ogham-mcp

Ogham MCP is a Python-based Model Context Protocol (MCP) server that provides persistent, cross-client “shared memory” for AI coding agents. It stores memories in a Postgres-compatible database (Supabase/Postgres), generates embeddings via configurable providers (OpenAI/Ollama/Mistral/Voyage/Gemini or local ONNX), and exposes MCP tools for memory storage/retrieval plus additional capabilities like search, graph/profiles, and import/export. It can run per-client in stdio mode or as a shared persistent server via SSE transport, and includes CLI utilities (init/health/search/store/list/export/import/serve/openapi).

Evaluated Mar 30, 2026 (0d ago)
Homepage ↗ Repo ↗ Ai Ml mcp agent-memory persistent-memory pgvector postgres supabase python stdio sse search embeddings ai-coding-agents
⚙ Agent Friendliness
53
/ 100
Can an agent use this?
🔒 Security
39
/ 100
Is it safe for agents?
⚡ Reliability
35
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
78
Documentation
70
Error Messages
0
Auth Simplicity
35
Rate Limits
10

🔒 Security

TLS Enforcement
20
Auth Strength
30
Scope Granularity
10
Dep. Hygiene
70
Secret Handling
75

Strengths: README claims secret masking when capturing tool activity via hooks (API keys/tokens/passwords/JWTs masked before storing). Risks/unknowns: MCP-level authentication/authorization is not described; SSE mode uses http://127.0.0.1 in examples but does not state TLS requirements or auth. Database credentials (e.g., Supabase service role key) are powerful—use least-privileged alternatives where possible and tightly restrict network access. Dependency hygiene cannot be fully verified from provided content; optional extras include third-party embedding and reranking libraries.

⚡ Reliability

Uptime/SLA
0
Version Stability
60
Breaking Changes
50
Error Recovery
30
AF Security Reliability

Best When

You want agent-accessible persistent memory with semantic + keyword retrieval, using Postgres/Supabase as the source of truth, and you can manage database + embedding provider credentials.

Avoid When

You need strong multi-tenant security boundaries enforced by the MCP server (beyond database/security posture), or you cannot run/connect to a database. Also avoid exposing the SSE endpoint broadly without network controls.

Use Cases

  • Persistent coding-agent memory across sessions and across different MCP-capable clients (Claude Code, Cursor, OpenCode, etc.)
  • Team/project shared context: store decisions, gotchas, and architectural patterns; retrieve them later
  • Multi-agent setups where multiple agents share one memory backend via a single long-lived server (SSE mode)
  • Self-hosted or privacy-preserving memory with local embeddings (ONNX/BGE-M3)
  • Migration/backup workflows using export/import and cleanup

Not For

  • No-premise, no-database environments (it requires a database backend before use)
  • Use as a general-purpose document database without embeddings/search needs
  • Environments requiring strict fine-grained authorization/tenant isolation at the application layer (no explicit tenant auth model is described)

Interface

REST API
No
GraphQL
No
gRPC
No
MCP Server
Yes
SDK
No
Webhooks
No

Authentication

Methods: Environment-variable based secrets for database and embedding providers (e.g., SUPABASE_KEY for Supabase service role, DATABASE_URL for Postgres, provider API keys) No explicit MCP client authentication/authorization mechanism described in provided README
OAuth: No Scopes: No

The README documents how to configure provider/database credentials, but does not describe MCP-level auth (no API keys, user auth, or scopes for MCP tools). If exposed over SSE, rely on network controls and database permissions.

Pricing

Free tier: No
Requires CC: No

No SaaS pricing is described; appears self-hosted with external embedding/database provider costs.

Agent Metadata

Pagination
none
Idempotent
False
Retry Guidance
Not documented

Known Gotchas

  • If running in SSE mode, clients point to the shared server URL; ensure you run it persistently and control access to the SSE endpoint.
  • Embedding provider configuration (dimensionality/EMBEDDING_DIM and schema vector(N)) must match; mismatches can lead to failures when storing/searching.
  • Temporal query parsing is mostly local (parsedatetime) but can fall back to an LLM if configured; this can change cost/latency.
  • Secret masking is described for hook-driven inscription, but agents should still avoid sending raw secrets in memory-related tool calls if possible.

Alternatives

Zep (and other agent memory solutions using graphs/temporal KG) Mem0 Vector databases + custom RAG pipelines (pgvector + application logic) Mastra observational memory approaches Open-source memory frameworks that implement MCP

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for ogham-mcp.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

$3

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-30.

6533
Packages Evaluated
19870
Need Evaluation
586
Need Re-evaluation
Community Powered