claude-session-manager-mcp
by es6kr
Overview
Manages Claude Code conversation history and sessions through CLI tools and a web-based GUI.
Installation
uvx claude-session-manager-mcpSecurity Notes
The Flask web GUI runs with `debug=True` when started, including when launched via the MCP `start_gui` tool. Running Flask in debug mode in a production or even semi-exposed environment is a critical security vulnerability, as it can allow arbitrary code execution. Additionally, the server processes user-provided `project_name` and `session_id` arguments directly in constructing file paths. Malicious input (e.g., `../`) within these arguments could lead to path traversal, allowing file operations (read, delete, rename, move) outside the intended `~/.claude/projects` directory. The web GUI binds to `0.0.0.0`, potentially exposing the debug-enabled server to a local network.
Similar Servers
mcp-memory-keeper
Provides persistent context management for Claude AI coding assistants, ensuring work history, decisions, and progress are preserved across sessions and context limits.
mcpick
A CLI tool for dynamically managing Claude Code's MCP server configurations to optimize context usage and performance.
memcord
Memcord is a privacy-first, self-hosted MCP server designed to organize chat history, summarize messages, and enable AI-powered search across past conversations, keeping all data secure and under user control.
claude-memory
Provides Claude Code with persistent memory by indexing past conversations, enabling recall of decisions, context, and work across sessions.