rekall
Verified Safeby guthubrx
Overview
A local-first, personal knowledge management system for developers, designed to help recall bugs, patterns, and decisions, and integrate with AI assistants via the Model Context Protocol (MCP).
Installation
rekall mcpEnvironment Variables
- REKALL_DATA_DIR
- REKALL_CONFIG
- NO_COLOR
- CLAUDE_PROJECTS_DIR_OVERRIDE
- XDG_CONFIG_HOME
- XDG_DATA_HOME
- XDG_CACHE_HOME
Security Notes
Rekall is designed as a 100% local, privacy-first tool, storing no API keys or passwords. File permissions for the SQLite database are securely set to 0o600. Outbound network access for semantic embedding model download, source enrichment, and link rot checks is opt-in or clearly indicated. A minor, localized SSRF risk remains in one URL validation path (`validate_url_simple`), although partially mitigated by explicit block patterns. The lack of default encryption for the SQLite database is a design choice for simplicity but is noted as an optional enhancement. Archive import now includes robust checks against zip-bombs and oversized files. CI/CD includes dependency scanning (pip-audit, gitleaks).
Similar Servers
chunkhound
Provides local-first codebase intelligence, extracting architecture, patterns, and institutional knowledge for AI assistants.
gistpad-mcp
Manages and shares personal knowledge, daily notes, and reusable prompts via GitHub Gists for MCP-enabled AI products.
pluggedin-app
A testing environment for MCP (Model Control Protocol) servers, allowing interaction through a chat interface powered by LLMs and an AI agent using the LangChain ReAct framework.
knowns
A CLI-first knowledge layer and task/documentation management tool that provides AI agents with persistent project context.