Roots Primitive: Scoping What Files the Server Can Access

~10 min read

Roots lets the client define exactly what files a server can access, making interactions secured, sandboxed, and scoped — a boundary set by the client, not requested by the server.

Roots Primitive: Scoping What Files the Server Can Access is a Pro topic

Sign in, then upgrade to Pro or Power to unlock this topic and the full AI Engineering curriculum.

Key points

  • Roots lets the CLIENT define exactly what files a server can access — a client-set boundary, not a server request
  • This makes interactions secured, sandboxed, and scoped, rather than granting a server broad filesystem access
  • The book's example: a travel-booking server given access to one specific calendar directory, not the whole filesystem
  • Complements Resources: Resources define what a server offers as readable content; Roots defines what filesystem paths it's even allowed to reach
  • The client holds and enforces the actual access boundary — safer than trusting the server's own implementation to self-restrict