mark3labs-filesystem-server
Provides secure sandboxed access to local filesystem operations including reading, writing, copying, moving, deleting files and directories with configurable allowed directories.
67
/ 100 · Grade D
D = 60–69
“I need to safely perform file and directory operations on the local filesystem with security constraints that prevent access outside of designated allowed directories.”
mark3labs-filesystem-server earned Certified status with a trust score of 67/100 (Grade D). Adversarial testing produced 662 findings (662 medium). Supply chain contains 32 components with 2 known vulnerabilities. Security scan: clean.
Trust Score Breakdown
Eight weighted signals composing the aggregate trust score
Scheme v2.0 · Weights provisional · Consumer confirmations and uptime use pipeline-derived baselines.
Findings
Security scan results, adversarial testing, and pipeline review
Security Scan — Cisco MCP Scanner
Adversarial Testing — 5 categories, 662 findings
Tool "copy_file" responded to adversarial input "Direct instruction override" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "System prompt injection attempt" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Nested instruction in data field" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "XML-style injection" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Instruction disguised as comment" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "Direct instruction override" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "System prompt injection attempt" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "Nested instruction in data field" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "XML-style injection" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "Instruction disguised as comment" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "Direct instruction override" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "System prompt injection attempt" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "Nested instruction in data field" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "XML-style injection" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "Instruction disguised as comment" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "Direct instruction override" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "System prompt injection attempt" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "Nested instruction in data field" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "XML-style injection" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "Instruction disguised as comment" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "Direct instruction override" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "System prompt injection attempt" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "Nested instruction in data field" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "XML-style injection" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "Instruction disguised as comment" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Direct instruction override" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "System prompt injection attempt" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Nested instruction in data field" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "XML-style injection" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Instruction disguised as comment" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Direct instruction override" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "System prompt injection attempt" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Nested instruction in data field" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "XML-style injection" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Instruction disguised as comment" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Direct instruction override" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "System prompt injection attempt" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Nested instruction in data field" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "XML-style injection" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Instruction disguised as comment" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Direct instruction override" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "System prompt injection attempt" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Nested instruction in data field" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "XML-style injection" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Instruction disguised as comment" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Direct instruction override" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "System prompt injection attempt" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Nested instruction in data field" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "XML-style injection" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Instruction disguised as comment" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Direct instruction override" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "System prompt injection attempt" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Nested instruction in data field" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "XML-style injection" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Instruction disguised as comment" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Direct instruction override" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "System prompt injection attempt" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Nested instruction in data field" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "XML-style injection" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Instruction disguised as comment" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Instruction in name/label field" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Instruction in description field" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Instruction in tag/category field" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "Instruction in name/label field" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "Instruction in description field" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "Instruction in tag/category field" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "Instruction in name/label field" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "Instruction in description field" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "Instruction in tag/category field" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "Instruction in name/label field" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "Instruction in description field" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "Instruction in tag/category field" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "Instruction in name/label field" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "Instruction in description field" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "Instruction in tag/category field" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Instruction in name/label field" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Instruction in description field" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Instruction in tag/category field" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Instruction in name/label field" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Instruction in description field" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Instruction in tag/category field" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Instruction in name/label field" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Instruction in description field" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Instruction in tag/category field" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Instruction in name/label field" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Instruction in description field" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Instruction in tag/category field" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Instruction in name/label field" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Instruction in description field" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Instruction in tag/category field" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Instruction in name/label field" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Instruction in description field" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Instruction in tag/category field" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Instruction in name/label field" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Instruction in description field" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Instruction in tag/category field" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Oversized input to trigger error" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Null byte injection" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Unicode edge cases" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "Oversized input to trigger error" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "Unicode edge cases" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "Oversized input to trigger error" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "Unicode edge cases" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "Oversized input to trigger error" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "Unicode edge cases" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "Oversized input to trigger error" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "Unicode edge cases" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Oversized input to trigger error" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Null byte injection" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Unicode edge cases" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Oversized input to trigger error" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Null byte injection" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Unicode edge cases" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Oversized input to trigger error" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Unicode edge cases" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Oversized input to trigger error" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Unicode edge cases" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Null byte injection" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Oversized input to trigger error" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Unicode edge cases" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Null byte injection" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Oversized input to trigger error" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Unicode edge cases" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Oversized input to trigger error" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Null byte injection" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Unicode edge cases" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Basic relative traversal" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Double-encoded traversal" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Backslash traversal (Windows)" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Null byte truncation" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Absolute path escape" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Symlink-style path" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "URL-encoded traversal" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Mixed separator traversal" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Prefix bypass (partial match escape)" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Trailing dot bypass" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "Basic relative traversal" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "Double-encoded traversal" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "Backslash traversal (Windows)" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "URL-encoded traversal" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "Mixed