A Coven-native MCP server for filesystem and web operations.
coven-reach is an original Rust implementation of a Model Context Protocol server designed for the OpenCoven ecosystem. It gives any familiar β Charm, Kitty, Cody, or any agent β access to the local filesystem and the web through a clean, harness-agnostic interface.
Harness-agnostic.
coven-reachis a standalone binary. It speaks MCP over stdio and works with any MCP client β OpenClaw, Claude Code, Cursor, or anything else that speaks JSON-RPC 2.0.
| Tool | Operations |
|---|---|
reach_read |
Read files (text/base64), fetch URLs as markdown/text, metadata, file diff, checksums |
reach_write |
Put, mkdir, copy, move, delete, touch, archive (zip/tar.gz), unarchive |
reach_list |
Directory listing with recursive depth, size totals, server capabilities |
reach_find |
Advanced search: glob, content regex, size/date/MIME filters |
reach_familiar |
π List OpenCoven familiars from ~/.openclaw/workspace |
reach_secret_check |
π Scan files for leaked secrets β reports locations, never values |
Coven-specific additions over a generic MCP filesystem tool:
reach_familiarβ introspect your Coven workspace: familiars, their identity, session counts, memory statereach_secret_checkβ pre-commit/pre-push secret scanning using the same pattern categories ascoven-cli's privacy redaction; values are never included in output, only file:line locations- Batch operations β pass arrays of sources/entries, get per-item results
- Path allowlist enforcement via
COVEN_REACH_ALLOWED_PATHS - Read-only mode via
COVEN_REACH_READ_ONLY
cargo install --git https://github.com/OpenCoven/coven-reachOr build from source:
git clone https://github.com/OpenCoven/coven-reach
cd coven-reach
cargo build --release
# binary at target/release/coven-reachAdd to your openclaw.toml or the MCP client config:
{
"mcpServers": {
"reach": {
"command": "coven-reach",
"env": {
"COVEN_REACH_ALLOWED_PATHS": "~/Documents:~/Projects:/tmp",
"COVEN_REACH_READ_ONLY": "false"
}
}
}
}| Environment variable | Default | Description |
|---|---|---|
COVEN_REACH_ALLOWED_PATHS |
~:/tmp |
Colon-separated list of allowed root paths. Paths outside this list are rejected. |
COVEN_REACH_READ_ONLY |
false |
Set to true to disable all write operations. |
Paths are resolved to their canonical form before checking. Symlinks are followed and the resolved target must also be within allowed roots.
Read files or fetch URLs.
{
"operation": "content",
"sources": ["~/notes.md", "https://example.com/article"],
"format": "markdown"
}Operations:
contentβ read file astext(default),base64, ormarkdown(URL: HTML β markdown); supportsoffset/lengthfor partial readsmetadataβ stat a file or HEAD a URLdiffβ unified diff between exactly two file pathschecksumβsha256(default),sha512, ormd5
Filesystem mutations. Disabled when COVEN_REACH_READ_ONLY=true.
{
"operation": "put",
"entries": [
{ "path": "~/notes/todo.md", "content": "# TODO\n", "write_mode": "overwrite" }
]
}Operations: put, mkdir, copy, move, delete, touch, archive, unarchive
Archive formats: zip, tar.gz / tgz
{ "operation": "entries", "path": "~/Projects", "recursive_depth": 2, "calculate_recursive_size": true }Operations:
entriesβ directory listing with optional recursion and size totalssystem_infoβ server capabilities, allowed paths, version info
Advanced file search with AND logic across all criteria.
{
"path": "~/Projects",
"name_pattern": "*.{rs,ts}",
"content_pattern": "TODO|FIXME",
"content_is_regex": true,
"content_case_sensitive": false,
"modified_after": "2026-01-01T00:00:00Z",
"max_results": 50
}Parameters: path, recursive, name_pattern (glob with {a,b} support), case_sensitive, content_pattern, content_is_regex, content_case_sensitive, file_extensions, size_min, size_max, modified_after, modified_before, created_after, created_before, entry_type (file/directory/any), mime_type, max_results
List all OpenCoven familiars from your workspace. No auth required, read-only.
{}Returns: name, creature, vibe, emoji, workspace path, session count, memory state, last memory update.
Scan for leaked secrets. Patterns cover: private keys, bearer tokens, OpenAI/Anthropic/GitHub keys, env var assignments, URL tokens.
{
"sources": ["~/Projects/my-app"],
"recursive": true,
"file_extensions": [".env", ".ts", ".rs", ".json"]
}Important: Secret values are never included in output. Only file:line:col locations and the pattern category are returned.
- All paths are resolved to absolute form and checked against
COVEN_REACH_ALLOWED_PATHSbefore any operation - Symlinks are followed and the resolved target must also be within allowed roots
reach_secret_checkreports secret locations only β matched values are never serialized- No unsafe code
cargo build
cargo test --test integration -- --test-threads=1
cargo clippy -- -D warningscoven-reach is part of the OpenCoven ecosystem β an open framework for persistent AI familiars with memory, identity, and tools.
covenβ Coven daemon + harness substrate@opencoven/channelsβ Channel connectors (Discord, etc.)cast-codesβ CastCodes editor
MIT License Β© OpenCoven Contributors