[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"pack-detail-mcp-filesystem-adapters-zh":3,"seo:pack:mcp-filesystem-adapters:zh":99},{"code":4,"message":5,"data":6},200,"操作成功",{"pack":7},{"slug":8,"icon":9,"tone":10,"status":11,"status_label":12,"title":13,"description":14,"items":15,"install_cmd":98},"mcp-filesystem-adapters","📂","#374151","stable","稳定","MCP 文件系统适配器全家桶","10 个适配器，把 AI agent 接入它能遇到的所有文件系统 —— 本地磁盘 \u002F AWS S3 \u002F Cloudflare R2 \u002F Google Drive \u002F SFTP-FTP 服务器 \u002F 多云网关 —— 每一件都带作用域、权限策略和审计日志，让 agent 不会一条命令清错桶。",[16,28,35,42,49,57,64,74,82,89],{"id":17,"uuid":18,"slug":19,"title":20,"description":21,"author_name":22,"view_count":23,"vote_count":24,"lang_type":25,"type":26,"type_label":27},670,"92b8baf2-3780-401c-aeba-62c0b6842922","filesystem-mcp-local-file-access-ai-agents-92b8baf2","Filesystem MCP — Local File Access for AI Agents","Official MCP server that gives AI agents safe, scoped access to your local filesystem. Read, write, search, and manage files and directories with configurable permissions. 4,000+ stars.","MCP Hub",324,0,"en","mcp","MCP",{"id":29,"uuid":30,"slug":31,"title":32,"description":33,"author_name":22,"view_count":34,"vote_count":24,"lang_type":25,"type":26,"type_label":27},42,"8a28360d-6eef-449d-9857-d8b388a05f34","mcp-reference-servers-official-collection-8a28360d","MCP Reference Servers — Official Collection","Official MCP reference server implementations by Anthropic: filesystem, git, memory, fetch, sequential thinking, and more. The starting point for MCP development.",287,{"id":36,"uuid":37,"slug":38,"title":39,"description":40,"author_name":22,"view_count":41,"vote_count":24,"lang_type":25,"type":26,"type_label":27},3064,"f18b31dd-84c6-45c8-8a8f-1db8e92f2bd7","desktop-commander-mcp-local-terminal-files","Desktop Commander MCP — Local Terminal + Files","Desktop Commander MCP gives agents controlled local terminal + filesystem tools (including PDF\u002FDOCX\u002FExcel). Install via npx and verify by listing tools.",182,{"id":43,"uuid":44,"slug":45,"title":46,"description":47,"author_name":22,"view_count":48,"vote_count":24,"lang_type":25,"type":26,"type_label":27},219,"0fc43d04-d671-4487-bd67-47202dd9dd13","aws-mcp-servers-official-aws-integration-0fc43d04","AWS MCP Servers — Official AWS Integration","Official MCP servers for AWS by Amazon. Connect AI agents to S3, Lambda, CloudWatch, Bedrock, CDK, and more AWS services. Secure IAM-based auth. 8.6K+ stars.",240,{"id":50,"uuid":51,"slug":52,"title":53,"description":54,"author_name":55,"view_count":56,"vote_count":24,"lang_type":25,"type":26,"type_label":27},680,"d0283053-620e-4bac-b177-144c495a79d6","cloudflare-workers-mcp-edge-functions-ai-agents-d0283053","Cloudflare Workers MCP — Edge Functions for AI Agents","MCP server that