claude-sessions-mcp
by es6kr
Overview
Manages Claude Code conversation sessions and projects, offering features like listing, renaming, deleting sessions and messages, and cleaning up old data via a Web UI and MCP tools.
Installation
npx claude-sessions-mcpEnvironment Variables
- PORT
Security Notes
Critical command injection vulnerability in `web/src/routes/api/open-file/+server.ts`. The `filePath` parameter in the `/api/open-file` POST endpoint is directly interpolated into a shell command `code "${filePath}"` without proper sanitization. A malicious `filePath` containing double quotes (`"`) could allow arbitrary command execution on the host system. This poses a significant risk if an attacker can send arbitrary requests to the local server, e.g., via a compromised browser extension or an instructed LLM agent.
Similar Servers
consult-llm-mcp
An MCP server that allows an AI agent (Claude Code) to consult more powerful external AI models for code analysis, debugging, and review, providing relevant files and git diffs as context.
ccmcp
CLI tool to intelligently discover, validate, and select MCP server configurations for Claude Code before launching it.
claude-session-manager-mcp
Manages Claude Code conversation history and sessions through CLI tools and a web-based GUI.
mcp-prompts
This server manages and serves customizable prompt templates to MCP clients for various tasks like meeting analysis and content summarization.