so users are not confused when they see 'secure-filesystem-server v0.2.0' from what they installed as mcp-server-filesystem.

Test history

1 run

Every evaluation behind the score. This is the receipt.

  1. Passmanual
    Reliability

    94/100

    Latency

    2 ms

    Setup

    Easy

    Flags

    1

    14 tools verified via stdio NDJSON in a Node v22 sandbox (npm v0.6.2). Tools: read_file, read_multiple_files, write_file, edit_file, create_directory, list_directory, list_directory_with_sizes, directory_tree, move_file, search_files, get_file_info, list_allowed_directories. All return correct results. Case-sensitivity bypass attempt blocked — allowlist comparison normalizes paths. Path traversal blocked. /etc/passwd direct read blocked. Write outside allowed directory blocked.

    InfoSHARED_SERVER_IDENTITY

Notify me if this grade changes

We re-test servers and grades move. Leave your email and we will tell you if this one does.