Prerequisites

  • AnythingLLM v1.12.0+ (Desktop)

Security & Access Control

  • Default state: Disabled / No folder access.
  • Access model: Granular, folder-level read/write permissions.
  • Docker restriction: Agent cannot access paths outside /app/server/storage/anythingllm-fs/.

Docker Configuration

Bind host directories as subfolders inside the container’s /app/server/storage/anythingllm-fs/ path.

mkdir -p $STORAGE_LOCATION && \
touch "$STORAGE_LOCATION/.env" && \
docker run -d -p 3001:3001 \
--cap-add SYS_ADMIN \
-v ${STORAGE_LOCATION}:/app/server/storage \
-v ${STORAGE_LOCATION}/.env:/app/server/.env \
-v /home/ubuntu/Documents:/app/server/storage/anythingllm-fs/docs \
-v /home/ubuntu/Downloads:/app/server/storage/anythingllm-fs/downloads \
-v /home/ubuntu/special-folder/subfolder:/app/server/storage/anythingllm-fs/special-folder \
-v /home/ubuntu/readonly-folder:/app/server/storage/anythingllm-fs/readonly:ro \
-e STORAGE_DIR="/app/server/storage" \
mintplexlabs/anythingllm

Note: Use the :ro suffix to enforce read-only access at the OS level.

Desktop Configuration

  1. Open the Configuration menu.
  2. Navigate to the Skills config panel.
  3. Locate the Permissions section.
  4. Add specific host folders to grant the agent recursive read/write access.