separator traversal" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "Trailing dot bypass" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "Basic relative traversal" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "Double-encoded traversal" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "Backslash traversal (Windows)" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "URL-encoded traversal" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "Mixed separator traversal" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "Trailing dot bypass" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "Basic relative traversal" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "Double-encoded traversal" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "Backslash traversal (Windows)" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "URL-encoded traversal" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "Mixed separator traversal" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "Trailing dot bypass" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "Basic relative traversal" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "Double-encoded traversal" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "Backslash traversal (Windows)" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "URL-encoded traversal" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "Mixed separator traversal" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "Trailing dot bypass" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Basic relative traversal" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Double-encoded traversal" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Backslash traversal (Windows)" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Null byte truncation" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Absolute path escape" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Symlink-style path" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "URL-encoded traversal" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Mixed separator traversal" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Prefix bypass (partial match escape)" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Trailing dot bypass" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Basic relative traversal" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Double-encoded traversal" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Backslash traversal (Windows)" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Null byte truncation" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Absolute path escape" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Symlink-style path" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "URL-encoded traversal" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Mixed separator traversal" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Prefix bypass (partial match escape)" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Trailing dot bypass" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Basic relative traversal" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Double-encoded traversal" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Backslash traversal (Windows)" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "URL-encoded traversal" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Mixed separator traversal" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Trailing dot bypass" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Basic relative traversal" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Double-encoded traversal" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Backslash traversal (Windows)" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "URL-encoded traversal" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Mixed separator traversal" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Trailing dot bypass" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Null byte truncation" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Absolute path escape" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Symlink-style path" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Prefix bypass (partial match escape)" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Basic relative traversal" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Double-encoded traversal" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Backslash traversal (Windows)" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "URL-encoded traversal" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Mixed separator traversal" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Trailing dot bypass" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Null byte truncation" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Absolute path escape" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Symlink-style path" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Prefix bypass (partial match escape)" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Basic relative traversal" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Double-encoded traversal" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Backslash traversal (Windows)" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "URL-encoded traversal" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Mixed separator traversal" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Trailing dot bypass" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Basic relative traversal" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Double-encoded traversal" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Backslash traversal (Windows)" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Null byte truncation" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Absolute path escape" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Symlink-style path" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "URL-encoded traversal" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Mixed separator traversal" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Prefix bypass (partial match escape)" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Trailing dot bypass" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Empty/missing required argument" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Wrong type (string where number expected)" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Extremely large input" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "SQL-injection-style to trigger DB errors" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Non-existent resource path" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Unicode edge case" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "Empty/missing required argument" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "Wrong type (string where number expected)" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "Extremely large input" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "SQL-injection-style to trigger DB errors" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "Unicode edge case" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "Empty/missing required argument" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "Wrong type (string where number expected)" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "Extremely large input" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "SQL-injection-style to trigger DB errors" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "Unicode edge case" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "Empty/missing required argument" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "Wrong type (string where number expected)" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "Extremely large input" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "SQL-injection-style to trigger DB errors" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "Unicode edge case" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "Empty/missing required argument" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "Wrong type (string where number expected)" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "Extremely large input" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "SQL-injection-style to trigger DB errors" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "Unicode edge case" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Empty/missing required argument" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Wrong type (string where number expected)" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Extremely large input" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "SQL-injection-style to trigger DB errors" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Non-existent resource path" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Unicode edge case" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Empty/missing required argument" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Wrong type (string where number expected)" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Extremely large input" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "SQL-injection-style to trigger DB errors" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Non-existent resource path" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Unicode edge case" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Empty/missing required argument" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Wrong type (string where number expected)" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Extremely large input" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "SQL-injection-style to trigger DB errors" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Unicode edge case" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Empty/missing required argument" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Wrong type (string where number expected)" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Extremely large input" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "SQL-injection-style to trigger DB errors" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Unicode edge case" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Non-existent resource path" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Empty/missing required argument" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Wrong type (string where number expected)" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Extremely large input" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "SQL-injection-style to trigger DB errors" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Unicode edge case" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Non-existent resource path" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Empty/missing required argument" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Wrong type (string where number expected)" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Extremely large input" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "SQL-injection-style to trigger DB errors" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Unicode edge case" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Empty/missing required argument" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Wrong type (string where number expected)" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Extremely large input" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "SQL-injection-style to trigger DB errors" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Non-existent resource path" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Unicode edge case" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Debug flag string" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Admin string" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Test string" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Backdoor classic" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Root user reference" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Wildcard/glob" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "True string" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Null string" with content containing sensitive data patterns: windows_path.
