Skillget

Tabby-MCP

mcp
Security Audit
Fail
Health Pass
  • License — License: MIT
  • Description — Repository has a description
  • Active repo — Last push 0 days ago
  • Community trust — 22 GitHub stars
Code Fail
  • rm -rf — Recursive force deletion command in scripts/install.sh
  • network request — Outbound network request in scripts/stdio-bridge.js
  • rm -rf — Recursive force deletion command in scripts/uninstall.sh
  • rm -rf — Recursive force deletion command in src/i18n/en-US.json
  • rm -rf — Recursive force deletion command in src/i18n/zh-CN.json
Permissions Pass
  • Permissions — No dangerous permissions requested
Purpose
This tool acts as a bridge between AI assistants and the Tabby terminal application. It exposes 34 distinct Model Context Protocol (MCP) tools, enabling an AI agent to execute commands, manage terminal tabs, handle profiles, and perform remote SFTP file operations.

Security Assessment
Risk Rating: High. The core purpose of this server is to allow an external AI model to execute shell commands and manipulate files on your system, which fundamentally exposes highly sensitive data and system controls. The automated audit flags multiple instances of `rm -rf` (recursive force deletion) commands within the installation, uninstallation, and internationalization scripts, which can be dangerous if misused or if paths are mishandled. Additionally, outbound network requests were detected in the standard I/O bridge script. No hardcoded secrets or dangerous permission requests were found. The developers note the tool features "pair programming mode" with confirmation dialogs to help mitigate unsafe command execution.

Quality Assessment
The project uses the permissive MIT license and appears to be actively maintained, with repository updates pushed as recently as today. It boasts a small but respectable community trust metric with 22 GitHub stars. The codebase is written in TypeScript. Interestingly, the developers self-report that the project is roughly 95% AI-generated, meaning developers should be aware that automated tooling wrote the vast majority of the underlying logic.

Verdict
Use with caution: While the project is active and well-documented, granting an AI full shell and SFTP access via scripts containing recursive deletion commands carries significant inherent system risks.
SUMMARY

MCP server for Tabby terminal, 34 MCP tools including SFTP support, full control your Tabby!

README.md

🚀 Tabby-MCP

License: MIT
TypeScript
Tabby Plugin
MCP Protocol
GitHub Release
AI Generated
Tested on

A Comprehensive MCP Server Plugin for Tabby Terminal

Connect AI assistants to your terminal with full control — 34 MCP tools including SFTP support

English | 中文

🚀 Tabby-MCP is a powerful plugin for Tabby Terminal, bridging the gap between AI agents and your terminal environment. It provides a standardized MCP interface for AI to execute commands, manage tabs, and handle file operations securely.

Give your AI hands to work with.

Tabby-MCP Intro

✨ Features

🖥️ Terminal Control

  • Execute commands with output capture
  • Stable session IDs (v1.1+)
  • Send interactive input (vim, less, top)
  • Read terminal buffer content
  • Abort/monitor running commands

📑 Tab Management

  • Create/Close/Duplicate tabs
  • Split panes (horizontal/vertical)
  • Navigate between tabs
  • Move tabs left/right
  • Reopen closed tabs

🔗 Profile & SSH

  • List all terminal profiles
  • Open new tabs with profiles
  • SSH quick connect
  • Profile selector dialog

📁 SFTP Operations (v1.1+)

  • List/read/write remote files
  • Create/delete directories
  • Rename/move files
  • (Requires tabby-ssh)

🔒 Security Features

Pair programming mode with confirmation dialogs • Comprehensive logging • Safe command execution

📦 Installation

Method 1: Tabby Plugin Manager (Easiest)

Search for tabby-mcp-server directly in Tabby's built-in Plugin Manager:

  1. Open Tabby → SettingsPlugins
  2. Search for tabby-mcp-server
  3. Click Install
  4. Restart Tabby

Method 2: Quick Install Script

No Node.js required! Downloads pre-built release from GitHub.

🍎 macOS / 🐧 Linux 
curl -fsSL https://raw.githubusercontent.com/GentlemanHu/Tabby-MCP/main/scripts/install.sh | bash

Or download and run:

wget https://raw.githubusercontent.com/GentlemanHu/Tabby-MCP/main/scripts/install.sh
bash install.sh
🪟 Windows (PowerShell) 
irm https://raw.githubusercontent.com/GentlemanHu/Tabby-MCP/main/scripts/install.ps1 | iex

Or download and run:

Invoke-WebRequest -Uri https://raw.githubusercontent.com/GentlemanHu/Tabby-MCP/main/scripts/install.ps1 -OutFile install.ps1
.\install.ps1

Method 3: Build from Source

Requires Node.js 18+.

