mm.tech

Open Source from Mallorca

Matthias Meyer

Open-source tools for AI builders

I build the MCP servers, memory engines, agent patterns, and security layers I need for my own AI stack. Then I open-source them so other builders can read the architecture, study the trade-offs, and lift what fits.

Open Source from Mallorca

Drag a node, hover for details, click to open the repo.

What you cannot see on the GitHub front page

Stars are slow. Real usage shows up in installs and clones first.

npm installs total
7.5k
git clones / 14d
2.4k
public repos
31
forks
12

Live, refreshed every 6h. Source: api.npmjs.org + GitHub API.

The eight cornerstones

Start here. Everything else extends one of these.

memoryTypeScript

Local Memory MCP

Persistent local memory for Claude, Cursor, Codex

13 MCP tools, SQLite + FTS5 + Knowledge Graph. No cloud, no API keys. One command: npx @studiomeyer/local-memory-mcp.

531k134· 13 tools
read
agentsTypeScript

Personal Suite MCP

Local-first personal productivity for Claude and Cursor

Email, Calendar, Messaging, Search, Image Generation. BYOK, no cloud, no signup. 49 tools across 6 modules.

570103· 49 tools
read
mediaTypeScript

MCP Video

Cinema-grade video production via MCP

8 tools for recording, editing, effects, captions, TTS, and smart screenshots. Built on ffmpeg + Playwright.

2187· 8 tools
read
agentsTypeScript

Agent Fleet

Multi-agent orchestration for the Claude Code CLI

Run specialized AI agents in parallel: research, critique, analyze, fix, and discuss. TypeScript orchestration layer.

39
read
securityTypeScript

AI Shield

LLM security toolkit, direct and indirect injection, memory canary, circuit breakers

v0.2 ships indirect-prompt-injection scanning for RAG, MCP tool descriptions, stored memory and scraped web content; trust-tier context streams with provenance fences; SHA-256 memory canaries with cross-tenant detection; runtime circuit breakers with blast-radius cap and human-in-the-loop. Zero dependencies in the core, optional ONNX classifier sibling. 567 tests, three-round agent code review, MIT.

2252661
read
agentsTypeScript

Darwin Agents

AI agents that improve themselves, now with GEPA-style reflective optimisation

Self-evolving prompts via A/B testing, multi-model critics, safety gates. v0.5.0-alpha.2 adds GEPA-style reflective optimisation (GepaOptimizer, Reflector, Pareto helpers, DARWIN_DEFAULT_OBJECTIVES) on top of full execution-trace capture (toolCalls, tokenUsage, errors, capturedAt) for OTEL-mapping. 307 tests, R1+R2 review loops, TypeScript, MIT.

31.2k151
read
securityRust

MCP Armor

Drop-in Rust sidecar for MCP servers

v0.2: stdio-MCP wrapper with Aho-Corasick + Regex + Unicode-NFKC scanner pipeline, Ed25519 manifest verify with TOFU keystore, Sigstore Rekor bridge, OTLP gRPC export, 10-CVE blocklist from OX-Advisory 2026-04-15. 9 control-plane MCP tools, 133 tests, MIT.

321
read
workflowPython

n8n Templates

Production n8n workflows with cross-session memory

Production-pattern hardened n8n workflow templates for voice agents, customer support, personal assistants. Multi-provider, powered by StudioMeyer Memory.

2110
read

More repos

Conformance harnesses, n8n nodes, SaaS connectors. Click to expand.

  • Zero-dependency client for MeetMyAgent, an agent-native marketplace where AI agents register, post, bid on jobs, exchange messages and build reputation. Native fetch, full TypeScript types, 44 tests. Platform is on hiatus; SDK is preserved as a reference implementation for the third-party-agent integration path. Point baseUrl at any compatible deployment.

    statusstableupdated2026-05-20npm total522clones (14d)93groupagents
    npx -y meetmyagent-sdk
    details github npm

  • Python LLM security middleware: prompt-injection, PII, tool-policy, cost-budget, audit. Port of ai-shield-core (TypeScript). Same defense surface, FastAPI/LangChain hooks instead of Hono/Express.

    statusstableupdated2026-05-29clones (14d)30groupsecurity
    details github

  • Drop-in guardExec / guardSpawn wrappers, AST audit CLI, reference MCP server. Closes the OX Security 200k-server stdio-RCE class (CVE-2025-69256). Unicode-bypass-hardened, allowlist-based, replay-window protected. MIT, TypeScript, Node 20+.

    statusstableupdated2026-05-29npm total279clones (14d)81groupsecurity
    npx -y mcp-stdio-shellguard
    details github npm

  • Detect, diff, compatibility-matrix, plan, check. Foundation pillar by StudioMeyer (MCP Factory). Helps you upgrade an MCP server stack across spec versions without breakage. 35/35 tests, MIT.

    statusstableupdated2026-05-29npm total118clones (14d)25groupfactory
    npx -y mcp-spec-migrator
    details github npm

  • Foundation library for couples, families, groups. Bi-temporal storage, conflict-resolver interface, SQLite + Postgres adapters.

    statusalphaupdated2026-05-18npm total361clones (14d)88groupfactory
    npx -y mcp-tenant-pair
    details github npm

  • Audits any MCP server for mcp_tool lifecycle-hook readiness: idempotency, latency, determinism, side-effects, GDPR-doc. 56/56 tests, MIT.

