sabo-mcp
Verified Safeby congthien2003
Overview
A Model Context Protocol (MCP) server for AI/LLMs to store conversational memories locally and optionally synchronize them with a Supabase cloud backend, and to pull AI agent workflows into a project directory.
Installation
bun run index.tsEnvironment Variables
- MEMORIZE_MCP_PROJECT_ROOT
- MEMORIZE_MCP_SUPABASE_URL
- MEMORIZE_MCP_SUPABASE_SERVICE_ROLE_KEY
- MEMORIZE_MCP_PROJECT_SLUG
- MEMORIZE_MCP_WORKFLOWS_SOURCE_TYPE
- MEMORIZE_MCP_WORKFLOWS_SOURCE
- MEMORIZE_MCP_TARGET_PROJECT_DIR
Security Notes
The server uses environment variables (e.g., MEMORIZE_MCP_SUPABASE_SERVICE_ROLE_KEY) for sensitive Supabase credentials, which is good practice. Path traversal vulnerabilities are explicitly mitigated in the `pullWorkflows` logic using `path.basename` and `path.resolve` checks. However, a similar explicit input sanitization/validation for the `filename` parameter in `save_memorize` (handled by `saveLocalMemory`) is not as robust. While `path.join` offers some protection, an adversarial `filename` (e.g., containing `../`) could potentially write files outside the intended memory directory if not sanitized before being passed to `path.join`. No `eval` or code obfuscation was found.
Similar Servers
mem-agent-mcp
Provides a Model Context Protocol (MCP) server for a memory agent, enabling LLMs to interact with an Obsidian-like memory system for contextual assistance and RAG.
copilot-memory-store
A persistent local memory store for AI assistants and coding agents, enabling context engineering by saving, searching, and compressing developer-specific knowledge across conversations.
mcp-http-agent-md
This server acts as a central hub for AI agents, managing project knowledge (AGENTS.md), structured tasks, version history, and ephemeral scratchpads, with capabilities to spawn context-isolated subagents for focused tasks.
simple-memory-mcp
A Model Context Protocol (MCP) server for persistent memory storage, providing intelligent tagging and full-text search for AI assistants to remember context across conversations.