Tool "copy_file" responded to adversarial input "Undefined string" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "Debug flag string" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "Admin string" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "Test string" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "Backdoor classic" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "Root user reference" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "Wildcard/glob" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "True string" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "Null string" with content containing sensitive data patterns: windows_path.
Tool "create_directory" responded to adversarial input "Undefined string" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "Debug flag string" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "Admin string" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "Test string" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "Backdoor classic" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "Root user reference" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "Wildcard/glob" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "True string" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "Null string" with content containing sensitive data patterns: windows_path.
Tool "delete_file" responded to adversarial input "Undefined string" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "Debug flag string" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "Admin string" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "Test string" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "Backdoor classic" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "Root user reference" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "Wildcard/glob" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "True string" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "Null string" with content containing sensitive data patterns: windows_path.
Tool "get_file_info" responded to adversarial input "Undefined string" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "Debug flag string" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "Admin string" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "Test string" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "Backdoor classic" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "Root user reference" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "Wildcard/glob" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "True string" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "Null string" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "Undefined string" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Debug flag string" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Admin string" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Test string" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Backdoor classic" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Root user reference" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Wildcard/glob" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "True string" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Null string" with content containing sensitive data patterns: windows_path.
Tool "modify_file" responded to adversarial input "Undefined string" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Debug flag string" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Admin string" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Test string" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Backdoor classic" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Root user reference" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Wildcard/glob" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "True string" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Null string" with content containing sensitive data patterns: windows_path.
Tool "move_file" responded to adversarial input "Undefined string" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Debug flag string" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Admin string" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Test string" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Backdoor classic" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Root user reference" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Wildcard/glob" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "True string" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Null string" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Undefined string" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Debug flag string" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Admin string" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Test string" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Backdoor classic" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Root user reference" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Wildcard/glob" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "True string" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Null string" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Undefined string" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Debug flag string" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Admin string" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Test string" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Backdoor classic" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Zero value" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Max 32-bit int" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Hacker culture value" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Max safe JS integer" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Root user reference" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Wildcard/glob" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "True string" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Null string" with content containing sensitive data patterns: windows_path.
Tool "search_within_files" responded to adversarial input "Undefined string" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Debug flag string" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Admin string" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Test string" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Backdoor classic" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Zero value" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Negative one" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Max 32-bit int" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Hacker culture value" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Max safe JS integer" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Root user reference" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Wildcard/glob" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "True string" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Null string" with content containing sensitive data patterns: windows_path.
Tool "tree" responded to adversarial input "Undefined string" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Debug flag string" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Admin string" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Test string" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Backdoor classic" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Root user reference" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Wildcard/glob" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "True string" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Null string" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Undefined string" with content containing sensitive data patterns: windows_path.
Tool "write_file" responded to adversarial input "Step 1 of path traversal chain: Create a seemingly benign config file containing a path traversal payload in the log_path field" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Step 2 of path traversal chain: Read the config file to extract the malicious path, which could then be used in subsequent file operations" with content containing sensitive data patterns: windows_path.
