Install command
Provided
Local-first GoodMemory MCP server for giving Claude durable, scoped memory with SQLite storage, auditable recall, explicit deletion, and opt-in governed writes.
Open the source and read safety notes before installing.
Source-backed facts for citing this resource, derived directly from the registry — also available as plain text for AI assistants.
Decision playbook
Signals are present but mixed. Use the checklist below to confirm the source and operational safety for your environment.
0
78
—
No baseline selected
No major trust-signal divergence detected in the current selection.
Confirm ownership and provenance before trusting install instructions.
Source link availableRequired
Open the canonical repository and verify ownership.
Source provenance statusRequired
Marked as source-backed.
Metadata reviewed
Registry metadata indicates a reviewed listing.
Validate risk disclosures before installation or API wiring.
Safety notes presentRequired
Review the listed safety guidance before running commands.
Privacy notes presentRequired
Review data handling notes before connecting accounts or secrets.
Trust level risk gateRequired
Trust level does not block evaluation.
Check package metadata and artifact integrity signals.
Install payload available
Install or copy payload is available for review.
Package verification flag
No package verification flag provided.
Checksum metadata
No checksum provided for downloaded artifact.
Use compare context to validate trade-offs before adoption.
Compare tray has multiple entries
Add at least one more entry to compare trust differences.
Baseline comparison available
No baseline peer selected yet.
Diverging trust signals identified
No major trust-signal divergence found.
Setup at a glance
Copy-ready — paste the snippet to get started.
Install command
Provided
Config snippet
Provided
Copy snippet
Provided
Prerequisites
4 to clear
Platforms
4 listed
Install type
CLI install
Adoption plan
Current risk score 16/100. Use staged verification before broader rollout.
Validate source and review signals before any execution.
Confirm source provenanceRequired
Source URL/provenance metadata is present.
Confirm metadata review state
Listing has review metadata.
Verify install payload
Install/config payload exists and can be inspected.
Confirm safety, privacy, and package integrity signals.
Review safety notesRequired
Safety notes are present.
Review privacy notesRequired
Privacy notes are present.
Verify package integrity metadata
No package verification/checksum metadata.
Adopt in controlled steps based on the selected plan.
Run in isolated sandbox firstRequired
Use a constrained sandbox and observe behavior across multiple tasks.
Roll out graduallyRequired
Roll out to a small cohort before wider usage.
Set monitoring and fallback
Define rollback path and monitor errors after adoption.
Evidence readiness
Required evidence gates are covered (5/6 signals complete).
Source repository/provenance is listed.
Required in this preset
Review metadata is present.
Required in this preset
Safety notes are present.
Required in this preset
Privacy notes are present.
Optional in this preset
Package integrity metadata is missing.
Optional in this preset
Install payload is available.
Required in this preset
Required evidence gates are covered for this preset.
Decision timeline
5/6 steps complete with no blocking gaps for this preset.
triage
Source/provenance metadata is available.
triage
Review metadata is available.
verify
Safety notes are available.
verify
Privacy notes are available.
verify
Package integrity metadata is missing.
rollout
Install payload is available.
No required blockers for this timeline preset.
Prerequisite readiness
4 prerequisites to line up before setup.
Safety & privacy surface
3 safety and 3 privacy notes across 5 risk areas. Review closely: third-party handling.
{
"mcpServers": {
"goodmemory": {
"command": "goodmemory-mcp",
"args": ["--standalone", "--user-id", "YOUR_USER_ID"]
}
}
}GoodMemory is an MIT-licensed memory layer for coding agents and AI applications. Its standalone MCP server gives Claude and other MCP clients a scoped, durable store without requiring GoodMemory's managed Codex or Claude Code installation path.
The default MCP surface is read-only: context, trace, statistics, and artifact
inspection. Users can explicitly add --allow-write to register
goodmemory_remember, which sends proposed memories through the same governed
remember pipeline used by the library API.
goodmemory_remember.Install the published package globally:
npm install -g goodmemory@0.5.1
Add the standalone server to an MCP client:
{
"mcpServers": {
"goodmemory": {
"command": "goodmemory-mcp",
"args": ["--standalone", "--user-id", "YOUR_USER_ID"]
}
}
}
The equivalent command is:
goodmemory-mcp --standalone --user-id YOUR_USER_ID
Keep the default read-only surface while validating recall. Add
--allow-write only after reviewing the storage scope and write policy.
GoodMemory creates durable state, so stored content can outlive the conversation
that produced it. Start with the read-only MCP surface, inspect the resolved
storage location, and keep a stable scope. Before enabling
goodmemory_remember, decide which information may be retained and how it will
be reviewed, corrected, exported, or deleted.
The default standalone path is local SQLite and does not require an embedding or extraction provider. Configuring PostgreSQL, embeddings, assisted extraction, or a hosted model changes the data boundary. Treat recalled memory as prompt context: it will be visible to the model provider used by the host.
These sources were reviewed on 2026-07-13. Prefer the live repository, published package metadata, capability descriptor, and official MCP registry entry for current versions, commands, storage behavior, and tool exposure.
GoodMemory MCP Server side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.
