Secure MCP Filesystem Access
Policy
deny:
- capability: filesystem.delete
require_approval:
- capability: filesystem.write
path_prefix: "/data/prod"
allow:
- capability: filesystem.read
- capability: filesystem.list
- capability: filesystem.write
path_prefix: "/data/staging"Integration
from capfence.mcp.gateway import MCPGatewayServer
MCPGatewayServer(
upstream_command=["python", "-m", "mcp_server_filesystem", "/data"],
policy_path="policies/mcp.yaml",
agent_id="mcp-agent",
).run()Expected result
- Deletes are blocked.
- Writes to
/data/prodrequire approval. - Reads and writes to
/data/stagingare allowed.