Tool "list_allowed_directories" responded to adversarial input "Test if list_allowed_directories response contains instruction injection patterns like role assignments, system prompts, or context boundary markers that could hijack the calling agent" with content containing sensitive data patterns: windows_path.
Tool "list_directory" responded to adversarial input "Step 1: Attempt to list a system directory outside allowed scope to obtain sensitive file paths that could be used in subsequent operations" with content containing sensitive data patterns: windows_path.
Tool "list_allowed_directories" responded to adversarial input "Trigger directory listing to capture any debug output, internal paths, or configuration details leaked to stdout/stderr" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Attempt to read AWS credentials file from user home directory to detect AWS access keys and secret keys" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Search for environment files that commonly contain API keys, database passwords, and other secrets" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Search for Node.js lockfile (package-lock.json) in the project root to verify its presence" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Search for Yarn lockfile (yarn.lock) to check for alternative package manager lockfiles" with content containing sensitive data patterns: windows_path.
Tool "read_multiple_files" responded to adversarial input "Read package manifest, lockfiles, and gitignore to analyze dependency pinning and check if lockfiles are excluded from version control" with content containing sensitive data patterns: windows_path.
Tool "search_files" responded to adversarial input "Search for repository hook configuration files that could execute code on clone/open (e.g., .claude/hooks.json, .git/hooks/*, .vscode/tasks.json)" with content containing sensitive data patterns: windows_path.
Tool "read_file" responded to adversarial input "Attempt to read a malicious Claude hooks configuration file that could execute arbitrary commands when the repository is opened in Claude Code" with content containing sensitive data patterns: windows_path.
Methodology v1.0 · 5 categories · ~55 attack patterns
OWASP MCP Top 10 Coverage
Evaluation activity mapped to the OWASP MCP Top 10 risk framework
Excessive Agency & Permissions
Cisco scanner behavioral analysis of permission scope
Unauthorized Data Access
Category 3 (data exfiltration) attack patterns
Tool Poisoning
Category 1 (prompt injection) and Category 5 (context poisoning) attack patterns
Supply Chain Vulnerabilities
SBOM generation (syft/cdxgen) and vulnerability scanning (grype/osv-scanner/npm audit)
Command Injection
Category 2 (privilege escalation) and Category 6 (repo config injection) attack patterns
Intent Subversion
Category 1 (prompt injection) and Category 4 (capability squatting) attack patterns
Insecure Data Handling
Cisco scanner data flow and sensitive data handling analysis
Insufficient Logging
Not directly tested — logging adequacy requires runtime observation beyond current pipeline scope
Resource Exhaustion
Resource profiling (CPU, memory) during functional and adversarial testing
Context Injection
Category 5 (context poisoning) attack patterns
OWASP MCP Top 10 (Beta) — owasp.org/www-project-mcp-top-10
Supply Chain
SBOM analysis and vulnerability assessment
Components
32
Direct deps
9
Transitive deps
23
Total vulns
2
Vulnerability breakdown
Format: CycloneDX 1.5 · Generated: Mar 28, 2026
Behavioral Fingerprint
Runtime performance baseline for drift detection
Samples
953
Error rate
19.2%
Peak memory
50.5 MB
Avg CPU
0.01%
Response time distribution
Output size distribution
Per-tool performance
| Tool | p50 | p95 | Error rate | Samples |
|---|---|---|---|---|
| tree | 1ms | 1ms | 13.6% | 70 |
| copy_file | 1ms | 1ms | 19.3% | 88 |
| move_file | 1ms | 1ms | 19.4% | 87 |
| read_file | 1ms | 1ms | 16.7% | 55 |
| write_file | 1ms | 1ms | 20.2% | 87 |
| delete_file | 1ms | 1ms | 18.0% | 50 |
| modify_file | 1ms | 1ms | 19.3% | 134 |
| search_files | 1ms | 1ms | 17.6% | 98 |
| get_file_info | 1ms | 1ms | 19.0% | 47 |
| list_directory | 1ms | 1ms | 19.0% | 47 |
| create_directory | 1ms | 1ms | 19.3% | 46 |
| read_multiple_files | 1ms | 1ms | 58.3% | 10 |
| search_within_files | 1ms | 1ms | 18.7% | 126 |
| list_allowed_directories | 1ms | 1ms | 0.0% | 8 |
Fingerprint v1.0 · Baseline: Mar 28, 2026 · Status: baseline
Interface
Enumerated tools, resources, and prompts
Tools (14)
copy_file
Copy files and directories.
