Local-first analytics dashboard for Claude Code usage.
Understand your AI coding patterns, costs, and performance β all without leaving your machine.
Zero telemetry. Zero outbound connections. Your data never leaves localhost.
npx claude-code-insightsOpens a dashboard at http://localhost:3838 analyzing your Claude Code sessions from ~/.claude/.
Global install:
npm install -g claude-code-insights
| Feature | What it does |
|---|---|
| π Overview Dashboard | KPIs, daily activity charts, cost trends, model distribution, weekly heatmap |
| π Sessions Browser | Virtual-scrolled table with sorting, filters (date, model, project, cost), column toggles |
| π Session Detail | Message-by-message timeline, tool breakdown, cost waterfall |
| π― Advanced Timeline | Gantt-style visualization with swim lanes, zoom, minimap, click-to-inspect |
| π‘ Live Monitor | Real-time per-session tracking via SSE with session switching and message feed |
| π€ Interactive Agent | Run Claude Code sessions from the dashboard (requires ANTHROPIC_API_KEY) |
| π° Cost Analytics | Per-model and per-day breakdowns with 30-day linear forecast |
| β‘ Cache Efficiency | Hit rates, savings breakdown, token flow visualization, caching recommendations |
| π οΈ Tool & Skill Usage | Invocation counts, error rates, frequency tables, time-range filtering |
| π§ AI Insights | 10 automated detection rules (cost spikes, tool loops, context bloat, error cascades) |
| βΉοΈ Info Tooltips | Every metric includes an explanatory tooltip |
| π¨ Themes | Dark, light, and high-contrast with system preference detection |
| π Privacy First | Network guard, PII detection, privacy mode, localhost-only |
| Option | Default | Description |
|---|---|---|
--dir <path> |
~/.claude |
Directory to scan for Claude sessions |
--port <number> |
3838 |
Server port |
--no-open |
β | Don't auto-open browser |
--privacy-mode |
true |
Enable PII redaction on API responses |
Claude Code Dashboard is built with a zero-trust architecture. Security is enforced at every layer.
A network guard monkey-patches net.Socket.prototype.connect at startup to block all non-localhost outbound connections at the socket level. Runs before any other code. If any dependency tries to phone home β blocked and logged.
Allowed hosts:
127.0.0.1,localhost,::1,0.0.0.0
A regex-based scanner detects sensitive data before it reaches the browser:
| Category | Patterns |
|---|---|
| π API keys | Anthropic (sk-ant-*), OpenAI (sk-*), generic (pk-*, rk-*, ak-*) |
| βοΈ Cloud credentials | AWS access keys (AKIA*, ABIA*, ACCA*, ASIA*) |
| ποΈ Tokens | GitHub (ghp_*, gho_*, ghu_*, ghs_*, ghr_*), JWTs |
| π Secrets | Private key headers (RSA, EC, DSA) |
| π€ Personal data | Email addresses, IPv4 addresses |
PII redaction runs at three pipeline points:
- Indexing β Content previews redacted before SQLite storage
- WebSocket β Agent tool inputs redacted before reaching browser
- SSE β Live monitor messages redacted before broadcast
- Read-only β Never writes to or modifies
~/.claude/ - No telemetry β Zero analytics, tracking, or phone-home
- Localhost-only β Server binds exclusively to
127.0.0.1 - CSP headers β
default-src 'self',X-Frame-Options: DENY,X-Content-Type-Options: nosniff - Prepared statements β All SQLite queries are parameterized (no string interpolation)
ββββββββββββββββββββββββββββββββββββββββββββ
β CLI (packages/cli) β
β Commander.js β starts server β
ββββββββββββββββββ¬ββββββββββββββββββββββββββ
β
ββββββββββββββββββΌββββββββββββββββββββββββββ
β Server (apps/server) β
β Fastify 5 + better-sqlite3 + SSE + WS β
β β
β βββββββββββ βββββββββββ βββββββββββββ β
β β Indexer β β Live β β Agent β β
β β (JSONLβ β β (SSE β β (WS + β β
β β SQLite) β β poll) β β SDK) β β
β βββββββββββ βββββββββββ βββββββββββββ β
ββββββββββββββββββ¬ββββββββββββββββββββββββββ
β
ββββββββββββββββββΌββββββββββββββββββββββββββ
β Web (apps/web) β
β Vue 3 + Pinia + ECharts + TanStack β
ββββββββββββββββββββββββββββββββββββββββββββ
Shared packages:
