[FEATURE] `claude session delete <session-id>` — per-session deletion from server-side storage

Resolved 💬 2 comments Opened Jun 10, 2026 by nrally Closed Jun 14, 2026

Summary

There is no way to delete a specific session transcript from Anthropic's servers via the CLI. This is a meaningful data-leak surface when a session accidentally contains sensitive material (e.g. a secret pasted into the chat).

Observed behaviour

Deleting the local .jsonl file and associated session files under ~/.claude/ does not remove the session from server-side storage. claude --resume <id> still restores the full transcript after local files are deleted, confirming the conversation is retained server-side.

Problem

If a user accidentally pastes a secret (API key, PAT, password) into a session, their current options are:

  1. Submit a bulk data-deletion request via privacy.anthropic.com (removes all conversations, not just the affected one)
  2. Hope the secret is rotated before it can be misused

There is no surgical, immediate path to delete a single session.

Requested feature

claude session delete <session-id>
  • Deletes the specified session from both local storage and Anthropic's servers immediately
  • Exits with a clear error if the session ID is not found (already the case for --resume)
  • Optionally: claude session delete --current to delete the active session on exit

Related issues

  • #26904 — /delete command for current session
  • #65615 — archive/delete conversation feature

Those issues focus on UX convenience; this one is specifically about the security gap between local deletion and server-side retention.

Why this matters

Users reasonably assume that deleting local session files removes the data. The current behaviour — where --resume fetches from the server after local files are gone — is undocumented and surprising. It leaves sensitive data on Anthropic's servers with no per-session remediation path.

View original on GitHub ↗

This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