Cairn MCP Server
Provides LLM enrichment for memory auto-summarization, tagging, importance scoring, and knowledge extraction using Google Gemini.
Supports knowledge graph storage for entities, facts, and inter-memory relationships, enabling graph-based queries and code graph analysis.
Enables local LLM enrichment for memory auto-summarization, tagging, importance scoring, and knowledge extraction via Ollama.
Provides LLM enrichment for memory auto-summarization, tagging, importance scoring, and knowledge extraction using OpenAI-compatible APIs.
Serves as the primary database with pgvector for vector similarity search, hybrid search, and bi-temporal memory storage.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Cairn MCP ServerRemember: our backup schedule is daily at 3am."
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Cairn is retired, and this repository is archived (read-only). Its successor is rill — a faster, leaner, MCP-native memory server written in Go that learned from everything Cairn got right (and the things it got wrong). Cairn was the first; rill is where the work continues. This repo stays up as a read-only archive — explore it, fork it, but new development lives in rill.
A self-hosted persistent memory platform for AI agents and humans. Store something once, find it later, across sessions, across projects. Four containers. docker compose up. Done.
Cairn is the memory brain. Your agent runtime handles execution — Cairn handles knowing. What decisions were made, what facts are known, what patterns emerge across projects.
It's built for the systems person. The curious. The t-shaped. The ones who need a memory that works the way they do, across everything, all at once.
Quick Start
1. Pull and run
curl -O https://raw.githubusercontent.com/jasondostal/cairn-mcp/main/docker-compose.yml
docker compose up -dFour containers start:
cairn on port 8000 (MCP server + REST API)
cairn-ui on port 3000 (web dashboard)
cairn-db (PostgreSQL 16 + pgvector)
cairn-graph (Neo4j 5, knowledge graph)
Migrations run on first boot. Ready in about a minute.
2. Connect your IDE
Add this to your MCP config:
{
"mcpServers": {
"cairn": {
"type": "http",
"url": "http://localhost:8000/mcp"
}
}
}Where that goes:
IDE | Config file |
Claude Code |
|
Cursor |
|
Windsurf |
|
Cline | MCP settings panel in VS Code |
Continue |
|
PiClaw |
|
Or run the setup wizard — it walks you through everything: LLM backend, database, embeddings, auth, and IDE configuration:
git clone https://github.com/jasondostal/cairn-mcp.git && ./cairn-mcp/scripts/setup.shPick a tier (local dev, recommended, enterprise, or custom) and the wizard collects only what that tier needs. Supports --dry-run and --non-interactive for CI.
3. Use it
Tell your agent to remember something:
"Remember that we chose PostgreSQL for storage because it handles hybrid search without a separate vector DB."
Search for it later:
"What did we decide about the storage layer?"
That's it. 11 tools available. The ones you'll use most:
Tool | What it does |
| Save a memory with auto-enrichment. Supports |
| Find memories (vector + keyword + recency + tags). Temporal filters: |
| Get full content for specific memory IDs |
| Boot a session with rules, recent activity, beliefs, and open work |
| Load behavioral guardrails (global or per-project) |
| Durable epistemic state — crystallize, challenge, retract knowledge with confidence tracking |
| Create, claim, and complete tasks with dependencies and gates |
| Capture ephemeral thoughts — hypotheses, questions, tensions — with salience decay |
| Manage project docs (briefs, PRDs, plans) |
| Structural queries: dependents, impact, callers, callees, dead code, complexity, hotspots |
| Validate architecture boundary rules against imports |
The rest: modify, insights, think, status, consolidate, ingest.
Related MCP server: Cortex Hub
What's in the box
Memory that persists across sessions. Your agent makes a decision at 2am. Next morning, different session, it finds that decision. That's the core. Bi-temporal tracking separates when something happened (event_at) from when you learned it (created_at). Memories that go unaccessed decay naturally; important ones are protected. Related memories get consolidated into higher-order insights automatically.
Beliefs. Durable epistemic state — knowledge held with confidence. Crystallize hypotheses into beliefs, challenge them with counter-evidence, retract them when wrong. Beliefs surface in session boot alongside rules and memories, giving agents a clear picture of what the organization knows and how confident it is.
Search that fuses signals. Vector similarity, recency, access frequency, keyword matching, and tag overlap blended via Reciprocal Rank Fusion. Filter by project, type, or time range. Temporal queries: "what did we know as of Tuesday?" via as_of, "what happened last week?" via event_after/event_before.
Knowledge graph. Entities and facts get extracted into a Neo4j graph that connects memories through shared people, places, projects, and concepts. Optional, but powerful when you're working across domains.