shared-types/ Zod schemas, TypeScript types
cost-engine/ Token pricing tables, cost calculator
session-parser/ JSONL reader, session & timeline builders
insights-engine/ 10 detection rules for session analysis
| Layer | Technology |
|---|---|
| πΌοΈ Frontend | Vue 3, TypeScript, Vite, Pinia, SCSS (BEM) |
| π Charts | ECharts (tree-shaken) |
| π Tables | TanStack Vue Table + Vue Virtual |
| π§ Backend | Fastify 5, better-sqlite3 (WAL mode) |
| π‘ Real-time | Server-Sent Events (live), WebSocket (agent) |
| π€ Agent | Claude Agent SDK (@anthropic-ai/claude-agent-sdk) |
| β Validation | Zod schemas as single source of truth |
| π» CLI | Commander.js |
| π§ͺ Testing | Vitest |
claude-code-insights/
βββ apps/
β βββ server/ # Fastify API server
β β βββ src/
β β β βββ db/ # SQLite schema, queries, connection
β β β βββ middleware/# Network guard, privacy, PII detector
β β β βββ routes/ # REST API, SSE, WebSocket endpoints
β β β βββ services/ # Indexer, scanner
β β β βββ workers/ # Session parse worker
β β βββ package.json
β βββ web/ # Vue 3 SPA
β βββ src/
β β βββ components/# 60+ Vue components
β β βββ composables/# Vue composables (API, charts, etc.)
β β βββ pages/ # Route-level page components
β β βββ stores/ # Pinia state management
β β βββ styles/ # SCSS design tokens, mixins, themes
β βββ package.json
βββ packages/
β βββ shared-types/ # Zod schemas + TypeScript types
β βββ cost-engine/ # Token pricing & cost calculation
β βββ session-parser/ # JSONL parsing & session building
β βββ insights-engine/ # Automated analysis rules
β βββ cli/ # CLI entry point (npx target)
βββ scripts/ # Build scripts
βββ docs/ # Design & implementation plans
The interactive Agent page lets you run Claude Code sessions directly from the dashboard. Optional β requires an ANTHROPIC_API_KEY.
export ANTHROPIC_API_KEY=sk-ant-...
npx claude-code-insightsSecurity: The API key is read by the Claude Agent SDK only β never read, stored, or logged by CSI. Agent communication uses WebSocket over localhost. Tool inputs are PII-redacted.
| Environment Variable | Default | Description |
|---|---|---|
CSI_SCAN_DIR |
~/.claude |
Directory to scan for sessions |
CSI_PORT |
3838 |
Server port |
CSI_PRIVACY_MODE |
true |
Enable PII redaction |
ANTHROPIC_API_KEY |
β | Optional. Required only for Agent |
- Node.js >= 20
- pnpm >= 9
git clone https://github.com/yahav10/claude-code-insights.git
cd claude-code-insights
pnpm installpnpm dev # Dev servers (API :3838, web :5173)
pnpm test # Run all tests
pnpm typecheck # Type check
bash scripts/build.sh # Production buildWhere is my data stored?
Session data is indexed into a local SQLite database at ~/.cache/claude-code-insights/index.db. No data is transmitted anywhere.
Does this modify my Claude Code sessions?
No. CSI is strictly read-only β it never writes to ~/.claude/.
How do I reset the index?
Delete the database file: rm ~/.cache/claude-code-insights/index.db. It will be rebuilt on next start.
Does the Agent feature cost money?
Yes β it calls the Anthropic API using your key. Costs depend on the model and tokens consumed. Same as using Claude Code directly.
Can I run this on a remote server?
No. The server binds to 127.0.0.1 only and the network guard blocks all non-localhost connections. Designed exclusively for local use.
| Issue | Solution |
|---|---|
| No sessions found | Make sure you've used Claude Code at least once. Sessions are in ~/.claude/projects/. Use --dir for custom location |
| Port already in use | Use --port <number>: npx claude-code-insights --port 4000 |
| Agent not working | Ensure ANTHROPIC_API_KEY is set in your environment |
| pnpm install fails | Add "pnpm": { "onlyBuiltDependencies": ["better-sqlite3"] } to package.json, then re-run. Or use npx which handles native builds |
See CONTRIBUTING.md.
See SECURITY.md for our security policy and how to report vulnerabilities.
See CODE_OF_CONDUCT.md.
MIT β see LICENSE.
Built with β€οΈ for the Claude Code community
See what your AI coding sessions actually look like.