
Security News
Risky Biz Podcast: AI Agents Are Raising the Stakes for Software Supply Chain Security
Open source attacks are accelerating as AI coding agents pull in dependencies faster, with less human review.
@mastra/files-sdk
Advanced tools
Affected versions:
FilesSDK filesystem provider for Mastra workspaces — unified storage across S3, R2, GCS, Azure, Vercel Blob, and more
Unified storage filesystem provider for Mastra workspaces, powered by FilesSDK. Works with any FilesSDK adapter — S3, Cloudflare R2, Google Cloud Storage, Azure Blob, Vercel Blob, local filesystem, and more.
npm install @mastra/files-sdk files-sdk
Then install the FilesSDK adapter for your storage backend:
# AWS S3 / R2 / MinIO / DigitalOcean Spaces
npm install @aws-sdk/client-s3 @aws-sdk/s3-presigned-post @aws-sdk/s3-request-presigner
# Google Cloud Storage
npm install @google-cloud/storage google-auth-library
# Azure Blob Storage
npm install @azure/storage-blob @azure/core-auth @azure/identity
# Vercel Blob
npm install @vercel/blob
# Local filesystem (dev/test)
# No extra dependencies needed
import { Agent } from '@mastra/core/agent';
import { Workspace } from '@mastra/core/workspace';
import { FilesSDKFilesystem } from '@mastra/files-sdk';
import { Files } from 'files-sdk';
import { s3 } from 'files-sdk/s3';
const files = new Files({
adapter: s3({
bucket: 'my-bucket',
region: 'us-east-1',
}),
});
const workspace = new Workspace({
filesystem: new FilesSDKFilesystem({ files }),
});
const agent = new Agent({
name: 'my-agent',
model: 'anthropic/claude-opus-4-5',
workspace,
});
The power of FilesSDK is that you can swap storage backends by changing only the adapter import:
import { Files } from 'files-sdk';
import { r2 } from 'files-sdk/r2';
const files = new Files({
adapter: r2({
accountId: process.env.R2_ACCOUNT_ID!,
accessKeyId: process.env.R2_ACCESS_KEY_ID!,
secretAccessKey: process.env.R2_SECRET_ACCESS_KEY!,
bucket: 'my-bucket',
}),
});
const workspace = new Workspace({
filesystem: new FilesSDKFilesystem({ files }),
});
import { Files } from 'files-sdk';
import { fs } from 'files-sdk/fs';
const files = new Files({
adapter: fs({ root: './.uploads' }),
});
const workspace = new Workspace({
filesystem: new FilesSDKFilesystem({ files }),
});
| Option | Type | Required | Description |
|---|---|---|---|
files | Files | Yes | Pre-configured FilesSDK instance |
id | string | No | Unique filesystem ID (auto-generated) |
displayName | string | No | Human-friendly name for UI |
icon | string | No | Icon identifier |
description | string | No | Description for UI |
readOnly | boolean | No | Mount as read-only |
Apache-2.0
FAQs
FilesSDK filesystem provider for Mastra workspaces — unified storage across S3, R2, GCS, Azure, Vercel Blob, and more
The npm package @mastra/files-sdk receives a total of 2,048 weekly downloads. As such, @mastra/files-sdk popularity was classified as popular.
We found that @mastra/files-sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Security News
Open source attacks are accelerating as AI coding agents pull in dependencies faster, with less human review.

Research
/Security News
Malicious Chrome and Firefox extensions posed as free VPNs while stealing clipboard data through later extension updates.

Research
/Security News
Miasma Mini Shai-Hulud hits @immobiliarelabs Backstage plugins, targeting GitLab and LDAP auth packages on npm.