Roots Primitive: Scoping What Files the Server Can Access
~10 min read
Roots lets the client define exactly what files a server can access, making interactions secured, sandboxed, and scoped — a boundary set by the client, not requested by the server.
Roots Primitive: Scoping What Files the Server Can Access is a Pro topic
Sign in, then upgrade to Pro or Power to unlock this topic and the full AI Engineering curriculum.
Key points
- •Roots lets the CLIENT define exactly what files a server can access — a client-set boundary, not a server request
- •This makes interactions secured, sandboxed, and scoped, rather than granting a server broad filesystem access
- •The book's example: a travel-booking server given access to one specific calendar directory, not the whole filesystem
- •Complements Resources: Resources define what a server offers as readable content; Roots defines what filesystem paths it's even allowed to reach
- •The client holds and enforces the actual access boundary — safer than trusting the server's own implementation to self-restrict