Grant File Access Safely

Quick start in 5 steps

1. Open Settings with Command-Comma.
2. Select Security Scopes.
3. Use the setup flow to add the files or folders MCP Studio should access.
4. Review the configured entries and remove anything unnecessary.
5. Click Save or Finish, then retry the script, attachment, resource, or tool operation.

Understand what Security Scopes do

MCP Studio is sandboxed, so file and folder operations need explicit user-granted access. Security Scopes store bookmarks for the selected locations and reuse them when the app needs to read or write those paths later.

• Use folder access for project directories you work with repeatedly.
• Use file access for a small number of stable reference files.
• Reopen Settings when a moved or renamed folder no longer resolves.

Keep access useful but limited

Grant the narrowest folder that still supports the workflow. For example, prefer a project folder over your whole home folder when a script only needs that project.

Common errors and quick fixes

• Permission denied: add the parent folder in Security Scopes, save, then retry.
• Moved folder fails: remove the stale entry and add the folder again at its new location.
• Save button is disabled: add or change at least one entry before saving.
• Script cannot access a build tool: use the non-sandboxed MCP Studio build when the workflow must execute tools outside sandbox allowances.

Next steps

• Use granted files in chat: Get Started: AI Chat
• Run file-aware scripts: Get Started: Editor
• Configure file tools: Get Started: Tools