torbjorn/my-pal-mcp-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: add security section for file access configuration

Browse Source 
- Document that default access is to home directory
- Explain how to restrict access using MCP_PROJECT_ROOT
- Remove API key warning as requested (applies to all MCP servers)

This helps users understand the security model and how to configure
it for their specific needs.
This commit is contained in:
Fahad
2025-06-09 20:35:58 +04:00
parent e5f721a0d9
commit d6504cffac
1 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
README.md
View File

@@ -747,6 +747,20 @@ When using any Gemini tool, always provide absolute paths:
❌ "Use gemini to analyze ./src/main.py" (will be rejected)
```
### Security & File Access
By default, the server allows access to files within your home directory. This is necessary for the server to work with any file you might want to analyze from Claude.
**To restrict access to a specific project directory**, set the `MCP_PROJECT_ROOT` environment variable:
```json
"env": {
"GEMINI_API_KEY": "your-key",
"MCP_PROJECT_ROOT": "/Users/you/specific-project"
}
```
This creates a sandbox limiting file access to only that directory and its subdirectories.
## Installation
1. Clone the repository: