Is io.github.rolandpg/zettelforge safe to use?

io.github.rolandpg/zettelforge has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install io.github.rolandpg/zettelforge?

io.github.rolandpg/zettelforge can be installed by cloning its GitHub repository and following the setup instructions in the README.

What AI clients work with io.github.rolandpg/zettelforge?

io.github.rolandpg/zettelforge is compatible with Claude Desktop, Cursor, Claude Code, and most MCP clients that support stdio transport. It uses stdio transport.

io.github.rolandpg/zettelforge

Agentic memory for cyber threat intelligence. STIX graphs, actor aliasing, offline RAG, Sigma/YARA.

0 tools GitHub

No known CVEs

No license

Maintenance unknown

No commit data

Untested

Transport: stdio

0 tools

Grade F

Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Untested on Claude Desktopstdio · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "io-github-rolandpg-zettelforge": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-rolandpg-zettelforge)](https://mcppedia.org/s/io-github-rolandpg-zettelforge)

Read me

What io.github.rolandpg/zettelforge does

Agentic memory for cyber threat intelligence. STIX graphs, actor aliasing, offline RAG, Sigma/YARA.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

15/100across 5 weighted dimensions

How we score →

0255075100

−85

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Help improve this page

This server is missing a description. Tools and install config are also missing.If you've used it, help the community.

Add information

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is io.github.rolandpg/zettelforge safe to use?: io.github.rolandpg/zettelforge has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install io.github.rolandpg/zettelforge?: io.github.rolandpg/zettelforge can be installed by cloning its GitHub repository and following the setup instructions in the README.
What AI clients work with io.github.rolandpg/zettelforge?: io.github.rolandpg/zettelforge is compatible with Claude Desktop, Cursor, Claude Code, and most MCP clients that support stdio transport. It uses stdio transport.

Similar servers

Others in security

View all →

io.github.xkumakichi/xaip-mcp-server92

AI agents get on-chain identity, credentials, reputation, escrow, and persistent memory on XRPL.

MCPpedia92

Search, evaluate, and compare 17,000+ MCP servers — each scored on security, maintenance, and efficiency.

1 5

Remnux Mcp Server88

MCP server for using the REMnux malware analysis toolkit via AI assistants

64 5

Ggmcp88

MCP server for scanning and remediating hardcoded secrets using GitGuardian’s API. Detect over 500 secret types and prevent credential leaks before code goes public.

34 5

MCP Security Weekly

Get CVE alerts and security updates for io.github.rolandpg/zettelforge and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Untested on Claude Desktopstdio · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "io-github-rolandpg-zettelforge": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-rolandpg-zettelforge)](https://mcppedia.org/s/io-github-rolandpg-zettelforge)

Read me

What io.github.rolandpg/zettelforge does

Agentic memory for cyber threat intelligence. STIX graphs, actor aliasing, offline RAG, Sigma/YARA.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

README

ZettelForge

The only agentic memory system built for cyber threat intelligence.

When a senior analyst leaves, two or three years of context walks out with them — customer environments, prior investigations, actor TTPs, false-positive patterns, every hard-won "wait, we've seen this before." ZettelForge is an agentic memory system built so that context stays with the team.

It extracts CVEs, threat actors, IOCs, and ATT&CK techniques from analyst notes and threat reports, resolves aliases (APT28 = Fancy Bear = STRONTIUM = Sofacy), builds a STIX 2.1 knowledge graph, and serves every past investigation back to your analysts — and to Claude Code via MCP — in natural language. Runs entirely in-process. No API keys. No cloud. No data leaves the host.

⭐ Star · 📦 pip install zettelforge · 📖 Docs · 🧪 Hosted beta

If ZettelForge fits a CTI workflow you run, a star is the fastest signal that this category is worth continuing to invest in.

The problem

Every SOC loses analysts. When they leave, investigation context, actor attribution, and environment-specific false-positive patterns go with them. Their replacements re-open the same tickets, re-read the same reports, and re-build the same mental models from scratch.

General-purpose AI memory systems don't fix this for security teams. They can't tell APT28 from Fancy Bear, don't know that CVE-2024-3094 is the XZ Utils backdoor, can't parse Sigma or YARA, and have no concept of MITRE ATT&CK technique IDs. When a CTI analyst gives them a year of intel reports, they get back fuzzy semantic search over chat history.

ZettelForge was built for analysts who think in threat graphs. It extracts CVEs, threat actors, IOCs, and ATT&CK techniques automatically, resolves aliases across naming conventions, builds a knowledge graph with causal relationships, and retrieves memories using intent-aware blended search — all in-process, with no external API dependency.

"Memory augmentation closes 33% of the gap between small and large models on CTI tasks (CTI-REALM, Microsoft 2026)." [1]

Capability	ZettelForge	Mem0	Graphiti	Cognee
CTI entity extraction (CVEs, actors, IOCs)	Yes	No	No	No
STIX 2.1 ontology	Yes	No	No	No
Threat actor alias resolution	Yes (APT28 = Fancy Bear)	No	No	No
Knowledge graph with causal triples	Yes	No	Yes	Yes
Intent-classified retrieval (5 types)	Yes	No	No	No
In-process / no external API required	Yes	No	No	No
Audit logs in OCSF schema	Yes	No	No	No
MCP server (Claude Code)	Yes	No	No	No

Data Pipeline

... View full README on GitHub

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

15/100across 5 weighted dimensions

How we score →

0255075100

−85

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Help improve this page

This server is missing a description. Tools and install config are also missing.If you've used it, help the community.

Add information

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is io.github.rolandpg/zettelforge safe to use?: io.github.rolandpg/zettelforge has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install io.github.rolandpg/zettelforge?: io.github.rolandpg/zettelforge can be installed by cloning its GitHub repository and following the setup instructions in the README.
What AI clients work with io.github.rolandpg/zettelforge?: io.github.rolandpg/zettelforge is compatible with Claude Desktop, Cursor, Claude Code, and most MCP clients that support stdio transport. It uses stdio transport.

Similar servers

Others in security

View all →

io.github.xkumakichi/xaip-mcp-server92

AI agents get on-chain identity, credentials, reputation, escrow, and persistent memory on XRPL.

MCPpedia92

Search, evaluate, and compare 17,000+ MCP servers — each scored on security, maintenance, and efficiency.

1 5

Remnux Mcp Server88

MCP server for using the REMnux malware analysis toolkit via AI assistants

64 5

Ggmcp88

MCP server for scanning and remediating hardcoded secrets using GitGuardian’s API. Detect over 500 secret types and prevent credential leaks before code goes public.

34 5

MCP Security Weekly

Get CVE alerts and security updates for io.github.rolandpg/zettelforge and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?