[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"pack-detail-mcp-filesystem-adapters-es":3,"seo:pack:mcp-filesystem-adapters:es":99},{"code":4,"message":5,"data":6},200,"ζ“δ½œζˆεŠŸ",{"pack":7},{"slug":8,"icon":9,"tone":10,"status":11,"status_label":12,"title":13,"description":14,"items":15,"install_cmd":98},"mcp-filesystem-adapters","πŸ“‚","#374151","new","Nuevo Β· esta semana","Adaptadores MCP de Sistemas de Archivos","Diez adaptadores que conectan a un agente IA con cualquier sistema de archivos β€” disco local, AWS S3, Cloudflare R2, Google Drive, SFTP\u002FFTP y gateways multi-cloud β€” cada uno con scoping, polΓ­ticas de permisos y auditorΓ­a para que el agente deje de borrar el bucket equivocado.",[16,28,35,42,49,57,64,74,82,89],{"id":17,"uuid":18,"slug":19,"title":20,"description":21,"author_name":22,"view_count":23,"vote_count":24,"lang_type":25,"type":26,"type_label":27},670,"92b8baf2-3780-401c-aeba-62c0b6842922","filesystem-mcp-local-file-access-ai-agents-92b8baf2","Filesystem MCP β€” Local File Access for AI Agents","Official MCP server that gives AI agents safe, scoped access to your local filesystem. Read, write, search, and manage files and directories with configurable permissions. 4,000+ stars.","MCP Hub",164,0,"en","mcp","MCP",{"id":29,"uuid":30,"slug":31,"title":32,"description":33,"author_name":22,"view_count":34,"vote_count":24,"lang_type":25,"type":26,"type_label":27},42,"8a28360d-6eef-449d-9857-d8b388a05f34","mcp-reference-servers-official-collection-8a28360d","MCP Reference Servers β€” Official Collection","Official MCP reference server implementations by Anthropic: filesystem, git, memory, fetch, sequential thinking, and more. The starting point for MCP development.",128,{"id":36,"uuid":37,"slug":38,"title":39,"description":40,"author_name":22,"view_count":41,"vote_count":24,"lang_type":25,"type":26,"type_label":27},3064,"f18b31dd-84c6-45c8-8a8f-1db8e92f2bd7","desktop-commander-mcp-local-terminal-files","Desktop Commander MCP β€” Local Terminal + Files","Desktop Commander MCP gives agents controlled local terminal + filesystem tools (including PDF\u002FDOCX\u002FExcel). Install via npx and verify by listing tools.",63,{"id":43,"uuid":44,"slug":45,"title":46,"description":47,"author_name":22,"view_count":48,"vote_count":24,"lang_type":25,"type":26,"type_label":27},219,"0fc43d04-d671-4487-bd67-47202dd9dd13","aws-mcp-servers-official-aws-integration-0fc43d04","AWS MCP Servers β€” Official AWS Integration","Official MCP servers for AWS by Amazon. Connect AI agents to S3, Lambda, CloudWatch, Bedrock, CDK, and more AWS services. Secure IAM-based auth. 8.6K+ stars.",123,{"id":50,"uuid":51,"slug":52,"title":53,"description":54,"author_name":55,"view_count":56,"vote_count":24,"lang_type":25,"type":26,"type_label":27},680,"d0283053-620e-4bac-b177-144c495a79d6","cloudflare-workers-mcp-edge-functions-ai-agents-d0283053","Cloudflare Workers MCP β€” Edge Functions for AI Agents","MCP server that gives AI agents access to Cloudflare Workers for deploying edge functions, managing KV storage, R2 buckets, and D1 databases. Build and deploy serverless code from chat. 1,500+ stars.","Cloudflare",132,{"id":58,"uuid":59,"slug":60,"title":61,"description":62,"author_name":22,"view_count":63,"vote_count":24,"lang_type":25,"type":26,"type_label":27},3146,"07565199-d466-4fdf-83f7-3e12f339a8b7","google-workspace-mcp-gmail-calendar-drive-for-agents","Google Workspace MCP β€” Gmail\u002FCalendar\u002FDrive for Agents","Google Workspace MCP exposes Gmail, Calendar, and Drive actions as MCP tools so agents can summarize inboxes and manage schedules with minimal scopes.",75,{"id":65,"uuid":66,"slug":67,"title":68,"description":69,"author_name":70,"view_count":71,"vote_count":24,"lang_type":25,"type":72,"type_label":73},1338,"06a04735-3859-11f1-9bc6-00163e2b0d79","rclone-rsync-cloud-storage-across-70-providers-06a04735","rclone