gives AI agents access to Cloudflare Workers for deploying edge functions, managing KV storage, R2 buckets, and D1 databases. Build and deploy serverless code from chat. 1,500+ stars.","Cloudflare",289,{"id":58,"uuid":59,"slug":60,"title":61,"description":62,"author_name":22,"view_count":63,"vote_count":24,"lang_type":25,"type":26,"type_label":27},3146,"07565199-d466-4fdf-83f7-3e12f339a8b7","google-workspace-mcp-gmail-calendar-drive-for-agents","Google Workspace MCP — Gmail\u002FCalendar\u002FDrive for Agents","Google Workspace MCP exposes Gmail, Calendar, and Drive actions as MCP tools so agents can summarize inboxes and manage schedules with minimal scopes.",208,{"id":65,"uuid":66,"slug":67,"title":68,"description":69,"author_name":70,"view_count":71,"vote_count":24,"lang_type":25,"type":72,"type_label":73},1338,"06a04735-3859-11f1-9bc6-00163e2b0d79","rclone-rsync-cloud-storage-across-70-providers-06a04735","rclone — rsync for Cloud Storage Across 70+ Providers","rclone is a command-line tool to sync, copy, and mount files between any two of 70+ cloud storage providers (S3, GCS, Azure, Dropbox, Google Drive, OneDrive, etc.). The universal file-moving tool every sysadmin should know.","AI Open Source",192,"skill","Skill",{"id":75,"uuid":76,"slug":77,"title":78,"description":79,"author_name":80,"view_count":81,"vote_count":24,"lang_type":25,"type":72,"type_label":73},2605,"c41cdc5e-4771-11f1-9bc6-00163e2b0d79","sftpgo-self-hosted-secure-file-transfer-server-c41cdc5e","SFTPGo — Self-Hosted Secure File Transfer Server","SFTPGo is a full-featured SFTP, FTP\u002FS, WebDAV, and HTTP\u002FS file server written in Go, supporting virtual folders, multiple storage backends including S3 and GCS, and a web admin interface for user and quota management.","Script Depot",319,{"id":83,"uuid":84,"slug":85,"title":86,"description":87,"author_name":80,"view_count":88,"vote_count":24,"lang_type":25,"type":72,"type_label":73},3665,"40cecb19-4f2b-11f1-9bc6-00163e2b0d79","alist-self-hosted-multi-cloud-file-listing-gateway-40cecb19","Alist — Self-Hosted Multi-Cloud File Listing Gateway","Alist is a self-hosted file listing program written in Go that provides a unified web interface for browsing and managing files across local storage and 30+ cloud providers including S3, Google Drive, OneDrive, and WebDAV.",259,{"id":90,"uuid":91,"slug":92,"title":93,"description":94,"author_name":80,"view_count":95,"vote_count":24,"lang_type":25,"type":96,"type_label":97},3545,"dcdb38ef-8432-5553-96ef-4084e261291d","agentseal-security-toolkit-for-agents-mcp","AgentSeal — Security Toolkit for Agents & MCP","AgentSeal is an FSL-1.1 (future Apache-2.0) toolkit that scans skills and MCP configs, monitors supply-chain risks, and tests prompt-injection resistance.",174,"script","Script","tokrepo