claude-sessions-mcp
by es6kr
Overview
Manages Claude Code conversation sessions, including project, session, and message management, along with a SvelteKit-based Web UI.
Installation
npx claude-sessions-mcpEnvironment Variables
- PORT
Security Notes
The server uses `child_process.execAsync` to open files (`code "${filePath}"`) via the `/api/open-file` endpoint. While intended for local file management, this endpoint allows an arbitrary `filePath` to be passed from the client side without server-side validation or restriction. This means a malicious actor (or a compromised UI) could potentially command the server to open any file on the user's local system (e.g., sensitive configuration files, private keys) in VS Code. Although `code "..."` mitigates some basic shell injection, the ability to specify arbitrary file paths is a significant local privilege escalation risk. No hardcoded secrets were found. File system operations are confined to expected Claude directories for session management, except for this specific 'open file' functionality.
Similar Servers
claude-historian-mcp
Provides an MCP server for Claude Code to search and retrieve insights from conversation history, including past solutions, file changes, and tool usage patterns.
consult-llm-mcp
An MCP server that allows AI agents like Claude Code to consult stronger, more capable AI models (e.g., GPT-5.2, Gemini 3.0 Pro) for complex code analysis, debugging, and architectural advice.
ccmcp
A CLI tool that intelligently discovers, validates, and selects MCP (Model Context Protocol) server configurations for Claude Code, providing both a TUI and text-based interface.
claude-team
Orchestrate multiple AI coding sessions (Claude Code, Codex) via iTerm2, enabling parallel development, isolated work environments, and streamlined task management.