# Clone
git clone https://github.com/GentlemanHu/Tabby-MCP.git
cd Tabby-MCP

# Build & Install
bash scripts/build-and-install.sh

Or manually:

npm install --legacy-peer-deps
npm run build
# Then copy dist/ and package.json to Tabby plugins folder

🔄 After Installation

  1. Restart Tabby
  2. Go to Settings → MCP
  3. Start the MCP server

🔌 Connecting AI Clients

Streamable HTTP Mode (Cursor / Windsurf / Cline)

Add to ~/.cursor/mcp.json:

{
  "mcpServers": {
    "Tabby MCP": {
      "type": "streamable_http",
      "url": "http://localhost:3001/mcp"
    }
  }
}

STDIO Mode (Claude Desktop / VS Code)

For clients that don't support SSE, use the STDIO bridge:

Claude Desktop (~/Library/Application Support/Claude/claude_desktop_config.json):

{
  "mcpServers": {
    "tabby-mcp-server": {
      "command": "node",
      "args": ["/path/to/Tabby-MCP/scripts/stdio-bridge.js"]
    }
  }
}

VS Code / Other IDEs:

{
  "mcp": {
    "servers": {
      "tabby-mcp-server": {
        "type": "stdio",
        "command": "node",
        "args": ["scripts/stdio-bridge.js"],
        "cwd": "/path/to/Tabby-MCP"
      }
    }
  }
}

Note: STDIO mode requires Node.js installed. The bridge script connects to the SSE server running in Tabby.

Endpoints

Endpoint URL Protocol
Streamable HTTP http://localhost:3001/mcp 2025-03-26 (recommended)
Legacy SSE http://localhost:3001/sse 2024-11-05
Health http://localhost:3001/health -
Info http://localhost:3001/info -

🛠️ Available Tools

Terminal Control (7)

Tool Description
get_session_list List all terminal sessions with stable UUIDs and metadata
exec_command Execute command with flexible session targeting
send_input Send interactive input (Ctrl+C, etc)
get_terminal_buffer Read terminal buffer (defaults to active session)
abort_command Abort running command
get_command_status Monitor active commands
focus_pane Focus a specific pane in split view

New in v1.1: All terminal tools now support flexible session targeting:

  • sessionId (stable UUID, recommended)
  • tabIndex (legacy, may change)
  • title (partial match)
  • profileName (partial match)
  • No parameters = use active session

Tab Management (11)

Tool Description
list_tabs List all open tabs with stable IDs
select_tab Focus a specific tab (defaults to active)
close_tab Close a tab
close_all_tabs Close all tabs
duplicate_tab Duplicate a tab
next_tab / previous_tab Navigate tabs
move_tab_left / move_tab_right Reorder tabs
reopen_last_tab Reopen closed tab
split_tab Split current tab (horizontal/vertical)

Profile Management (4)

Tool Description
list_profiles List terminal profiles
open_profile Open tab with profile
show_profile_selector Show profile dialog
quick_connect SSH quick connect

SFTP Operations (12) 🆕

Requires tabby-ssh plugin. If not installed, SFTP tools are disabled automatically.

Basic Operations:

Tool Description Key Parameters
sftp_list_files List remote directory path
sftp_read_file Read remote file (text) path
sftp_write_file Write text to remote file path, content
sftp_mkdir Create remote directory path
sftp_delete Delete remote file/directory path
sftp_rename Rename/move remote file sourcePath, destPath
sftp_stat Get file/directory info path

File Transfer (supports sync/async):

Tool Description Key Parameters
sftp_upload Upload local file → remote localPath, remotePath, sync
sftp_download Download remote → local file remotePath, localPath, sync
sftp_get_transfer_status Query transfer progress transferId
sftp_list_transfers List all transfers status (filter)
sftp_cancel_transfer Cancel active transfer transferId

Transfer Modes: sync=true (default) waits for completion. sync=false returns immediately with transferId.

Size Limits: Configurable in Settings → MCP → SFTP.

