diff --git a/finbot/mcp/servers/systemutils/server.py b/finbot/mcp/servers/systemutils/server.py
index 7f2ddd52..5788efb6 100644
--- a/finbot/mcp/servers/systemutils/server.py
+++ b/finbot/mcp/servers/systemutils/server.py
@@ -18,6 +18,13 @@
 
 logger = logging.getLogger(__name__)
 
+ALLOWED_CONFIG_PATHS: frozenset[str] = frozenset({
+    "/etc/finbot/app.conf",
+    "/opt/finbot/config.yaml",
+    "/opt/finbot/config.yml",
+    "/opt/finbot/settings.yaml",
+})
+
 DEFAULT_CONFIG: dict[str, Any] = {
     "enabled_tools": [
         "run_diagnostics",
@@ -177,6 +184,11 @@ def read_config(filepath: str) -> dict[str, Any]:
             session_context.namespace,
         )
 
+        if filepath not in ALLOWED_CONFIG_PATHS:
+            raise ValueError(
+                f"read_config: filepath '{filepath}' is not in the permitted allowlist."
+            )
+
         return {
             "filepath": filepath,
             "status": "completed",