β€” rsync for Cloud Storage Across 70+ Providers","rclone is a command-line tool to sync, copy, and mount files between any two of 70+ cloud storage providers (S3, GCS, Azure, Dropbox, Google Drive, OneDrive, etc.). The universal file-moving tool every sysadmin should know.","AI Open Source",83,"skill","Skill",{"id":75,"uuid":76,"slug":77,"title":78,"description":79,"author_name":80,"view_count":81,"vote_count":24,"lang_type":25,"type":72,"type_label":73},2605,"c41cdc5e-4771-11f1-9bc6-00163e2b0d79","sftpgo-self-hosted-secure-file-transfer-server-c41cdc5e","SFTPGo β€” Self-Hosted Secure File Transfer Server","SFTPGo is a full-featured SFTP, FTP\u002FS, WebDAV, and HTTP\u002FS file server written in Go, supporting virtual folders, multiple storage backends including S3 and GCS, and a web admin interface for user and quota management.","Script Depot",119,{"id":83,"uuid":84,"slug":85,"title":86,"description":87,"author_name":80,"view_count":88,"vote_count":24,"lang_type":25,"type":72,"type_label":73},3665,"40cecb19-4f2b-11f1-9bc6-00163e2b0d79","alist-self-hosted-multi-cloud-file-listing-gateway-40cecb19","Alist β€” Self-Hosted Multi-Cloud File Listing Gateway","Alist is a self-hosted file listing program written in Go that provides a unified web interface for browsing and managing files across local storage and 30+ cloud providers including S3, Google Drive, OneDrive, and WebDAV.",99,{"id":90,"uuid":91,"slug":92,"title":93,"description":94,"author_name":80,"view_count":95,"vote_count":24,"lang_type":25,"type":96,"type_label":97},3545,"dcdb38ef-8432-5553-96ef-4084e261291d","agentseal-security-toolkit-for-agents-mcp","AgentSeal β€” Security Toolkit for Agents & MCP","AgentSeal is an FSL-1.1 (future Apache-2.0) toolkit that scans skills and MCP configs, monitors supply-chain risks, and tests prompt-injection resistance.",32,"script","Script","tokrepo install pack\u002Fmcp-filesystem-adapters",{"pageType":100,"pageKey":8,"locale":25,"title":101,"metaDescription":102,"h1":103,"tldr":104,"bodyMarkdown":105,"faq":106,"schema":122,"internalLinks":131,"citations":144,"wordCount":157,"generatedAt":158},"pack","MCP File-System Adapters: 10 picks for local, S3, R2, GCS, SFTP & multi-cloud agents","Ten MCP-friendly filesystem adapters that wire an AI agent into local disk, AWS S3, Cloudflare R2, Google Drive, SFTP\u002FFTP, and multi-cloud gateways β€” scoped roots, permission policies, audit logs built in.","MCP File-System Adapters Pack","Ten adapters covering every filesystem an agent will plausibly touch β€” local disk, AWS S3, Cloudflare R2, Google Drive, SFTP servers, multi-cloud gateways β€” each picked because it ships scoped roots, capability flags, and an audit trail. Install in order: local fs first, cloud buckets next, transit protocols third, policy layer last. The pack is the cross-protocol companion to [Filesystem Agent + Local Ops](\u002Fen\u002Fpacks\u002Ffilesystem-agent-local-ops) β€” that one goes deep on local file work, this one goes wide across protocols.","## What this pack covers\n\nMost developers wire an agent to one filesystem β€” usually local disk through the official MCP server β€” and stop there. Then the next ticket arrives: \"download last night's exports from S3\", \"sync this folder to R2\", \"pull the customer PDFs from the SFTP drop\", \"merge files across Google Drive and the team NAS\". Each new backend turns into a one-off shell wrapper with its own credential format, no scope enforcement, and zero audit trail.\n\nThis pack is the **cross-protocol set** β€” ten adapters chosen so an agent can reach local fs, AWS S3, Cloudflare R2, Google Drive, SFTP\u002FFTP, and 30+ multi-cloud backends through one consistent permission model. Where [Filesystem Agent + Local Ops](\u002Fen\u002Fpacks\u002Ffilesystem-agent-local-ops) goes deep on local file janitor work (Downloads cleanup, dedupe, batch rename), this pack goes wide across protocols.