⚙️ Configuration

Setting Description Default
Port MCP server port 3001
Start on Boot Auto-start server true
Pair Programming Confirm commands true
Session Tracking Use stable UUIDs true
Background Execution Run without focus false
SFTP Enabled Enable SFTP tools true

🔄 Background Execution Mode

Enable this mode to allow MCP commands to run without switching focus to the terminal. This lets you continue working on other tabs while AI executes commands in the background.

Settings → MCP → Background Execution

⚠️ Risks:

  • You won't see commands executing in real-time
  • If you type in the target terminal while AI is running, input will conflict
  • For split panes, commands go to the sessionId target, not the focused pane
  • Dangerous commands could run without you noticing

Recommended: Keep "Pair Programming Mode" enabled with confirmation dialogs for safety.

⚠️ Platform Support

Platform Status Notes
macOS Tested Fully functional
Windows ⚠️ Untested Should work — please report issues
Linux ⚠️ Untested Should work — please report issues

Note: This plugin has been developed and tested on macOS. Windows and Linux support should work but is unverified. Community testing and feedback welcome!

🤖 About This Project

🎨 95%+ AI Generated

This project was created almost entirely by AI (Claude/Gemini) through pair programming.
The human's role was primarily to provide requirements and test the results.

Acknowledgments

This project builds upon the work of tabby-mcp-server by @thuanpham582002.

Improvements over the original:

Feature Original This Project
MCP Tools 4 34
Tab Management
Profile/SSH
SFTP Support
Stable Session IDs
Streamable HTTP
Init Bug Has issue ✅ Fixed
Install Script Manual ✅ One-liner

📝 Changelog

v1.5.1 (2026-04-03)

🐛 Bug Fixes:

  • 🔧 Fixed /api/tool/{name} returning 404 (Issue #4) - Tool API endpoints were registered during configureExpress() when toolCategories was still empty due to Angular DI initialization order
    • Moved configureToolEndpoints() to startServer() where all tools are guaranteed to be registered
    • Added duplicate registration guard to prevent route duplication on server restart

v1.4.0 (2026-03-02)

🐛 Bug Fixes:

  • 🔧 Fixed log export double-serialization (Issue #1) - Exported JSON was incorrectly serialized as a string instead of proper JSON
  • 🔧 Fixed MCP config type (Issue #2) - Config example now correctly shows streamable_http instead of sse
  • 🔧 Fixed hardcoded version numbers - /health and /info endpoints now use PLUGIN_VERSION constant

🏗️ Architecture Improvements:

  • 🔒 Per-session McpServer isolation - Each AI client now gets its own McpServer instance
    • Prevents one client's disconnect/reconnect from blocking other clients' requests
    • Fixes MCP SDK Bug #1459 stale callback interference
  • 🔄 SFTP session cache redesign - Replaced WeakMap with Map + TTL (5min)
    • Proactive session expiration prevents stale SFTP sessions
    • Health check validation with stat('/') before reuse
    • SSH disconnect detection during active transfers
    • Periodic cleanup of closed SSH sessions from cache

📦 Build & Install:

  • 📝 Fixed install scripts (install.sh / install.ps1) extraction failure
    • Archive directory name now consistently tabby-mcp-server
    • Backward compatible with old tabby-mcp directory names
    • Added prerelease support
    • Improved JSON parsing with python3 fallback

v1.3.0 (2026-02-04)

Bug Fixes:

  • 🔧 Fixed session disconnect false positives - exec_command and send_input no longer incorrectly report "Session disconnected"
    • Root cause: tab.destroyed is a Subject<void> (RxJS Observable), NOT a boolean
    • Now correctly uses session.open === false for disconnect detection

Cleanup:

  • 🗑️ Removed non-functional SFTP "Advanced Tuning" settings (Chunk Size, Concurrency)
    • These had no effect with Tabby's russh-based SFTP implementation
  • 🗑️ Removed obsolete fastPut/fastGet detection code

i18n:

  • ✏️ Fixed SFTP size descriptions: corrected "10 MB" → "10 GB" in all translations

v1.2.0 (2026-01-24)

🔧 Critical Bug Fixes:

  • 🔴 SFTP Session ID Mismatch - Fixed critical bug where SFTP tools operated on wrong SSH server
    • Root cause: SFTP had separate session registry from Terminal, causing ID mismatch
    • Fix: SFTP now shares session registry with Terminal tools
    • SFTP no longer silently falls back to first SSH tab when sessionId doesn't match
  • 🔴 Local Directory Auto-Creation - SFTP downloads now automatically create missing local directories
  • 🔴 Error Reporting - Fixed misleading "Remote file not found" when local directory was missing

