[BUG] Disabled marketplace plugins (nimble/wix/serena) still spawn MCP servers and open browser tabs without consent

Resolved 💬 10 comments Opened May 13, 2026 by nazmiefearmutcu Closed May 17, 2026

Summary

nimble@claude-plugins-official (and to a lesser extent wix@claude-plugins-official, serena@claude-plugins-official) keeps spawning its MCP server and opening a browser tab without consent every Claude Code session, even after I set enabledPlugins["nimble@claude-plugins-official"]: false in ~/.claude/settings.json. After a few weeks the user's browser is polluted with dozens of "Login - Nimble" tabs.

Environment

  • OS: macOS 26 (Apple Silicon)
  • Default browser: ChatGPT Atlas
  • Plugin versions: nimble@0.6.1, wix@1.0.0, serena@61c0597779bd

Reproduction

  1. Install nimble@claude-plugins-official from the official marketplace.
  2. Do NOT set NIMBLE_API_KEY (most users won't have one out of the box).
  3. Open Claude Code → MCP server starts → mcp-remote opens an OAuth tab in the default browser pointing at https://api.nimbleway.com/authorize?....
  4. Close Claude Code, close the tab.
  5. Edit ~/.claude/settings.json → set "nimble@claude-plugins-official": false under enabledPlugins.
  6. Restart Claude Code.

Expected: plugin does not load; no MCP server starts; no browser tab opens.
Actual: plugin still loads; mcp-remote launches; new browser tab opens for OAuth. Repeats every session.

Evidence (smoking gun)

From ~/Library/Caches/claude-cli-nodejs/.../mcp-logs-plugin-nimble-nimble-mcp-server/2026-05-13T19-46-16-563Z.jsonlthree days after disabling the plugin in settings.json:

{"debug":"Starting connection with timeout of 30000ms","timestamp":"2026-05-13T19:46:16.857Z","cwd":"~/Desktop"}
{"error":"Server stderr: [37330] Warning: Environment variable 'NIMBLE_API_KEY' not found for header 'Authorization'.
[37330] Discovering OAuth server configuration...
[37330] Discovered authorization server: https://api.nimbleway.com/
[37330] Connecting to remote server: https://mcp.nimbleway.com/mcp
[37330] Please authorize this client by visiting: https://api.nimbleway.com/authorize?...
[37330] Browser opened automatically.
[37330] Authentication required. Initializing auth...
[37330] Another instance is handling authentication on port 10227 (pid: 36853)
[37330] Waiting for authentication from the server on port 10227..."}

[37330] Browser opened automatically. is the line that pops a new tab every session.

Root cause analysis (best guess)

Bug 1: enabledPlugins: false is not fully honored

Despite "nimble@claude-plugins-official": false, the plugin's .mcp.json server is still spawned. installed_plugins.json keeps listing the plugin regardless of enabled state, and Claude Code appears to read the plugin's .mcp.json from the install path and start the MCP server before honoring the enabledPlugins check.

Suggested fix: gate the spawn of plugin-provided MCP servers behind enabledPlugins[pluginId] !== false.

Bug 2: mcp-remote auto-opens browser tabs without user consent

mcp-remote (used by nimble and wix) calls open on the OAuth URL automatically — Browser opened automatically. — with no opt-out. Combined with bug 1, a disabled plugin still pollutes the browser every session.

Suggested fix: Claude Code should never let mcp-remote run for disabled plugins. Upstream, an env var like MCP_REMOTE_NO_OPEN=1 should make it print the URL instead of opening it.

Bug 3: Serena web_dashboard defaults to opening a tab

serena@claude-plugins-official defaults to web_dashboard: true and web_dashboard_open_on_launch: true in ~/.serena/serena_config.yml. Every Claude Code session that loads Serena pops a http://localhost:24282/dashboard/ tab. This is upstream Serena behavior, but the Claude Code plugin packaging should ship a serena_config.yml with these set to false since users running Serena as an MCP server inside Claude Code don't need a dashboard.

Manual escape

Setting enabledPlugins.<plugin>: false is not sufficient. I had to do all of the following:

  1. Remove plugin entries entirely from ~/.claude/settings.json.
  2. Remove plugin entries from ~/.claude/plugins/installed_plugins.json.
  3. Add to ~/.claude/plugins/blocklist.json.
  4. rm -rf ~/.claude/plugins/cache/claude-plugins-official/{nimble,wix,serena}.
  5. rm -rf ~/.npm/_npx/<hashes> (where mcp-remote lived).
  6. rm -rf ~/.mcp-auth/.
  7. rm -rf ~/.serena/ and the Serena uv archive.
  8. Kill running PIDs.
  9. Delete ~/Library/Caches/claude-cli-nodejs/*/mcp-logs-plugin-{nimble,wix,serena}-*.

That's 9 manual steps. Toggling enabled: false should be enough.

Asks

  1. Honor enabledPlugins: false strictly — never spawn the MCP server for a plugin marked false.
  2. Add a single "Uninstall + clean" UI button that does steps 1–4 atomically.
  3. Audit mcp-remote-based marketplace plugins. Warn on install: "This plugin opens a browser tab for OAuth each session until you authenticate."
  4. Patch the official serena plugin to default web_dashboard: false.

View original on GitHub ↗

This issue has 10 comments on GitHub. Read the full discussion on GitHub ↗