Mind Keg MCP

A persistent memory server that stores and retrieves atomic coding insights like architectural decisions and debugging patterns for AI agents. It enables agents to maintain institutional knowledge across sessions using semantic search and local SQLite storage.

→ carloluisito/mindkeg-mcp · listed on glama

Is this your MCP?

Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.

Install from

Glama PulseMCP

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings

🚨

Known vulnerabilities in dependencies: 2 critical, 2 high

Affects packages this MCP installs at runtime. Upgrade or remove the affected dependency.

🔐

You'll be asked for 3 credentials: MINDKEG_API_KEY, MINDKEG_ENCRYPTION_KEY, OPENAI_API_KEY

These are read from process.env at runtime. Make sure you trust where they’ll be sent.

// known CVEs in dependencies2 critical2 high1 low

Disclosed vulnerabilities in this server's declared npm dependencies (via OSV). Whether each is reachable depends on the installed versions.

criticalvitest@2.0.0GHSA-5xrq-8626-4rwp

When Vitest UI server is listening, arbitrary file can be read and executed

criticalvitest@2.0.0GHSA-9crc-q9x8-hgqq

Vitest allows Remote Code Execution when accessing a malicious website while Vitest API server is listening

high@modelcontextprotocol/sdk@1.0.0GHSA-8r9q-7v3j-jr4g

Anthropic's MCP TypeScript SDK has a ReDoS vulnerability

high@modelcontextprotocol/sdk@1.0.0GHSA-w48q-cv73-mx4w

Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default

lowtsup@8.1.0GHSA-3mv9-4h5g-vhg3

tsup DOM Clobbering vulnerability

Depend on this server? Get alerted when its CVEs change.Watch this server free →

// required environment variables

This server reads these from process.env. You'll be asked to provide them before it can run.

🔐 secretMINDKEG_API_KEY— mk_your_key mindkeg serve --http

configMINDKEG_AUDIT_LOG— export =~/.mindkeg/audit.jsonl # default

configMINDKEG_DEFAULT_TTL_DAYS— export =365 # Expire all learnings after 1 year by default

configMINDKEG_EMBEDDING_PROVIDER— fastembed fastembed, openai, or none

🔐 secretMINDKEG_ENCRYPTION_KEY— mindkeg encrypt-db # Encrypt existing database (requires )

configMINDKEG_HOST— 127.0.0.1 HTTP server bind address

configMINDKEG_LOG_LEVEL— info debug, info, warn, error

configMINDKEG_METRICS_AUTH— Both endpoints are unauthenticated by default. Set =true to require API key auth.

configMINDKEG_PORT— 52100 HTTP server port

configMINDKEG_PURGE_INTERVAL_HOURS— export =24 # Run purge every 24 hours (default)

configMINDKEG_RATE_LIMIT_READ_RPM— export =300 # default: 300 read req/min per key

configMINDKEG_RATE_LIMIT_WRITE_RPM— export =100 # default: 100 write req/min per key

configMINDKEG_SQLITE_PATH— ~/.mindkeg/brain.db SQLite database file

configMINDKEG_STORAGE

🔐 secretOPENAI_API_KEY— (none) OpenAI API key (when provider=openai)

// full audit trail

The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.

// improvement guidance — verified publishers only

We have 7 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.

// embed badge in your README

[![M8ven Score](https://m8ven.ai/badge/mcp/carloluisito-mindkeg-mcp-1i2qo5)](https://m8ven.ai/mcp/carloluisito-mindkeg-mcp-1i2qo5)

commit: 6e5ecf1584812916bcdf9292176eeb5c2b28fec8

code hash: 9eb90efb9c39cdf7a4a9bf33e29c7b660e29fd52488f5157d9faa3b02b3fb528

verified: 6/12/2026, 11:11:13 AM

view raw JSON →