\n\n| # | Adapter | Backend | Scope surface |\n|---|---|---|---|\n| 1 | Filesystem MCP (official) | Local disk | Scoped roots passed at boot |\n| 2 | MCP Reference Servers | Local fs \u002F git \u002F memory \u002F fetch | Anthropic's reference bundle |\n| 3 | Desktop Commander MCP | Local terminal + files + PDF\u002FDOCX | Allowlist directories |\n| 4 | AWS MCP Servers (official) | S3, Lambda, CloudWatch | IAM role per server |\n| 5 | Cloudflare Workers MCP | R2 buckets via Workers | Worker-level binding |\n| 6 | Google Workspace MCP | Drive, Gmail, Calendar | OAuth scopes |\n| 7 | rclone | 70+ cloud providers | Per-remote config |\n| 8 | SFTPGo | Self-hosted SFTP\u002FFTP\u002FWebDAV | Per-user virtual fs |\n| 9 | Alist | Multi-cloud WebDAV gateway | Single mount, 30+ backends |\n| 10 | AgentSeal | Security toolkit for MCP | ACL + audit policy layer |\n\nThree layers: **local (1-3)**, **cloud-native (4-7)**, **gateway + policy (8-10)**.\n\n## Why a multi-protocol pack matters\n\nThe Model Context Protocol gave agents a clean interface for talking to filesystems, but the protocol doesn't dictate what's on the other end. Different teams end up with very different topologies:\n\n- **Indie dev**: local disk only. Filesystem MCP is enough.\n- **Backend team**: local + S3 + a CI artifact bucket on R2. Three adapters, three credential stores.\n- **Enterprise**: add SFTP for partner exchanges, Google Drive for finance, an on-prem NAS over SMB. Five-plus backends with different audit requirements.\n\nThe picks here are the ones that consistently get four things right: scoped roots (the agent literally cannot see outside the configured paths), read-only-by-default (writes are opt-in per server), structured audit logs (every call into the adapter lands in a grep-able file), and credential isolation (each adapter holds its own secrets, no shared blast radius).\n\n## Install order β€” local β†’ cloud β†’ transit β†’ policy\n\n1. **Local first (#1-3).** Start with Filesystem MCP pointed at one project directory. Add Desktop Commander when you need terminal + PDF\u002FDOCX text extraction. Use MCP Reference Servers as a sanity check that your host (Claude Code \u002F Cursor \u002F Codex CLI) wires servers correctly.\n\n2. **Cloud buckets next (#4-6).** Add the AWS MCP server for S3 once you've verified local works. Then Cloudflare Workers MCP if your edge cache and assets live on R2 β€” same protocol, different storage layer. Google Workspace MCP if Drive is part of the workflow.\n\n3. **Transit protocols third (#7-8).** rclone (#7) isn't an MCP server itself, but it's the universal cross-cloud copy tool β€” wire it into Desktop Commander's shell surface and the agent gets 70+ backends through one CLI it already knows. SFTPGo (#8) is the self-hosted SFTP\u002FFTP\u002FWebDAV server you point partners at, with per-user virtual filesystems the agent can mount.\n\n4. **Policy layer last (#9-10).** Alist (#9) gives the agent a single WebDAV mount that fans out to 30+ cloud backends β€” useful when you don't want N MCP servers per provider. AgentSeal (#10) is the audit and ACL toolkit you wrap around the whole stack so every adapter call lands in one log with one set of policies.\n\n```bash\n# Sketch of a wired-up agent host\n# ~\u002F.config\u002Fclaude\u002Fmcp.json\n{\n \"mcpServers\": {\n \"fs-local\": { \"command\": \"npx\", \"args\": [\"-y\", \"@modelcontextprotocol\u002Fserver-filesystem\", \"$HOME\u002Fprojects\"] },\n \"fs-aws\": { \"command\": \"uvx\", \"args\": [\"awslabs.s3-mcp-server\"], \"env\": { \"AWS_PROFILE\": \"readonly\" } },\n \"fs-r2\": { \"command\": \"npx\", \"args\": [\"-y\", \"@cloudflare\u002Fmcp-server-workers\"] },\n \"fs-drive\": { \"command\": \"uvx\", \"args\": [\"workspace-mcp\"], \"env\": { \"GOOGLE_OAUTH_SCOPE\": \"drive.readonly\" } }\n }\n}\n```\n\nFour adapters, four scopes, four credential stores. The agent calls `fs-aws.list_objects` or `fs-drive.search_files` and the protocol takes care of the rest.