install pack\u002Fmcp-filesystem-adapters",{"pageType":100,"pageKey":8,"locale":101,"title":102,"metaDescription":103,"h1":13,"tldr":104,"bodyMarkdown":105,"faq":106,"schema":122,"internalLinks":131,"citations":144,"wordCount":157,"generatedAt":158},"pack","zh","MCP 文件系统适配器全家桶：本地 \u002F S3 \u002F R2 \u002F GCS \u002F SFTP \u002F 多云 10 件套","10 个 MCP 文件系统适配器，把 AI agent 接入本地磁盘 \u002F AWS S3 \u002F Cloudflare R2 \u002F Google Drive \u002F SFTP-FTP \u002F 多云网关，默认作用域 + 权限策略 + 审计日志一应俱全。","10 个适配器，覆盖 agent 可能遇到的所有文件系统 —— 本地磁盘 \u002F AWS S3 \u002F Cloudflare R2 \u002F Google Drive \u002F SFTP 服务器 \u002F 多云网关 —— 每一件都自带作用域、能力开关和审计日志。安装顺序：先本地，再云桶，再传输协议，最后策略层。这个 pack 是 [文件系统 Agent + 本地操作](\u002Fzh\u002Fpacks\u002Ffilesystem-agent-local-ops) 的横向补充 —— 那个深挖本地，这个横切协议。","## 这个 pack 解决什么\n\n多数开发者接 agent 都从单一文件系统开始 —— 一般是本地磁盘 + 官方 MCP server，然后就停了。直到下一个工单来了：「把昨晚的导出从 S3 拉下来」「把这个文件夹同步到 R2」「从合作方 SFTP 收件箱取 PDF」「在 Google Drive 和团队 NAS 之间合并文件」。每多一个后端，就多一份 ad-hoc shell 包装、一种凭据格式、零作用域强制、零审计日志。\n\n这个 pack 是**跨协议那一组** —— 10 个适配器选出来，让 agent 用同一套权限模型够到本地 fs \u002F AWS S3 \u002F Cloudflare R2 \u002F Google Drive \u002F SFTP-FTP \u002F 30+ 多云后端。[文件系统 Agent + 本地操作](\u002Fzh\u002Fpacks\u002Ffilesystem-agent-local-ops) 深挖本地（Downloads 整理 \u002F 去重 \u002F 批量改名），这个 pack 横切各种协议。\n\n| # | 适配器 | 后端 | 作用域姿势 |\n|---|---|---|---|\n| 1 | Filesystem MCP（官方） | 本地磁盘 | 启动时传入允许的根目录 |\n| 2 | MCP Reference Servers | 本地 fs \u002F git \u002F memory \u002F fetch | Anthropic 官方参考集 |\n| 3 | Desktop Commander MCP | 本地终端 + 文件 + PDF\u002FDOCX | 目录白名单 |\n| 4 | AWS MCP Servers（官方） | S3 \u002F Lambda \u002F CloudWatch | 每个 server 一个 IAM role |\n| 5 | Cloudflare Workers MCP | R2 桶 via Workers | Worker 级绑定 |\n| 6 | Google Workspace MCP | Drive \u002F Gmail \u002F Calendar | OAuth scope |\n| 7 | rclone | 70+ 云提供商 | 每个 remote 独立配置 |\n| 8 | SFTPGo | 自托管 SFTP\u002FFTP\u002FWebDAV | 每用户独立虚拟 fs |\n| 9 | Alist | 多云 WebDAV 网关 | 单挂载点 30+ 后端 |\n| 10 | AgentSeal | MCP 安全工具箱 | ACL + 审计策略层 |\n\n三层：**本地（1-3）\u002F 云原生（4-7）\u002F 网关 + 策略（8-10）**。\n\n## 为什么要做多协议\n\nMCP 给 agent 提供了清晰的文件系统接口，但协议本身不规定另一头是什么。不同团队拓扑差别很大：\n\n- **独立开发**：只有本地磁盘，Filesystem MCP 就够\n- **后端团队**：本地 + S3 + R2 上一个 CI 产物桶。三个适配器、三套凭据\n- **企业**：再加合作方 SFTP \u002F 财务 Google Drive \u002F 内网 SMB NAS。5+ 后端，审计要求各不相同\n\nPack 里挑的都是同时把四件事做对的：作用域（agent 根本看不到配置路径之外的东西）、默认只读（写权限按 server 显式打开）、结构化审计日志（每次调用都进可 grep 的文件）、凭据隔离（每个适配器持有自己的密钥，互不连坐）。\n\n## 安装顺序 —— 本地 → 云 → 传输 → 策略\n\n1. **先本地（#1-3）**。Filesystem MCP 指向一个项目目录起步。需要终端 + PDF\u002FDOCX 文本提取时上 Desktop Commander。用 MCP Reference Servers 当 host（Claude Code \u002F Cursor \u002F Codex CLI）的烟雾测试，验证 MCP 链路通了\n\n2. **再云桶（#4-6）**。本地验证完之后接 AWS MCP server 给 S3。再 Cloudflare Workers MCP 如果你的边缘缓存和资产在 R2 —— 同一个协议，不同存储层。Google Workspace MCP 如果 Drive 是工作流的一部分\n\n3. **再传输协议（#7-8）**。rclone（#7）本身不是 MCP server，但它是跨云万能拷贝工具 —— 通过 Desktop Commander 的 shell 暴露出来，agent 用熟悉的 CLI 获得 70+ 后端能力。SFTPGo（#8）是自托管 SFTP\u002FFTP\u002FWebDAV 服务器，给合作方一个接入点，agent 挂载每用户独立虚拟 fs\n\n4. **最后策略层（#9-10）**。Alist（#9）让 agent 通过一个 WebDAV 挂载点访问 30+ 云后端 —— 不想每个 provider 起一个 MCP server 时用它。AgentSeal（#10）是把整条链路包起来的审计 + ACL 工具箱，所有适配器调用进一份日志、走一套策略\n\n```bash\n# 接好的 agent host 长这样\n# ~\u002F.config\u002Fclaude\u002Fmcp.json\n{\n  \"mcpServers\": {\n    \"fs-local\":   { \"command\": \"npx\", \"args\": [\"-y\", \"@modelcontextprotocol\u002Fserver-filesystem\", \"$HOME\u002Fprojects\"] },\n    \"fs-aws\":     { \"command\": \"uvx\", \"args\": [\"awslabs.s3-mcp-server\"], \"env\": { \"AWS_PROFILE\": \"readonly\" } },\n    \"fs-r2\":      { \"command\": \"npx\", \"args\": [\"-y\", \"@cloudflare\u002Fmcp-server-workers\"] },\n    \"fs-drive\":   { \"command\": \"uvx\", \"args\": [\"workspace-mcp\"], \"env\": { \"GOOGLE_OAUTH_SCOPE\": \"drive.readonly\" } }\n  }\n}\n```\n\n4 个适配器 \u002F 4 个作用域 \u002F 4 套凭据。Agent 调 `fs-aws.list_objects` 或 `fs-drive.search_files`，剩下的协议自己处理。\n\n## 沙箱与权限作用域\n\n这个 pack 相对于「直接给 agent `aws` \u002F `rclone` \u002F `sftp` 裸 shell」最大的胜负手是**在协议边界上强制作用域**：\n\n- **Filesystem MCP** 启动时把允许的根目录作为位置参数传入。列表外的路径 agent 根本看不见 —— 不是写时被拦，是读时就不可见。`cat ~\u002F.ssh\u002Fid_rsa` 这种调用根本无法发起，因为 server 不暴露 `~`\n- **AWS MCP servers** 在显式 IAM role 下跑。正确的姿势是浏览用 `read-only` role，单独一个 `mcp-writer` role 只对一个 bucket 前缀有 `s3:PutObject`，写任务才切过去\n- **Cloudflare Workers MCP** 用 Worker 级绑定 —— R2 token 在 Worker（不是 agent）手里，agent 只能调 Worker 暴露的操作\n- **Google Workspace MCP** 用 OAuth scope。默认 `drive.readonly`；写场景下最小是 `drive.file`（按文件授权），比多数 quickstart 贴的全量 `drive` scope 窄得多\n- **SFTPGo** 把每个 agent 隔离到自己的虚拟 fs —— agent 以 `mcp-agent` 用户连接，只看到挂载的文件夹，看不到磁盘其他位置\n- **AgentSeal** 横跨整个栈，强制按工具的 ACL 加结构化审计。适配器原生日志不一致时尤其有用\n\n## 审计与撤销\n\nPack 里每个适配器都写到可 grep 的日志。组合姿势：\n\n```bash\ntail -f ~\u002F.tokrepo\u002Flogs\u002Ffs-*.log | tee ~\u002F.audit\u002F$(date +%F).jsonl\n```\n\n每个 session 一个 tail，每天一份文件。出事的时候 —— agent 删错了对象 \u002F 写错了路径 —— 你有调用、参数、结果、时间戳。再配上 S3 \u002F R2 侧的版本化桶（生命周期规则 → 30 天保留），几乎所有失误都能回滚。\n\n撤销是按适配器粒度：删 IAM role \u002F 轮换 OAuth refresh token \u002F 禁用 SFTPGo 用户 \u002F 杀 Worker binding。没有一个凭据能开多种后端，这是唯一能规模化的结构性保护。\n\n## 常见踩坑\n\n- **一个凭据通吃所有后端**。最大反模式就是个人 AWS access key 复用到所有 MCP server。每个适配器独立最小权限 role；混着用就把整个 pack 的意义都废了\n- **忘了 OAuth 刷新**。Google Workspace MCP 走 OAuth —— refresh token 6 个月不用会过期。挂个月度 cron 跑一次空调用，让 token 保持热的\n- **rclone 默认开了写权限**。rclone 尊重 remote 自身的权限，但配错了 remote（拿账号根密钥）agent 就能看见**所有** bucket。永远按任务建专用 remote，权限拧到最小\n- **SFTPGo 审计日志没轮转**。SFTPGo 日志很啰嗦，不轮转一个忙碌的 agent 一周打满磁盘。配 logrotate 或它内置的保留策略\n- **Alist 是单点失陷**。便利的代价 —— 一个 Alist 实例带着 10 个后端的凭据，一次入侵等于 10 个问题。Alist 放 VPN 后面，永远别暴露公网",[107,110,113,116,119],{"q":108,"a":109},"为什么不直接通过 shell 工具给 agent `aws` \u002F `rclone` \u002F `sftp` 裸 CLI？","两个原因。