claude-code-mcp
by steipete
Overview
Provides an MCP server to allow LLMs to directly invoke Claude Code CLI for complex coding, file system, and Git operations, bypassing interactive permission prompts.
Installation
npx -y @steipete/claude-code-mcp@latestEnvironment Variables
- CLAUDE_CLI_NAME
- MCP_CLAUDE_DEBUG
Security Notes
The server's core function involves executing the Claude CLI with '--dangerously-skip-permissions', explicitly granting broad system access to the underlying LLM. While this is a documented feature and intended behavior, it inherently poses a significant security risk if not deployed in a controlled environment or if untrusted prompts are allowed. The `spawnAsync` function uses `shell: false`, mitigating direct shell injection vulnerabilities from command arguments. Input validation for `CLAUDE_CLI_NAME` prevents relative path execution, which is a good safeguard. However, a malicious prompt targeting the Claude CLI itself or the broader system via Claude's capabilities remains a possibility. Users must be fully aware of the elevated permissions granted.
Similar Servers
claude-codex-settings
This repository provides a toolkit and configurations for integrating Model Context Protocol (MCP) servers into Claude Code plugins, enabling AI agents to interact with external services, local tools, and APIs within an AI-assisted development environment.
consult-llm-mcp
Facilitates Claude Code to consult powerful external AI models for complex code analysis, debugging, and review tasks.
mcpick
A CLI tool for dynamically managing Claude Code MCP server configurations, enabling users to toggle servers, add new ones, and manage backups to optimize context usage and performance.
mcp-client-server
Facilitates development, testing, and debugging of Model Context Protocol (MCP) servers by providing tools to deploy, manage, interact with, and test them as local child processes.