Roots
Roots are the "base directories" or workspaces that an MCP client explicitly shares with a server. This is primarily used by tools that perform file system operations (e.g., searching code or reading logs).
How it works
- Client Provisioning: The client provides a list of
rootsduring initialization or via theclient/roots/list_changednotification. - Server Scoping: The server uses these roots to know which parts of the user's file system it is allowed to interact with.
Roots prevent an AI server from accidentally accessing sensitive files outside of the intended project scope.
Questions & Answers
What are "Roots" in the context of an MCP client-server relationship?
Roots are specific directories or files that an MCP client explicitly shares with a server. They define the "workspace" that a server is permitted to access when performing operations like searching code or reading logs.
How does a client inform a server about its root directories?
The client provides a list of roots during the initial handshake (initialization). it can also send a client/roots/list_changed notification if the scope of the shared workspace changes during a session.
What is the primary security benefit of using roots to scope server access?
Roots provide an essential security layer by confining the AI server to a predefined project scope. This prevents the server from accidentally reading or modifying sensitive files outside of the directories explicitly shared by the user.