一是作用域：`aws s3 ls` 这种 shell 调用可以摸到凭据允许的任何 bucket —— MCP 适配器暴露的是定义好的工具表面，绑死在一个 role 或 bucket 上。二是审计：shell 输出是非结构化的，容易漏；适配器写结构化 JSON，带准确参数。一次性探索用 shell 没问题；任何重复或无人值守的操作，适配器赢。",{"q":111,"a":112},"这个 pack 替代 [文件系统 Agent + 本地操作](\u002Fzh\u002Fpacks\u002Ffilesystem-agent-local-ops) 那一个吗？","不，两者配套。本地 Ops 深挖个人文件工作流（Downloads 整理 \u002F 去重 \u002F 批量改名），用 Yazi \u002F ripgrep \u002F AGENTS.md \u002F Hooks。这个 pack 横切协议（S3 \u002F R2 \u002F Drive \u002F SFTP \u002F 多云）。典型工作站从两个 pack 都装 Filesystem MCP，再按团队栈加这里的云适配器。资产无重叠，但互为前提。",{"q":114,"a":115},"单个 agent 能同时调用 10 个适配器吗？","技术上可以 —— 所有支持 MCP 的 host（Claude Code \u002F Cursor \u002F Codex CLI \u002F Cline \u002F gptme）都允许并发挂多个 server。实操上 10 个太多：工具列表把 prompt 打爆，agent 会把相似的工具名搞混（`fs-aws.list` vs `fs-r2.list`），凭据管理也乱。按工作流挂 2-3 个就够。Pack 是自助餐，不是一顿饭。",{"q":117,"a":118},"大文件怎么处理 —— 比如 S3 上一个 5GB 视频？","MCP 适配器原生暴露元数据和小读取；大对象的正确姿势是 agent 发起预签名 URL 或 `cp` 指令，让传输在 server 端串流完成，永远不进 agent context。AWS MCP 和 Cloudflare Workers MCP 都支持预签名 URL 生成。rclone 直接在后端之间拷贝，不绕 agent。5GB 文件拉进 agent context —— 这是信用卡形状的错误。",{"q":120,"a":121},"只想让 Claude Code 用上 S3 的最小可行配置是什么？","三件事。一：装 AWS MCP servers（#4），用 S3 那个子 server。二：建一个 IAM role，只给 `s3:GetObject` + `s3:ListBucket`，限定一个 prefix，别的什么都没有。三：把这个 role 的凭据放进 `~\u002F.aws\u002Fcredentials` 一个命名 profile，MCP server 配置里引用。整个流程 20 分钟。跑通之后再单独建第二个 role 给具体写任务开写能力。只读是默认状态，不是起点。",{"@context":123,"@type":124,"name":13,"description":125,"numberOfItems":126,"publisher":127},"https:\u002F\u002Fschema.org","CollectionPage","10 个 MCP 文件系统适配器，覆盖本地磁盘 \u002F AWS S3 \u002F Cloudflare R2 \u002F Google Drive \u002F SFTP-FTP \u002F 多云网关，自带作用域、权限策略和审计日志。",10,{"@type":128,"name":129,"url":130},"Organization","TokRepo","https:\u002F\u002Ftokrepo.com",[132,136,140],{"url":133,"anchor":134,"reason":135},"\u002Fzh\u002Fpacks\u002Ffilesystem-agent-local-ops","文件系统 Agent + 本地操作","本地深度版（Downloads 整理 \u002F 去重 \u002F 批量改名）—— 同一个基础，不同焦点",{"url":137,"anchor":138,"reason":139},"\u002Fzh\u002Fpacks\u002Fmcp-database-connectors","MCP 数据库连接器","同一个 MCP 模式的数据库面 —— 同样的安全姿势，不同后端",{"url":141,"anchor":142,"reason":143},"\u002Fzh\u002Fpacks\u002Fmcp-server-stack","MCP Server Stack","更广的 MCP 工具箱，本 pack 是其中文件系统这一层（外加浏览器 \u002F GitHub \u002F memory）",[145,149,153],{"claim":146,"source_name":147,"source_url":148},"Model Context Protocol 标准","modelcontextprotocol.io","https:\u002F\u002Fmodelcontextprotocol.io",{"claim":150,"source_name":151,"source_url":152},"Anthropic 官方 MCP filesystem server（带作用域根目录）","modelcontextprotocol\u002Fservers","https:\u002F\u002Fgithub.com\u002Fmodelcontextprotocol\u002Fservers\u002Ftree\u002Fmain\u002Fsrc\u002Ffilesystem",{"claim":154,"source_name":155,"source_url":156},"AWS Labs 官方 MCP servers，含 S3 访问","awslabs\u002Fmcp","https:\u002F\u002Fgithub.com\u002Fawslabs\u002Fmcp",880,"2026-05-22T13:00:00Z"]