Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@MCP File Forgescaffold a new project from the web-app template in C:/Projects/my-app"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
At a Glance
MCP File Forge is a Model Context Protocol (MCP) server that gives AI agents sandboxed, policy-controlled access to the local file system. It ships 17 tools across five categories:
Category | Tools | Description |
Reading |
| Read files and directory listings |
Writing |
| Create, modify, copy, move, and delete |
Search |
| Find files by name pattern or content |
Metadata |
| Inspect size, timestamps, existence |
Scaffolding |
| Create projects from templates with variable substitution |
Key properties:
Sandboxed -- operations are restricted to explicitly allowed directories.
Read-only mode -- flip one env var to disable all write tools.
Symlink-safe -- symlink following is off by default to prevent sandbox escapes.
Windows-first -- designed for Windows paths and conventions, works everywhere.
Template engine --
{{var}}/${var}substitution plus path-level__var__renaming.
Installation
npm install -g @mcptoolshop/file-forgeOr run directly with npx:
npx @mcptoolshop/file-forgeClaude Desktop Configuration
Add the following to your claude_desktop_config.json:
{
"mcpServers": {
"file-forge": {
"command": "npx",
"args": ["-y", "@mcptoolshop/file-forge"],
"env": {
"MCP_FILE_FORGE_ALLOWED_PATHS": "C:/Projects,C:/Users/you/Documents"
}
}
}
}If you installed globally you can point directly at the binary:
{
"mcpServers": {
"file-forge": {
"command": "mcp-file-forge",
"env": {
"MCP_FILE_FORGE_ALLOWED_PATHS": "C:/Projects"
}
}
}
}Tool Reference
Reading
Tool | Description | Key Parameters |
| Read file contents |
|
| List directory entries |
|
| Batch-read multiple files |
|
Writing
Tool | Description | Key Parameters |
| Write or overwrite a file |
|
| Create a directory |
|
| Copy a file or directory |
|
| Move or rename |
|
| Delete a file or directory |
|
Search
Tool | Description | Key Parameters |
| Find files by glob pattern |
|
| Search file contents with regex |
|
| Literal text search (no regex) |
|
Metadata
Tool | Description | Key Parameters |
| File/directory statistics |
|
| Check existence and type |
|
| Directory size breakdown |
|
| Compare two paths |
|
Scaffolding
Tool | Description | Key Parameters |
| Create project from template |
|
| List available templates |
|
Full parameter documentation, examples, and error codes are in the HANDBOOK.md.
Environment Variables
Variable | Description | Default |
| Comma-separated list of allowed root directories |
|
| Comma-separated denied path glob patterns |
|
| Disable all write operations |
|
| Maximum file size in bytes |
|
| Maximum recursion depth |
|
| Allow following symlinks outside sandbox |
|
| Comma-separated template directories |
|
| Log verbosity ( |
|
| Path to a log file (in addition to stderr) | none |
Config File
Create mcp-file-forge.json (or .mcp-file-forge.json) in or above your working directory:
{
"sandbox": {
"allowed_paths": ["C:/Projects", "C:/Users/you/Documents"],
"denied_paths": ["**/secrets/**", "**/.env"],
"follow_symlinks": false,
"max_file_size": 52428800,
"max_depth": 20
},
"templates": {
"paths": ["./templates", "~/.mcp-file-forge/templates"]
},
"logging": {
"level": "info",
"file": "./logs/mcp-file-forge.log"
},
"read_only": false
}Configuration priority (highest wins):
Environment variables
Config file
Built-in defaults
Security
MCP File Forge enforces several layers of protection to keep AI agents from reaching outside their designated workspace:
Path sandboxing -- every path is resolved to an absolute path and checked against the
allowed_pathslist before any I/O occurs.Denied paths -- glob patterns that are blocked even within allowed directories (e.g.
**/secrets/**).Symlink protection -- symlinks are not followed by default; if a symlink target resolves outside the sandbox, the operation is denied.
Path traversal detection --
..sequences that would escape the sandbox are rejected.Size limits -- files larger than
max_file_sizeare refused to prevent memory exhaustion.Depth limits -- recursive operations are capped at
max_depthlevels.Read-only mode -- set
MCP_FILE_FORGE_READ_ONLY=trueto disablewrite_file,create_directory,copy_file,move_file,delete_file, andscaffold_project.Null-byte rejection -- paths containing
\0are refused.Windows long-path guard -- paths exceeding 32,767 characters are refused.
Documentation
Document | Description |
Deep-dive: security model, tool reference, templates, architecture, FAQ | |
Release history (Keep a Changelog format) | |
Internal planning and research notes |
Development
# Install dependencies
npm install
# Build
npm run build
# Watch mode
npm run dev
# Run tests
npm test
# Lint
npm run lintSecurity & Data Scope
MCP File Forge is an MCP server providing sandboxed file operations for AI agents.
Data accessed: Files within explicitly allowed directories only. Config files, template directories
Data NOT accessed: No cloud sync. No telemetry. No analytics. No data outside sandbox
Network: stdio transport only — no network listeners. No egress
No telemetry is collected or sent
Full policy: SECURITY.md
Scorecard
Category | Score |
A. Security | 10/10 |
B. Error Handling | 10/10 |
C. Operator Docs | 10/10 |
D. Shipping Hygiene | 10/10 |
E. Identity (soft) | 10/10 |
Overall | 50/50 |
License
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.