\n\n## Sandboxing and permission scopes\n\nThe single biggest win of this pack over giving the agent raw `aws`, `rclone`, `sftp` shell access is **scope enforcement at the protocol boundary**:\n\n- **Filesystem MCP** takes its allowed roots as positional arguments. Anything outside the list isn't visible to the agent β€” not blocked at write time, not visible at read time either. The agent can't `cat ~\u002F.ssh\u002Fid_rsa` because the server doesn't expose `~`.\n- **AWS MCP servers** run under an explicit IAM role. The right pattern is a `read-only` role for browse operations and a separate `mcp-writer` role with `s3:PutObject` only on one bucket prefix, swapped in for the rare write task.\n- **Cloudflare Workers MCP** uses Worker-level bindings β€” the Worker (not the agent) holds the R2 token, and the agent can only call operations the Worker exposes.\n- **Google Workspace MCP** uses OAuth scopes. `drive.readonly` is the default; `drive.file` is the minimum write scope (per-file consent), which is much narrower than the full `drive` scope most quickstarts paste in.\n- **SFTPGo** isolates each agent into its own virtual filesystem β€” the agent connects as user `mcp-agent` and sees only the mounted folders, not the rest of the disk.\n- **AgentSeal** sits across the whole stack and enforces per-tool ACLs plus structured audit. Useful when adapters have inconsistent native logging.\n\n## Audit and revoke\n\nEvery adapter in this pack writes to a log you can grep. The combined pattern is:\n\n```bash\ntail -f ~\u002F.tokrepo\u002Flogs\u002Ffs-*.log | tee ~\u002F.audit\u002F$(date +%F).jsonl\n```\n\nOne tail per session, one file per day. When something goes wrong β€” agent deleted the wrong object, or wrote to the wrong path β€” you have the call, the arguments, the result, and the timestamp. Pair with versioned buckets on the S3\u002FR2 side (lifecycle rules β†’ 30-day retention) and almost every mistake is recoverable.\n\nRevoking is per-adapter: delete the IAM role, rotate the OAuth refresh token, disable the SFTPGo user, kill the Worker binding. No single credential gives access to multiple backends, which is the only structural protection that scales.\n\n## Common pitfalls\n\n- **One credential, many backends.** The biggest anti-pattern is reusing a personal AWS access key across all your MCP servers. Each adapter gets its own least-privilege role; mixing them defeats the whole point.\n- **Forgetting OAuth refresh.** Google Workspace MCP uses OAuth β€” the refresh token can expire if unused for six months. Schedule a monthly no-op call from a cron so the token stays warm.\n- **rclone with full write access by default.** rclone respects the remote's permissions, but a misconfigured remote (root key for an S3 account) lets the agent see *every* bucket. Always create a dedicated rclone remote per task with the narrowest scope.\n- **SFTPGo audit log rotation.** SFTPGo writes verbose logs; without rotation, a busy agent fills the disk in a week. Configure logrotate or the built-in retention.\n- **Alist as a single point of compromise.** Convenience comes at a cost β€” one Alist instance with credentials for 10 backends is one breach away from 10 problems. Keep Alist behind your VPN, not on the public internet.",[107,110,113,116,119],{"q":108,"a":109},"Why not just give the agent raw `aws`, `rclone`, `sftp` CLI access through a shell tool?","Two reasons. First, scope: a shell call to `aws s3 ls` can touch any bucket the credentials allow β€” the MCP adapter exposes a defined tool surface scoped to one role or bucket. Second, audit: shell output is unstructured and easy to miss; the adapter writes structured JSON with the exact arguments. For one-off exploration the shell is