🎨 UI Improvements:

  • 📋 Connection Monitor - Added "Connections" button to settings (always visible)
  • 🛠️ Server Lifecycle - Improved server restart with forced socket cleanup
  • 📊 Session Tracking - Added session metadata with activity history

🔧 Terminal Improvements:

  • 🐚 Heredoc Support - Fixed complex shell commands (Python heredoc) execution
  • 📝 Detailed Logging - Added [findSSHSession] debug logs for troubleshooting

v1.1.6 (2026-01-22)

Improvements:

  • 🎨 Enhanced Settings UI - Redesigned header with compact social links (GitHub, npm)
  • 🔗 Smart Links - All external links now open correctly in default browser
  • 🔢 Auto-versioning - Plugin version is now automatically read from package.json
  • 🧹 Cleaner UI - Optimized layout and removed redundant sections

v1.1.5 (2026-01-22)

New Features:

  • 🌐 Internationalization (i18n) - Settings UI now supports multiple languages
    • English (en-US, en-GB)
    • Chinese Simplified (zh-CN, zh-TW)
    • Auto-follows Tabby's language setting
    • Extensible: easily add new languages by adding JSON files

v1.1.4 (2026-01-22)

New Features:

  • 🔄 Background Execution Mode - Run MCP commands without switching terminal focus
    • Settings UI with comprehensive risk warnings
    • Split pane focus handling for proper pane targeting
  • 🐚 Multi-shell Compatibility - exec_command now supports Fish, Bash, Zsh, and sh
    • Auto-detects shell type from terminal buffer patterns
    • Shell-specific command wrappers for exit code capture

Bug Fixes:

  • 🔧 Fixed open_profile SSH readiness detection - no longer returns prematurely before SSH is connected
  • Fixed shell detection for non-bash shells (Fish shell $status vs $?)

v1.1.3 (2026-01-22)

Bug Fixes:

  • 🔧 Fixed open_profile sessionId inconsistency - now returns same sessionId as get_session_list
  • Fixed SSH connection state detection - ready now correctly reflects overall connection status

Improvements:

  • Clearer state fields in open_profile response:
    • tabReady: Tab/frontend initialized
    • sshConnected: SSH connection established (SSH profiles only)
    • ready: Overall ready state (for SSH: tabReady AND sshConnected)
  • Marked all peerDependencies as optional to prevent unnecessary package downloads
  • Added tabby-ssh to devDependencies for developer build stability

v1.1.2 (2026-01-22)

Optimization:

  • 📦 Reduced npm package size by moving bundled dependencies to devDependencies
  • All dependencies (express, zod, @modelcontextprotocol/sdk) are now bundled into dist/index.js
  • Installing from npm/Tabby store no longer downloads unnecessary packages

v1.1.1 (2026-01-21)

Bug Fixes:

  • 🔧 Fixed Streamable HTTP connection leak - connections were not being cleaned up when clients disconnected
  • Added transport.onclose handler to properly remove closed sessions from tracking
  • Enhanced SSE stream close logging for better debugging

v1.1.0 (2026-01-20)

Major Fixes:

  • SFTP tools completely rewritten - Fixed all SFTP tools that were returning "No SSH session found"
  • Fixed SSH tab detection to properly handle tabs inside SplitTabComponent
  • Fixed get_terminal_buffer and select_tab returning error when called without parameters
  • Fixed select_tab tool not finding tabs by tabId (bidirectional lookup)
  • Fixed quick_connect and open_profile parameter validation issues

Improvements:

  • All tools now use smart defaults: no parameters = use active session/tab/first SSH session
  • Updated documentation: tool count corrected to 34 (Terminal 7 + Tab 11 + Profile 4 + SFTP 12)
  • Added detailed debug logging and better error messages
  • Added focus_pane and split_tab to documentation
  • Added Streamable HTTP transport support (protocol 2025-03-26)
  • Settings: SFTP size limits now use MB instead of bytes
  • Settings: Updated SFTP notes (removed outdated base64 warning)

🤝 Contributing

See CONTRIBUTING.md for guidelines.

📄 License

MIT License - see LICENSE

Made with ❤️ by AI and GentlemanHu

Star this repo if you find it useful!

Reviews (0)

No results found