mnemo-mcp
mcp
Fail
Health Warn
- License — License: MIT
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Low visibility — Only 5 GitHub stars
Code Fail
- execSync — Synchronous shell command execution in scripts/clean-venv.mjs
Permissions Pass
- Permissions — No dangerous permissions requested
Purpose
This server provides a persistent memory system for AI agents and LLMs. It uses a local database for hybrid search, memory consolidation, and automatic entity extraction, featuring optional cloud sync capabilities across multiple machines.
Security Assessment
Risk: Medium. The tool is designed to process and store all the data you feed it, meaning your prompts and AI conversations will live locally in an SQLite database. It makes network requests, both for optional cloud embedding providers (OpenAI, Jina, Gemini) and for syncing data via embedded rclone (Google Drive, S3, Dropbox). While no dangerous permissions are requested and no hardcoded secrets were found, the codebase contains synchronous shell command execution in its cleanup script (`scripts/clean-venv.mjs`). This is likely a development-level maintenance script, but it represents a potential vector for command injection if the environment is compromised.
Quality Assessment
The project is very new and currently has low community visibility with only 5 GitHub stars, making its trust level difficult to gauge. However, the underlying code quality appears solid. It is actively maintained (last pushed today), features continuous integration testing with Codecov, and is properly licensed under the permissive MIT license. The documentation and setup instructions are comprehensive.
Verdict
Use with caution — the tool is active and well-structured, but its low community adoption and embedded network/sync capabilities warrant a thorough security review before integrating it into sensitive workflows.
This server provides a persistent memory system for AI agents and LLMs. It uses a local database for hybrid search, memory consolidation, and automatic entity extraction, featuring optional cloud sync capabilities across multiple machines.
Security Assessment
Risk: Medium. The tool is designed to process and store all the data you feed it, meaning your prompts and AI conversations will live locally in an SQLite database. It makes network requests, both for optional cloud embedding providers (OpenAI, Jina, Gemini) and for syncing data via embedded rclone (Google Drive, S3, Dropbox). While no dangerous permissions are requested and no hardcoded secrets were found, the codebase contains synchronous shell command execution in its cleanup script (`scripts/clean-venv.mjs`). This is likely a development-level maintenance script, but it represents a potential vector for command injection if the environment is compromised.
Quality Assessment
The project is very new and currently has low community visibility with only 5 GitHub stars, making its trust level difficult to gauge. However, the underlying code quality appears solid. It is actively maintained (last pushed today), features continuous integration testing with Codecov, and is properly licensed under the permissive MIT license. The documentation and setup instructions are comprehensive.
Verdict
Use with caution — the tool is active and well-structured, but its low community adoption and embedded network/sync capabilities warrant a thorough security review before integrating it into sensitive workflows.
Persistent AI memory with hybrid search and embedded sync - open, free, unlimited
README.md
Mnemo MCP Server
mcp-name: io.github.n24q02m/mnemo-mcp
Persistent AI memory with hybrid search and embedded sync. Open, free, unlimited.
Features
- Hybrid search -- FTS5 full-text + sqlite-vec semantic + reranking for precision
- Knowledge graph -- Automatic entity extraction and relation tracking across memories
- Importance scoring -- LLM-scored 0.0-1.0 per memory for smarter retrieval
- Auto-archive -- Configurable age + importance threshold to keep memory clean
- STM-to-LTM consolidation -- LLM summarization of related memories in a category
- Duplicate detection -- Warns before adding semantically similar memories
- Zero config -- Built-in local Qwen3 embedding + reranking, no API keys needed. Optional cloud providers (Jina AI, Gemini, OpenAI, Cohere)
- Multi-machine sync -- JSONL-based merge sync via embedded rclone (Google Drive, S3, Dropbox)
- Proactive memory -- Tool descriptions guide AI to save preferences, decisions, facts
Setup
With AI Agent -- copy and send this to your AI agent:
Please set up mnemo-mcp for me. Follow this guide:
https://raw.githubusercontent.com/n24q02m/mnemo-mcp/main/docs/setup-with-agent.md
Manual Setup -- follow docs/setup-manual.md
Tools
| Tool | Actions | Description |
|---|---|---|
memory |
add, search, list, update, delete, export, import, stats, restore, archived, consolidate |
Core memory CRUD, hybrid search, import/export, archival, and LLM consolidation |
config |
status, sync, set, warmup, setup_sync |
Server status, trigger sync, update settings, pre-download embedding model, authenticate sync provider |
help |
-- | Full documentation for any tool |
MCP Resources
| URI | Description |
|---|---|
mnemo://stats |
Database statistics and server status |
mnemo://recent |
10 most recently updated memories |
MCP Prompts
| Prompt | Parameters | Description |
|---|---|---|
save_summary |
summary |
Generate prompt to save a conversation summary as memory |
recall_context |
topic |
Generate prompt to recall relevant memories about a topic |
Security
- Graceful fallbacks -- Cloud → Local embedding, no cross-mode fallback
- Sync token security -- OAuth tokens stored at
~/.mnemo-mcp/tokens/with 600 permissions - Input validation -- Sync provider, folder, remote validated against allowlists
- Error sanitization -- No credentials in error messages
Build from Source
git clone https://github.com/n24q02m/mnemo-mcp.git
cd mnemo-mcp
uv sync
uv run mnemo-mcp
License
MIT -- See LICENSE.
Reviews (0)
Sign in to leave a review.
Leave a reviewNo results found