    statusstableupdated2026-05-18npm total330clones (14d)89groupfactory
    npx -y mcp-hook-conformance
    details github npm

  • JSON-RPC 2.0, OAuth 2.1 PKCE, tool schemas, capabilities, smoke roundtrip, annotation hygiene. Spec versions 2024-11-05, 2025-03-26, 2025-06-18.

    statusstableupdated2026-05-18npm total281clones (14d)96groupfactory
    npx -y mcp-protocol-conformance
    details github npm

  • Ed25519-signed tool manifests, runtime spawn-attestation, default-deny argument sanitizer. Defends against marketplace-poisoning + CVE-2025-69256.

    statusstableupdated2026-05-18npm total185clones (14d)157groupsecurity
    npx -y mcp-server-attestation
    details github npm

  • Long-term AI memory with knowledge graph, semantic search, entity tracking, session continuity. Drop-in for n8n.

    statusstableupdated2026-05-29stars2forks1npm total539clones (14d)52groupworkflow
    npx -y n8n-nodes-studiomeyer-memory
    details github npm

  • Multi-provider LLM, no memory required. For cross-session memory see n8n-templates.

    statusstableupdated2026-05-09clones (14d)8groupworkflow
    details github

  • Read your AI-Audit Fleet data and configure your agents from your own Claude, ChatGPT, Cursor or Codex.

    statusstableupdated2026-05-29tools14npm total160clones (14d)74groupsaas
    npx -y mcp-studiomeyer-agents
    details github npm

  • Next lesson, quiz, review, certificates, tutor.

    statusstableupdated2026-05-29stars1npm total737clones (14d)72groupsaas
    npx -y mcp-academy
    details github npm

  • Memory, CRM, GEO, Crew. 119 tools, 21 slash commands, 5 skills, 3 subagents. Magic Link auth. EU Frankfurt.

    statusstableupdated2026-05-23clones (14d)47groupsaas
    details github

  • Knowledge Graph, semantic search, session tracking, multi-agent support. Hosted at memory.studiomeyer.io. Free tier.

    statusstableupdated2026-05-23tools56stars3forks2clones (14d)34groupsaas
    details github

  • 33 tools for contact management, pipeline, leads, follow-ups, health scores, revenue analytics. Hosted at crm.studiomeyer.io. OAuth 2.1.

    statusstableupdated2026-05-25tools33stars2forks1clones (14d)38groupsaas
    details github

  • 23 MCP tools and 5 expert workflows. Check how 8 LLM platforms see your brand. Hosted at geo.studiomeyer.io.

    statusstableupdated2026-05-29tools23stars1forks1clones (14d)88groupsaas
    details github

  • 10 MCP tools, 8 personas, 3 workflows. Zero API cost. Free tier available.

    statusstableupdated2026-05-25tools10stars2clones (14d)8groupsaas
    details github

  • Foundation pillar 9. Closes the tool-injection-RCE class that sidecar scanners (mcp-armor) and stdio wrappers (mcp-stdio-shellguard) cannot catch. Synthesises per-tool policies from declared semantics and enforces them at execution time. MIT, TypeScript.

    statusalphaupdated2026-05-29clones (14d)35groupsecurity
    details github

  • Bridge between darwin-agents (self-evolving AI agents) and @langchain/langgraph (state-graph workflow orchestration). Zero hard deps, both upstreams as peer-dependencies. Six surfaces: createDarwinNode, darwinAnnotation, withDarwinEvolution (@deprecated), DarwinCallbackHandler, toOtelAttributes (OpenTelemetry GenAI Semantic Conventions), darwinMessagesAnnotation. v0.3 adds runId/parentRunId propagation, double-wrap warning, hung-invoke guard. 132 tests, R1+R2 review loops, MIT.

    statusalphaupdated2026-05-29npm total494clones (14d)109groupagents
    npx -y darwin-langgraph
    details github npm

  • Five Temporal templates (T01-T05): memory-aware agent, operator approval, saga rollback, recurring synthesis, multi-agent coordination. All workflows write durable knowledge (learn), decisions (decide), and mistakes into Memory via Temporal activities. Bring-your-own backend via the MemoryClient adapter (HostedMemoryClient + InMemoryMemoryClient). 45 tests with time-skipping, MIT.

    statusalphaupdated2026-05-29clones (14d)106groupworkflow
    details github

  • Run LongMemEval against any memory system (Nex, Mem0, Graphiti, Letta) with a local LLM reader (Qwen, Llama via Ollama). 50-question stratified oracle, Claude Code subscription judge, zero API cost. Python, MIT.

    statusalphaupdated2026-05-09clones (14d)7groupmemory
    details github

  • Five LLM citizens build a small town. They walk, talk, work, and reason out loud, each driven by a real language model. Open-source mirror of the live meetmyagent.io world, built on darwin-agents and LangGraph. TypeScript, MIT.

    statusbetaupdated2026-05-25clones (14d)46groupagents
    details github

  • Scan, diff, patch, and verify an MCP server stack across the 2025-11-25 to 2026-07-28 RC spec jump. Eight detection rules, AST rewrite via ts-morph, CLI-first. Foundation pillar by StudioMeyer (MCP Factory). TypeScript, MIT.

    statusalphaupdated2026-05-30npm total136clones (14d)86groupfactory
    npx -y mcp-stateless-migrator
    details github npm

Concepts

Repo-agnostic deep dives on the patterns behind the code.