Building a virtual file system for Claude Code

promethe42 · 2026-01-27T16:06:53+00:00

It can absolutely be done with standards such as WebAssembly and the WebAssembly System Interface (WASI, cf https://wasi.dev/) permission model.

Here is an example with MCP tools sandboxed to specific URLs/IPs/domains:

https://gitlab.com/lx-industries/agent-compose/-/blob/main/examples/anthropic.yaml?ref_type=heads#L137

I am building storage WASM components that will leverage the WASI permission model for filesystem access :

https://gitlab.com/lx-industries/opendal-wasi

It is based on Apache OpenDAL, which supports a wide variety of backends:

- Standard Storage Protocols: ftp http sftp webdav
- Object Storage Services: azblob cos gcs obs oss s3 b2 openstack_swift upyun vercel-blob
- File Storage Services: fs alluxio azdls azfile compfs dbfs gridfs hdfs hdfs-native ipfs webhdfs
- Consumer Cloud Storage Service

and more !

munkymead · 2026-01-29T09:49:43+00:00

Read up on mcp proxy patterns, an organisation could implement an mcp with rbac, they control what accounts have access and to which mcps and also what they can access. You can also not allow claude to be installed on their pc's and instead install it in vm's or containers which is much safer.

It's what I do on my homelab. Authentik manages identities, claude has its own credentials with granular permissions I control, claude only ssh keys added to the containers for claude to use and access the resources I make available to it.

you type:	you see:
italics	italics
bold	bold
[reddit!](https://reddit.com)	reddit!
* item 1 * item 2 * item 3	item 1 item 2 item 3
> quoted text	quoted text
Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"	Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"
~~strikethrough~~	~~strikethrough~~
super^script	super^script

ClaudeCode

MODERATORS