Path Based Access Control With Allowed Directory Enforcement

via “path-based access control with allowed directory enforcement”

** - Advanced filesystem operations with large file handling capabilities and Claude-optimized features. Provides fast file reading/writing, sequential reading for large files, directory operations, file search, and streaming writes with backup & recovery.

Unique: Implements symlink-aware path normalization that resolves all symlinks before validation, preventing escape attacks where symlinks point outside allowed directories, combined with per-operation validation in all 42+ tool handlers

vs others: More robust than simple string prefix matching (which fails with symlinks) and more practical than OS-level capabilities (which require elevated privileges) while maintaining zero-trust validation on every operation