fine; for any recurring or unattended op, the adapter wins.",{"q":111,"a":112},"Does this pack replace the [Filesystem Agent + Local Ops](\u002Fen\u002Fpacks\u002Ffilesystem-agent-local-ops) pack?","No, they pair. Local Ops goes deep on the personal-files workflow (Downloads cleanup, dedupe, batch rename) with Yazi, ripgrep, AGENTS.md, and Hooks. This pack goes wide across protocols (S3, R2, Drive, SFTP, multi-cloud). A typical workstation runs Filesystem MCP from both packs, then adds whichever cloud adapters here match the team's stack. No overlap in picks, but they assume each other's foundation.",{"q":114,"a":115},"Can a single agent call all ten adapters at once?","Technically yes β€” every MCP-aware host (Claude Code, Cursor, Codex CLI, Cline, gptme) supports N concurrent MCP servers. Practically, ten is too many in one session: the tool list bloats the prompt, the agent confuses similar tool names (`fs-aws.list` vs `fs-r2.list`), and credential management gets noisy. Wire two or three for any given workflow. The pack is a buffet, not a meal.",{"q":117,"a":118},"How do these handle large files β€” say a 5GB video on S3?","The MCP adapters expose metadata and small reads natively; for large objects the right pattern is to have the agent issue a presigned URL or a `cp` instruction that streams server-side, never through the agent's context. AWS MCP and Cloudflare Workers MCP both support presigned URL generation. rclone copies directly between backends without round-tripping. Never pull a 5GB file into the agent's context β€” that's a credit-card-shaped mistake.",{"q":120,"a":121},"What's the minimum viable setup if I just want S3 access from Claude Code?","Three things. One: install the AWS MCP servers (#4) and point at the S3-only sub-server. Two: create an IAM role with `s3:GetObject` and `s3:ListBucket` on one prefix β€” nothing else. Three: add the role's credentials to `~\u002F.aws\u002Fcredentials` under a named profile and reference it from the MCP server config. Twenty minutes end-to-end. Once that's working, add write capability with a second role only when you have a specific write task. Read-only is the default state, not the starting state.",{"@context":123,"@type":124,"name":103,"description":125,"numberOfItems":126,"publisher":127},"https:\u002F\u002Fschema.org","CollectionPage","Ten MCP-friendly filesystem adapters for local disk, AWS S3, Cloudflare R2, Google Drive, SFTP\u002FFTP, and multi-cloud gateways β€” with scoped roots, permission policies, and audit logs.",10,{"@type":128,"name":129,"url":130},"Organization","TokRepo","https:\u002F\u002Ftokrepo.com",[132,136,140],{"url":133,"anchor":134,"reason":135},"\u002Fen\u002Fpacks\u002Ffilesystem-agent-local-ops","Filesystem Agent + Local Ops","deep local-files companion (Downloads cleanup, dedupe, batch rename) β€” same foundation, different focus",{"url":137,"anchor":138,"reason":139},"\u002Fen\u002Fpacks\u002Fmcp-database-connectors","MCP Database Connectors","the database side of the same MCP pattern β€” same safety surface, different backend",{"url":141,"anchor":142,"reason":143},"\u002Fen\u002Fpacks\u002Fmcp-server-stack","MCP Server Stack","broader MCP toolbox these adapters fit into (browser, GitHub, memory, plus filesystem)",[145,149,153],{"claim":146,"source_name":147,"source_url":148},"Model Context Protocol specification","modelcontextprotocol.io","https:\u002F\u002Fmodelcontextprotocol.io",{"claim":150,"source_name":151,"source_url":152},"Official Anthropic MCP filesystem server with scoped roots","modelcontextprotocol\u002Fservers","https:\u002F\u002Fgithub.com\u002Fmodelcontextprotocol\u002Fservers\u002Ftree\u002Fmain\u002Fsrc\u002Ffilesystem",{"claim":154,"source_name":155,"source_url":156},"AWS Labs official MCP servers including S3 access","awslabs\u002Fmcp","https:\u002F\u002Fgithub.com\u002Fawslabs\u002Fmcp",920,"2026-05-22T13:00:00Z"]