Thinking sequences. Structured deliberation — start with a goal, add thoughts (observations, hypotheses, analysis, alternatives), conclude. Both humans and agents contribute. The exploration itself becomes searchable memory.
Work management. Hierarchical work items with dependency tracking, gates that pause for human decisions, and activity logging. Experimental — evolving as we learn what works.
Web dashboard. Browse memories with OKLCH-colored toggle filters, score gradient bars, and shareable URL state. Explore the knowledge graph and entity relationships. View analytics, manage work items. Port 3000.
Code intelligence. A standalone worker indexes codebases with tree-sitter (30 languages) and builds a code graph in Neo4j. The server queries the graph without ever touching source files. Ask structural questions — "what depends on this file?", "who calls this function?", "what's the blast radius?" — and get answers from the code graph. Call graph extraction, cyclomatic complexity, dead code detection. Enforce architecture boundaries with YAML rules. Works across projects.
Category | Languages |
Systems | C, C++, Rust, Go, Zig |
JVM | Java, Scala, Kotlin, Groovy |
.NET | C# |
Scripting | Python, Ruby, PHP, Lua, Bash |
Web | TypeScript/TSX, HTML, CSS |
Apple | Swift, Objective-C |
ML/Scientific | OCaml, MATLAB |
Config & Data | JSON, YAML, TOML, HCL (Terraform), Dockerfile, Makefile, SQL, Markdown |
Multi-user authentication and RBAC. Off by default, zero to enterprise in one command. ./scripts/setup.sh includes auth configuration, or run ./scripts/setup-auth.sh standalone. Auth mode selection (none / local JWT / OIDC SSO), JWT secret generation, OIDC provider validation. Personal Access Tokens for machine clients, stdio identity for MCP. Three roles, project-level scoping, first-user-becomes-admin. Groups with OIDC sync. See the Authentication Guide.
Disaster recovery. Cron-friendly scripts for PostgreSQL dump and Neo4j graph export with configurable retention. Tested restore procedures with migration safety checks. See the Backup Guide.
Do I need an LLM?
No. Store, search, recall, and rules work without one. You lose auto-enrichment (summaries, tags, importance scoring), knowledge extraction, and thinking.
If you want enrichment:
Backend | Setup |
Ollama (default) | Install Ollama, pull a model. Cairn connects to |
AWS Bedrock | Set |
Google Gemini | Set |
OpenAI-compatible | Set |
Configuration
All via environment variables. The ones that matter:
Variable | Default | What it does |
| (empty) | Preset: |
|
| LLM provider: |
|
| Database password. Change this for anything beyond local. |
|
| Multi-user authentication (JWT, PATs, OIDC/SSO) |
| (empty) | JWT signing secret (required when auth enabled) |
|
| OIDC/SSO integration (any OIDC-compliant provider) |
|
| OAuth2 Authorization Server for remote MCP clients (Claude.ai, mobile) |
| (disabled) | Set to |
|
| Entity/statement extraction on store |
|
|
|
|
| Staging directory for file-path ingestion of large documents |
|
| Root directory for code intelligence indexing (mount codebases here) |
Full reference is in docker-compose.yml. Every variable has a sensible default.
Authentication
Off by default. The fastest way to enable it is through the setup wizard:
./scripts/setup.sh # includes auth as step 2
./scripts/setup-auth.sh # or run auth setup standaloneThree modes — no auth, local JWT, or OIDC/SSO. Generates secrets, validates
your identity provider's discovery endpoint, writes .env. Provider-specific
URL hints for Authentik, Keycloak, Auth0, Okta, and Azure AD. Both scripts
support --dry-run and --non-interactive for CI.
First user to register becomes admin. Role-based access control enforces permissions across REST API, MCP HTTP, and the web UI. Personal Access Tokens for machine clients, groups with OIDC sync.
See the Authentication Guide for the full reference covering all auth modes, OIDC provider configuration, and MCP client examples.
Security note: Cairn's auth system is functional and production-tested but has not been independently audited. For network-exposed deployments, add TLS termination and network-level access controls.
Remote MCP Access (Claude.ai, Mobile)
Connect Cairn to Claude.ai, the Claude mobile app, or any OAuth2-capable MCP client. Cairn acts as an OAuth2 Authorization Server, delegating user authentication to your existing OIDC identity provider.
Prerequisites: Auth enabled (CAIRN_AUTH_ENABLED=true), OIDC configured (CAIRN_OIDC_ENABLED=true), and a public URL set (CAIRN_PUBLIC_URL).
Enable it:
CAIRN_MCP_OAUTH_ENABLED=trueConnect from Claude.ai:
Go to Claude.ai Settings > Integrations > Add custom MCP
Enter your Cairn URL:
https://your-cairn-domain.com/mcpClaude.ai discovers the OAuth2 endpoints automatically
You'll be redirected to your identity provider to log in
After login, Claude.ai has full access to your Cairn MCP tools
The OAuth2 flow uses Authorization Code + PKCE with Dynamic Client Registration (RFC 7591). If your identity provider supports SSO sessions, the auth redirect is invisible after the first login.
See the Remote MCP Guide for reverse proxy configuration, security hardening, and troubleshooting.
Code Intelligence
Code intelligence runs as a standalone worker that indexes source code and writes to Neo4j. The cairn server queries the graph but never touches source files directly. This separation means indexing doesn't block the event loop and the worker can run on the machine where code lives.
Requirements: Neo4j (the cairn-graph service in docker-compose) must be running.
Quick start
# Index a single project (one-shot, no watching)
python -m cairn.code \
--watch /path/to/your/repo:your-project \
--neo4j-uri bolt://localhost:7687 \
--cairn-url http://localhost:8000 \
--no-watch
# Index and watch for changes (long-running)
python -m cairn.code \
--watch /home/user/working/myproject:myproject \
--watch /home/user/working/other:other \
--neo4j-uri bolt://my-server:7687Environment variables
Variable | Default | What it does |
|
| Neo4j bolt URI |
|
| Neo4j username |
|
| Neo4j password |
|
| Cairn server URL (for project ID resolution) |
| (empty) | API key if cairn auth is enabled |
| (empty) | Comma-separated |
|
| Enable filesystem watching after initial index |
|
| Force re-index even if content hash unchanged |
Docker / remote codebases
Mount source code into the cairn container and set CAIRN_CODE_DIR:
# docker-compose.yml
volumes:
- /path/to/code:/data/code:ro # read-only mount
environment:
CAIRN_CODE_DIR: /data/codeOr run the worker on the code host and point it at your cairn + Neo4j instances:
CAIRN_NEO4J_URI=bolt://cairn-host:7687 \
CAIRN_API_URL=http://cairn-host:8000 \
CAIRN_CODE_PROJECTS="myproject=/home/user/code/myproject" \
python -m cairn.codeWhat gets indexed
Symbols: functions, classes, methods, interfaces, enums, React components/hooks
Relationships:
IMPORTS(file-level),CALLS(function-level),CONTAINS(parent-child)Metadata: signatures, docstrings, cyclomatic complexity, line numbers, content hashes
Languages: Python, TypeScript/TSX, and 28 more (C, Rust, Go, Java, Ruby, etc.)
Query examples (via code_query MCP tool)
Action | What it does |
| Files that import the target |
| Files the target imports |
| Functions that call the target |
| Functions the target calls |
| Trace call paths between two functions |
| Functions with zero callers |
| Rank functions by cyclomatic complexity |
| Blast radius — transitive dependents |
| PageRank — structurally important files |
| Fulltext search over symbol names and docstrings |
Architecture
MCP clients (Claude Code, Cursor, PiClaw) REST clients (web UI, scripts)
| |
| MCP (stdio or HTTP) | REST API
| |
+-------v--------------------------------------------v--------+
| cairn.server (MCP tools) cairn.api (FastAPI endpoints) |
| |
| core: memory, search, enrichment, extraction, clustering |
| working memory, beliefs, thinking, work items |
| |
| embedding: local (MiniLM) or Bedrock (Titan V2) |
| llm: Ollama, Bedrock, Gemini, OpenAI-compatible |
+------+----------------------------------------------+------++
| | |
v v |
PostgreSQL 16 + pgvector Neo4j 5 <-------+
(optional) |
^ |
code worker (python -m cairn.code) | |
tree-sitter parsing, call graph --------+ |
watches filesystem for changes |Benchmark
Tested against LoCoMo, a long-conversation memory benchmark with 1,986 questions across five categories.
System | Score | LLM |
Cairn | 81.6% | Llama-3.3-70B |
Human baseline | 87.9% | — |
Letta/MemGPT | 74.0% | GPT-4o-mini |
Mem0 | 66.9% | GPT-4o |
Test configuration: Titan V2 embeddings (Bedrock, 1024-dim), episodic ingestion (raw turns + two-pass fact extraction), Search V2 with graph-primary retrieval, type routing, cross-encoder reranking, LLM-as-judge evaluation. Full results and methodology in eval/.
Development
git clone https://github.com/jasondostal/cairn-mcp.git
cd cairn-mcp
cp .env.example .env
docker compose up -d --buildStatus
Cairn is under active development. It's a real system used daily in production, and it's evolving as I learn what actually works for agent memory. Migrations handle schema changes. If something breaks, open an issue.
License
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/jasondostal/cairn-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server