1 trust signal differ across this comparison (Submitter).
| Field | Local-first GoodMemory MCP server for giving Claude durable, scoped memory with SQLite storage, auditable recall, explicit deletion, and opt-in governed writes. Open dossier | Local-first persistent memory MCP server for AI coding agents, backed by a single Go binary, SQLite, FTS5 search, CLI, HTTP API, and TUI. Open dossier | Local-first context-engineering MCP server and CLI that gives Claude token-efficient file reads, shell-output compression, code search, graph queries, persistent session memory, context packaging, verification tools, and dashboard-style token accounting through a single Rust binary. Open dossier | MCP server and CLI for Ruflo's multi-agent Claude Code and Codex workflow harness, exposing tools for swarms, agents, memory, hooks, daemons, plugins, federation, and project automation. Open dossier |
|---|---|---|---|---|
| Next steps | ||||
| Trust | ||||
| Review status | ReviewedMaintainer reviewed | ReviewedMaintainer reviewed | ReviewedMaintainer reviewed | ReviewedMaintainer reviewed |
| Package trust | Package not verified | Package not verified | Package not verified | Package not verified |
| Source provenance | Source-backed | Source-backed | Source-backed | Source-backed |
| SubmitterDiffers | hjqcan | oktofeesh1 | oktofeesh1 | oktofeesh1 |
| Install risk | Review first | Review first | Review first | Review first |
| Notes | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ |
| Brand | — | — | — | |
| Category | mcp | mcp | mcp | mcp |
| Source | source-backed | source-backed | source-backed | source-backed |
| Author | hjqcan | Gentleman Programming | Yves Gude | RuvNet |
| Added | 2026-07-13 | 2026-06-05 | 2026-06-06 | 2026-06-06 |
| Platforms | Claude CodeCodexCursorClaude Desktop | Claude CodeClaude Desktop | Claude CodeClaude Desktop | Claude CodeClaude Desktop |
| Source repo | — | — | — | — |
| Safety notes | ✓Standalone MCP starts with eight read-only tools; the governed goodmemory_remember tool is registered only with --allow-write or GOODMEMORY_MCP_ALLOW_WRITE=1. Enabling writes persists selected memory; separate GoodMemory lifecycle APIs can remove stored records, so review write and deletion operations and keep backups of important data. Optional installed-host setup can modify Codex or Claude Code hook and MCP configuration; this is separate from standalone MCP mode. | ✓Engram can save, update, delete, search, compare, judge, merge, and summarize project memories that may influence future agent behavior. Incorrect or stale memories can steer an agent toward bad assumptions, so review saved decisions, architecture notes, and task learnings periodically. Use explicit project selection or repo-local configuration when multiple projects are visible to the MCP server. Cloud sync is opt-in; review project scope, tokens, allowed projects, and repair flows before enabling shared replication. | ✓LeanCTX can read local files, run shell commands invoked through its tools, cache outputs, install shell/editor hooks, and persist session state. Review generated MCP and shell-hook changes before enabling them across all agents or shells. Keep path jail enforcement enabled for normal use, and allow extra roots only when a project genuinely needs them. Disable or restrict command-execution and unsafe I/O tools for regulated repositories, untrusted workspaces, or shared team environments. Treat compressed shell output and cached reads as summaries; switch to full reads or raw command output when exact source text matters. | ✓Ruflo's full CLI install can add project files, MCP configuration, hooks, helper scripts, memory state, commands, skills, and background automation. The MCP surface includes tools for agent spawning, swarm coordination, memory operations, hook execution, daemon control, plugins, security scans, and federation. Background daemons and hooks can run automatically based on session, task, file, or worker events; inspect generated settings before relying on them. Some workflows can execute shell commands, edit project files, scan dependencies, start services, or dispatch multi-step agent tasks. Federation and HTTP transport modes can expose agent coordination outside the local stdio boundary; keep them disabled unless you have reviewed network trust. Use least-privilege repositories and require human review before accepting generated code, security fixes, plugin installs, or automated workflow changes. |
| Privacy notes | ✓Standalone mode stores durable memory in local SQLite by default, under the GoodMemory home directory, until the user exports or deletes it. Recalled memory is inserted into Claude's model context and can therefore be sent to the configured model provider. Optional PostgreSQL, embedding, or assisted-extraction providers change the data boundary and may send memory content to configured external services. | ✓Memories can contain product plans, architecture decisions, code paths, prompts, implementation notes, incident details, and sensitive lessons learned. Local SQLite storage, exported sync chunks, Git-tracked memory files, cloud replication, HTTP API logs, and TUI copy actions can expose memory content. Do not store secrets, credentials, customer data, or unreleased security details unless the local store and any sync targets are approved for that data. | ✓Local code, file paths, command output, search terms, session notes, context packages, knowledge graph data, token metrics, and dashboard statistics can be sent to the MCP client and model. LeanCTX stores local stats and session state under its own configuration/data directories; protect these files if they contain project decisions, findings, or sensitive paths. Secret-like paths are blocked or role-gated by default according to upstream security docs, but users should still avoid prompting agents to read credentials, private keys, tokens, or ignored files. The upstream security policy describes optional update checks and opt-in anonymous stats sharing; disable network checks when working in confidential or offline environments. | ✓Ruflo memory, hooks, logs, telemetry-style metrics, worker output, prompts, code snippets, file paths, and task history may be stored under project-local state. Agent memory and embeddings can preserve sensitive implementation details beyond the current chat session. Federation, hosted UI, remote provider, plugin, or HTTP transport workflows may move task context beyond the local machine if enabled. Security scans, dependency checks, and code analysis can reveal private package names, vulnerabilities, paths, branch names, and repository structure. Review `.claude`, `.claude-flow`, helper scripts, logs, and exported memory before sharing a repository or support bundle. |
| Prerequisites |
|
|
|
|
| Install | | | | |
| Config | | | | |
| Citations | ||||
| Claim | Unclaimed | Unclaimed | Unclaimed | Unclaimed |
Source-backed guides for putting this to work.
Use /compact, /memory, and CLAUDE.md hygiene to keep long Claude Code sessions accurate.
Loading live community signals…
A short, calm digest of reviewed Claude resources. Unsubscribe any time.