← Back to Skills Marketplace
dazhuangjammy

Engram MCP Server

by 大壮/Jammy · GitHub ↗ · v0.1.0
cross-platform ⚠ suspicious
447
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install engram-mcp-server
Description
Engram MCP Server — 给 AI 注入可切换的专家记忆(谁 + 知道什么 + 怎么思考)。支持 Claude Code / Cursor / Codex 等 MCP 客户端。
README (SKILL.md)

Engram MCP Server

把专家记忆封装成可加载资源:不仅是知识检索,还包含角色、工作流、规则与动态记忆。

适用场景

  • 你希望 AI 在不同专家人设间快速切换
  • 你需要跨会话持久化用户偏好与关键事实
  • 你想在 MCP 客户端里统一管理 memory / knowledge / examples

快速安装(推荐)

claude mcp add --scope user engram-server -- uvx --from git+https://github.com/DazhuangJammy/Engram engram-server

常用命令

# 启动 MCP Server
engram-server serve

# 启动可视化 UI
engram-server ui

关键能力

  • 零向量依赖(不强绑 chromadb/litellm)
  • 索引驱动分层加载(role/workflow/rules 常驻 + knowledge/examples 按需读)
  • 动态记忆、工具轨迹、记忆纠错与归档
  • 支持多种 MCP 客户端集成

参考

Usage Guidance
The skill looks like a legitimate local MCP server for 'engram' memories, but it has several operational risks you should weigh before installing: 1) The installer is a download-and-execute shell command (curl | sh). Inspect https://astral.sh/uv/install.sh yourself before running, or install 'uv' from a package manager you trust. 2) The skill is designed to automatically persist user memory and tool-trace data to project/global folders (./.claude/engram and ~/.engram). That can include PII or sensitive conversation content — avoid loading highly sensitive data into it. 3) The README claims the server will auto-pull the latest code from GitHub on client start; consider disabling auto-update or running the server in an isolated environment if you want reproducible behavior. 4) Review the bundled source code locally (you already have it in the skill bundle) to confirm there are no hard-coded external endpoints or unexpected network calls. 5) If you proceed, run initial installs and the web UI in a sandbox or container, back up any data, and do not enable global automatic installs/updates until you trust the upstream. If you want, I can (a) point out where to inspect the uv installer script, (b) search the included source for outbound-network calls or telemetry functions, or (c) suggest a safer install/run checklist.
Capability Analysis
Type: OpenClaw Skill Name: engram-mcp-server Version: 0.1.0 The skill bundle is classified as suspicious primarily due to its installation method and the ability to install Engram packs from arbitrary Git URLs. The `SKILL.md` file instructs the OpenClaw agent to execute `curl -LsSf https://astral.sh/uv/install.sh | sh`, which is a high-risk practice as it pipes a remote script directly to a shell, creating a supply chain vulnerability. Additionally, the `install_engram` tool allows the agent to `git clone` from user-provided `source` URLs. While the code includes path traversal protections (`loader.py`, `server.py`) to prevent writing outside designated Engram directories, cloning from an untrusted Git repository could still introduce and execute malicious code within the skill's operational scope. There is no evidence of intentional malicious behavior like data exfiltration to unknown endpoints or persistence mechanisms, and the prompt instructions (`CLAUDE.MD`, `README.md`) are aligned with the stated purpose of managing 'expert memory packs'.
Capability Assessment
Purpose & Capability
The skill's name/description (an MCP server for switchable expert memories) matches the included source files and CLI examples. Requiring the 'uvx' launcher is coherent with the provided install/run patterns (uvx used to run the repo from git). Having full Python source bundled is consistent with the server capability.
Instruction Scope
Runtime instructions and bundled CLAUDE.md/KNOWLEDGE_VERIFICATION_PROMPT encourage the agent to proactively call MCP tools, automatically capture and persist many forms of user memory (including PII/preferences/tool traces), write MCP config into user/global locations, and prefer running commands itself rather than asking the user. That broad, automatic data-collection/writing behavior expands the skill's scope beyond simple read-only memory lookup.
Install Mechanism
The SKILL.md metadata includes a shell install step that runs 'curl -LsSf https://astral.sh/uv/install.sh | sh' (download-and-execute). Even if this is the official uv installer, curl|sh is higher-risk than a reviewed package. The skill also documents automatic GitHub pulls on client startup, which means remote code may be fetched and executed without further user action.
Credentials
The skill does not request environment variables or credentials (no API keys), which is appropriate. However, it is designed to persist user memories (project-level './.claude/engram' and optional '~/.engram') and to record tool traces and memory items automatically; these persistent storage choices can capture sensitive personal data even though no secrets are requested.
Persistence & Privilege
The install/usage guidance says it will write MCP configuration (potentially global), create project directories, bootstrap starter packs, and auto-pull updates from GitHub on each client start. While 'always' is false, the described global config writes and auto-update behavior grant substantial persistence and the ability to change runtime behavior without repeated user consent.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install engram-mcp-server
  3. After installation, invoke the skill by name or use /engram-mcp-server
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
Initial ClawHub release: Engram MCP Server with expert-memory packaging, index-driven loading, and MCP integration docs.
Metadata
Slug engram-mcp-server
Version 0.1.0
License
All-time Installs 1
Active Installs 1
Total Versions 1
Frequently Asked Questions

What is Engram MCP Server?

Engram MCP Server — 给 AI 注入可切换的专家记忆(谁 + 知道什么 + 怎么思考)。支持 Claude Code / Cursor / Codex 等 MCP 客户端。 It is an AI Agent Skill for Claude Code / OpenClaw, with 447 downloads so far.

How do I install Engram MCP Server?

Run "/install engram-mcp-server" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Engram MCP Server free?

Yes, Engram MCP Server is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Engram MCP Server support?

Engram MCP Server is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Engram MCP Server?

It is built and maintained by 大壮/Jammy (@dazhuangjammy); the current version is v0.1.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments