MemCP
by ardaaltinors
Overview
MemCP provides a memory management system for AI assistants, enabling persistent context, knowledge graphs, and user profile synthesis across conversations and various AI platforms.
Installation
uv run python main.pyEnvironment Variables
- MCP_SERVER_HOST
- MCP_SERVER_PORT
- API_SERVER_PORT
- MCP_BASE_URL
- DB_HOST
- DB_PORT
- DB_NAME
- DB_USER
- DB_PASSWORD
- AUTH_SECRET_KEY
- AUTH_ACCESS_TOKEN_EXPIRE_MINUTES
- CELERY_BROKER_URL
- CELERY_RESULT_BACKEND
- QDRANT_HOST
- QDRANT_PORT
- REDIS_HOST
- REDIS_PORT
- OPENAI_API_KEY
Security Notes
The application demonstrates several good security practices, including strong password hashing (bcrypt), extensive use of environment variables for secrets, and redaction of sensitive information (like API keys, passwords, tokens) in logs. Database queries appear to be parameterized, mitigating SQL injection risks. However, a **critical XSS vulnerability** exists in `src/middlewares/mcp_oauth_redirect_middleware.py`. The `redirect_url` from user-controlled query parameters is directly embedded into a JavaScript `window.location.href` assignment without proper sanitization. This allows malicious `javascript:` URIs to execute arbitrary code in the user's browser context. Path-based API keys (`/mcp/{api_key}`) are also generally less secure than header-only authentication, though header-based API keys are also supported.
Similar Servers
meilisearch-mcp
Connect LLMs to Meilisearch for natural language interaction and management of search indices and data.
memory-graph
A graph-based MCP server that provides intelligent memory capabilities for Claude Code, enabling persistent knowledge tracking, relationship mapping, and contextual development assistance.
memory-mcp-server-go
A Model Context Protocol server providing knowledge graph management capabilities for LLMs to maintain memory across conversations.
MemoryGate
MemoryGate provides durable memory-as-a-service for AI agents, combining structured storage, semantic search, OAuth-based authentication, and lifecycle controls for retention and archiving.