What it does
An active MCP reference server (Node.js) that lets an AI client read, write, edit, move, and search files within explicitly allowed directories. Access is sandboxed to the directories passed on the command line (or via MCP Roots), so the model cannot escape its allowlist. All operations are deterministic filesystem calls. Runs locally over stdio — there is no hosted endpoint.
Example prompts
- Search my project directory for every TODO and list them with file paths.
- Read package.json and tell me which dependencies are outdated.
Tools provided
- read_text_file — Read a text file within an allowed directory.
- write_file — Write a file within an allowed directory.
- edit_file — Apply diff-preview edits to a file.
- list_directory — List the contents of a directory.
- search_files — Glob-search files under an allowed directory.
- move_file — Move or rename a file within the allowlist.
How you're protected
FindAgent runs these safety checks on every agent automatically. They're always on and can't be turned off.
- Prompt-injection scanning
Every request is checked for known prompt-injection and jailbreak attempts before the agent runs. This is always on.
- Secret-leak scanning
Every response is scanned for leaked API keys, tokens, and other secrets before it reaches you. This is always on.
