agentbrain-mcp

v0.2.0 safe
4.0
Medium Risk

Agent Brain MCP Server — stdio + Streamable-HTTP transport surfaces for cross-source personal memory (Claude Code, Claude Desktop, Cursor, Windsurf)

🤖 AI Analysis

Final verdict: SAFE

The package is assessed as having a low risk score due to minimal evidence of potential threats such as shell execution, obfuscation, or credential risks. However, the lack of detailed metadata and repository information slightly elevates the risk.

  • Low risk scores in network, shell, obfuscation, and credential checks
  • Concerns over sparse metadata and maintainer information
Per-check LLM notes
  • Network: The observed network call patterns indicate the package is likely making HTTP requests to external services, which is common for packages that provide API access or remote service interaction.
  • Shell: No shell execution patterns were detected, indicating no immediate risk associated with command execution.
  • Obfuscation: No obfuscation patterns detected, indicating low risk of malicious intent.
  • Credentials: No credential harvesting patterns detected, suggesting safe handling of sensitive information.
  • Metadata: The missing repository and sparse maintainer information raise concerns but do not definitively indicate malicious intent.

🔬 Heuristic Checks

Outbound Network Calls score 6.0

Found 4 network call pattern(s)

  • ", "") self._client = httpx.AsyncClient(timeout=timeout) def _headers(self, agent_id: str | Non
  • ─────────────────── client = httpx.AsyncClient(timeout=15.0) async def brain_request(endpoint: str, agent
  • handler) client._client = httpx.AsyncClient(transport=transport, timeout=2.0) return client # ----
  • handler) client._client = httpx.AsyncClient(transport=transport, timeout=2.0) caplog.set_level(logg
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: agentbrain.ch>

Suspicious Page Links

All external links appear legitimate

Git Repository History score 3.0

Repository not found (deleted or private)

  • Repository not found (deleted or private)
Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agentbrain-mcp 
Create a personal memory management app called 'MemoSync' using the Python package 'agentbrain-mcp'. MemoSync should allow users to sync and manage their personal memories across multiple sources like Claude Code, Claude Desktop, Cursor, and Windsurf. The app should provide a user-friendly interface for adding new memories, categorizing them, and searching through past entries. Additionally, it should support real-time updates and notifications when new memories are added from any connected source. Utilize 'agentbrain-mcp' to handle the communication between different memory sources and the app, leveraging its stdio and Streamable-HTTP transport capabilities. Implement the following features:
1. User authentication and profile management
2. Add, edit, delete, and categorize memories
3. Real-time synchronization of memories across all connected sources
4. Search functionality with filters based on date, category, and source
5. Notifications for new memories added from any source
6. Export memories to CSV or JSON format for backup purposes
7. Ensure data privacy and security while syncing and storing memories