refactor(mcpb): use directory type for filesystem config to clarify restricted access

jqnatividad · claude · jqnatividad · commit 9650fb41126c · 2026-01-07T16:30:24.000-05:00
Changed user_config fields to use 'directory' type to: 1. Provide directory picker UI instead of text fields 2. Signal to Claude Desktop that filesystem access is limited 3. Make restrictions explicit in field descriptions Changes to manifest.json: - working_dir: Changed type from 'string' to 'directory' * Required field (users must select a working directory) * Description now explicitly states access is restricted * Default changed to ${DOWNLOADS} variable - allowed_dirs: Changed type from 'string' to 'directory' * Added 'multiple: true' to allow selecting multiple directories * Description clarifies extension access is restricted to these dirs * No default (users explicitly choose additional access) Changes to config.ts: - Updated allowedDirs parsing to handle both: * JSON array format (from directory type with multiple: true) * Delimited string format (legacy MCP mode) - Maintains backward compatibility with colon/semicolon separated paths This improves transparency about the restricted filesystem access scope, though the "grant access to everything" warning may still appear as it's controlled by Claude Desktop, not the manifest. Regenerated qsv-mcp-server.mcpb. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
diff --git a/.claude/skills/manifest.json b/.claude/skills/manifest.json
@@ -61,18 +61,18 @@
       "default": "qsv"
     },
     "working_dir": {
-      "type": "string",
+      "type": "directory",
       "title": "Default Working Directory",
-      "description": "Directory where qsv commands run by default",
-      "required": false,
-      "default": "${HOME}/Downloads"
+      "description": "Directory where qsv commands run by default. Extension only accesses files within this directory and allowed directories below.",
+      "required": true,
+      "default": "${DOWNLOADS}"
     },
     "allowed_dirs": {
-      "type": "string",
+      "type": "directory",
       "title": "Allowed Directories",
-      "description": "Colon-separated (Linux/Mac) or semicolon-separated (Windows) paths where qsv can access files. Leave empty to allow all directories.",
+      "description": "Additional directories where qsv can access files. Extension access is restricted to working directory and these directories only.",
       "required": false,
-      "default": "${HOME}/Downloads:${HOME}/Documents"
+      "multiple": true
     },
     "timeout_ms": {
       "type": "number",
diff --git a/.claude/skills/qsv-mcp-server.mcpb b/.claude/skills/qsv-mcp-server.mcpb
diff --git a/.claude/skills/src/config.ts b/.claude/skills/src/config.ts
@@ -165,10 +165,29 @@ export const config = {
   workingDir: getStringEnv('QSV_MCP_WORKING_DIR', process.cwd()),
 
   /**
-   * Allowed directories for file access (colon-separated on Unix, semicolon on Windows)
+   * Allowed directories for file access
+   * Can be either:
+   * - Colon/semicolon-separated paths (legacy MCP)
+   * - JSON array (Desktop extension with directory type)
    * Default: Empty array (only working directory allowed)
    */
-  allowedDirs: getStringArrayEnv('QSV_MCP_ALLOWED_DIRS', [], getPathDelimiter()),
+  allowedDirs: (() => {
+    const envValue = process.env['QSV_MCP_ALLOWED_DIRS'];
+    if (!envValue) return [];
+
+    // Try parsing as JSON array first (Desktop extension mode)
+    try {
+      const parsed = JSON.parse(envValue);
+      if (Array.isArray(parsed)) {
+        return parsed.map(p => expandTemplateVars(p));
+      }
+    } catch {
+      // Not JSON, treat as delimited string
+    }
+
+    // Fall back to delimited string (legacy MCP mode)
+    return getStringArrayEnv('QSV_MCP_ALLOWED_DIRS', [], getPathDelimiter());
+  })(),
 
   /**
    * Maximum size for converted file cache in GB