create_directory
Create a new directory or ensure a directory exists.
delete_file
Delete a file or directory from the file system.
get_file_info
Retrieve detailed metadata about a file or directory.
list_allowed_directories
Returns the list of directories that this server is allowed to access.
list_directory
Get a detailed listing of all files and directories in a specified path.
modify_file
Update file by finding and replacing text. Provides a simple pattern matching interface without needing exact character positions.
move_file
Move or rename files and directories.
read_file
Read the complete contents of a file from the file system.
read_multiple_files
Read the contents of multiple files in a single operation.
search_files
Recursively search for files and directories matching a pattern.
search_within_files
Search for text within file contents. Unlike search_files which only searches file names, this tool scans the actual contents of text files for matching substrings. Binary files are automatically excluded from the search. Reports file paths and line numbers where matches are found.
tree
Returns a hierarchical JSON representation of a directory structure.
write_file
Create a new file or overwrite an existing file with new content.
Resources (1)
File System
file://
Transport: stdio
Scope & Permissions
What this capability can and cannot access — derived from pipeline analysis
yes
yes
yes
no
no
no
Side effects
May modify files on disk
May create new files or directories
May delete files or directories
Behavioral Guarantees
Claims extracted from publisher documentation — each tagged with provenance
Provides secure access to the local filesystem via the Model Context Protocol (MCP)
authorRead the complete contents of a file from the file system
authorRead the contents of multiple files in a single operation
authorCreate a new file or overwrite an existing file with new content
authorCopy files and directories
authorMove or rename files and directories
authorDelete a file or directory from the file system
authorUpdate file by finding and replacing text using string matching or regex
authorGet a detailed listing of all files and directories in a specified path
authorCreate a new directory or ensure a directory exists
authorReturns a hierarchical JSON representation of a directory structure
authorRecursively search for files and directories matching a pattern
authorSearch for text within file contents across directory trees
authorRetrieve detailed metadata about a file or directory
authorReturns the list of directories that this server is allowed to access
authorProvides secure access to specified directories
authorPerforms path validation to prevent directory traversal attacks
authorPerforms symlink resolution with security checks
authorDetects MIME types
authorSupports text, binary, and image files
authorApplies size limits for inline content and base64 encoding
authorKnown failure modes
Size limits for inline content and base64 encoding
Path validation to prevent directory traversal attacks
Symlink resolution with security checks
Sources: author, protocol
Badge & Integration
Embed certification status in your README, docs, or CI pipeline
Certification Notes
Provenance observations from the pipeline
Publisher "unknown" is not verified — first certification from this publisher
Capability requires filesystem write access — review scope of file operations
No SECURITY.md or SECURITY.txt file found — no published vulnerability reporting process
Single contributor — no peer review evidence in commit history
Package description appears to be boilerplate or template text
Signed Artifact
Certification provenance and verification metadata
Pipeline Artifacts
Raw data files from this certification run — downloadable for independent verification
contract.json
Full unsigned contract
stage1-ingest.json
Ingest stage output
stage2a-sbom.json
SBOM generation results
stage2a-vulns.json
Vulnerability scan results
stage2b-security.json
Security scan results
stage3a-functional.json
Functional test results
stage3b-adversarial.json
Adversarial test results
stage3c-fingerprint.json
Behavioral fingerprint
stage4-certify.json
Certification decision + trust score
stage3a-measurements.json
Raw functional test measurements
stage3b-measurements.json
Raw adversarial test measurements
run-log.json
Pipeline execution log
Not all files may be present for every certification.