Ccsinfo
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill matches its purpose, but its setup tells users to expose Claude Code session history over a LAN HTTP REST service without documented access controls.
Use this only if you are comfortable giving the agent access to your Claude Code session history. Before installing, verify the ccsinfo server’s security model, avoid exposing it on 0.0.0.0 unless protected, and restrict network access to trusted clients.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Other machines on the same network may be able to access your Claude Code conversation history, prompts, tool calls, and project information if the server lacks separate protections.
Binding to 0.0.0.0 makes the server reachable beyond localhost, and the artifacts do not document authentication, encryption, or access controls for the REST API that serves private Claude Code session data.
ccsinfo serve --host 0.0.0.0 --port 9999 ... The server reads Claude Code session data from `~/.claude/projects/` and exposes it via REST API.
Prefer binding to localhost, using an SSH/VPN tunnel, enabling authentication and TLS if supported, and restricting access with a firewall before exposing this service on a LAN.
Past session content could reveal sensitive information or influence the agent if retrieved text contains misleading instructions.
The skill intentionally retrieves stored Claude Code conversations and prompt history, which can contain secrets, private code context, or old instructions that should not be treated as current trusted instructions.
View conversation messages ... `ccsinfo sessions messages <session-id>` ... Search prompt history ... `ccsinfo search history "implement feature"`
Treat retrieved session data as untrusted reference material, avoid asking the agent to expose secrets, and review outputs before sharing them elsewhere.
Installing or upgrading later could run a different package version than the one reviewed here.
The client install pulls the latest ccsinfo package from PyPI at setup time. This is expected for the skill, but the artifact does not pin a version or hash.
uv tool install ccsinfo --upgrade
Install only from a trusted source, consider pinning a known-good version, and review the upstream package/server documentation before use.