Nucleus MCP
Local-first, cross-platform memory sync for AI coding tools (Cursor, Claude, Windsurf) with persistent engrams and hypervisor security.
π§ Nucleus β Sovereign Agent OS
β οΈ official repository β nucleus-mcp
The sovereign, local-first Agent Operating System β persistent memory, governance, compliance, and audit trails for any AI agent.
π Website β’ π¦ Live KYC Demo β’ π 170+ Tool Catalog β’ π¬ Discord
[!CAUTION] Agent security is no longer optional. Recent incidents across the ecosystem β leaked API keys, supply-chain attacks, unaudited tool execution β prove that ungoverned agents are a liability. Nucleus is built security-first: hypervisor controls, resource locking, compliance governance, and full audit trails β all 100% local.
π― The Problem
AI agents are powerful, but ungoverned:
- No memory β every session starts from zero
- No audit trail β no one knows why the agent did what it did
- No compliance β regulators can't approve what they can't trace
- No sovereignty β your data flows through someone else's cloud
For regulated industries (banking, healthcare, legal), this is a dealbreaker.
β¨ The Solution: Sovereign Agent OS
Nucleus gives every AI agent a persistent brain with built-in governance:
βββββββββββββββββββββββββββββββββββββββββββββββββββ
β π§ Nucleus β Sovereign Agent OS β
β β
β ββ Memory βββ ββ Governance β ββ DSoR βββββ β
β β Engrams β β HITL β β Decision β β
β β Sessions β β Kill Switch β β Trail β β
β β Context β β Compliance β β Audit β β
β βββββββββββββ βββββββββββββββ βββββββββββββ β
β β
β 100% Local β’ Zero Cloud β’ Full Audit Trail β
βββββββββββββββββββββββββββββββββββββββββββββββββββ
π Quick Start (2 Minutes)
Install
pip install nucleus-mcp
nucleus self-setup
Adaptive Path Discovery
Nucleus automatically locates your .brain by following this hierarchy:
NUCLEUS_BRAIN_PATHenvironment variable.- Climbing parent directories from CWD to find an existing
.brain. - Defaulting to
$HOME/.nucleus/brain.
Try It
# One-command security hardening + posture report
nucleus secure
# Interactive AI chat (Gemini, Anthropic, Groq β hot-switchable)
nucleus chat
# See your sovereignty posture
nucleus sovereign
# Run a KYC compliance demo
nucleus kyc demo
# Apply EU DORA compliance
nucleus comply --jurisdiction eu-dora
# Generate audit-ready report
nucleus audit-report --format html -o report.html
# Browse decision trails
nucleus trace list
# System Health & Lock Recovery
nucleus status --health
nucleus status --cleanup-lock
π Session Recovery (Universal)
If your IDE session freezes due to bloated conversation files:
# One-shot automatic recovery
nucleus recover auto <conversation-id>
# Or step-by-step:
nucleus recover detect # Find bloated conversations
nucleus recover extract <conversation-id> # Extract context
nucleus recover bootstrap <conversation-id> # Create fresh session
nucleus recover rewrite <old-id> <new-id> # Update test paths
Works across any IDE (Windsurf, Cursor, Antigravity) and CLI. Zero configuration required.
Configure (Claude Desktop / Cursor / Windsurf)
Add to your MCP config:
{
"mcpServers": {
"nucleus": {
"command": "python3",
"args": ["-m", "nucleus_mcp"],
"env": {
"NUCLEAR_BRAIN_PATH": "/path/to/your/.brain"
}
}
}
}
ποΈ Agent CLI β v1.6.2
Nucleus speaks MCP + CLI + SDK. Every command auto-detects TTY (table) vs pipe (JSON).
# Memory
nucleus engram search "compliance" # Table in terminal, JSONL when piped
nucleus engram write my_key "important insight" --context Strategy --intensity 8
nucleus engram query --context Decision --limit 10
# Tasks
nucleus task list --status READY --format json # Force JSON output
nucleus task add "Ship v1.4.0 CLI" --priority 1
nucleus task update task-abc123 --status DONE
# Sessions
nucleus session save "Working on CLI implementation"
nucleus session resume # Most recent session
# Growth
nucleus growth pulse # GitHub stars + PyPI + compound
nucleus growth status # Metrics without side effects
# Outbound I/O
nucleus outbound check reddit r/ClaudeAI # Idempotency gate
nucleus outbound record reddit r/ClaudeAI --permalink https://reddit.com/abc
nucleus outbound plan # What's ready vs posted
# Pipe-friendly (Unix composable)
nucleus engram search "test" | jq '.key'
nucleus task list --format tsv | cut -f1,3
Global flags: --format json|table|tsv β’ --brain-path /path/to/.brain β’ --version
οΏ½π₯ The Layered Open-Core Model
Nucleus is designed for progressive adoption. You can start local and scale up to full institutional compliance seamlessly.
- Layer 1: Sovereign Core (OSS): 100% local, persistent engrams, session state, and essential file governance.
- Layer 2: CLI-First Tooling:
morning-brief,end-of-day, and thedogfoodtracker for compounding intelligence. - Layer 3: Deployment Kit: 1-command jurisdiction deployments (
nucleus deploy --jurisdiction eu-dora). - Layer 4: Institutional Compliance: DSoR Trace Viewer, Audit Report HTML exports (DORA/MAS TRM), and strict HITL gates.
ποΈ Why Nucleus for Regulated Industries
Jurisdiction-Aware Compliance
One command to configure for any regulatory framework:
nucleus comply --jurisdiction eu-dora # EU DORA (7yr retention, kill switch)
nucleus comply --jurisdiction sg-mas-trm # Singapore MAS TRM (5yr, strictest HITL)
nucleus comply --jurisdiction us-soc2 # US SOC2 (1yr retention)
nucleus comply --report # Check compliance status
| Jurisdiction | Region | Retention | HITL Ops | Kill Switch |
|---|---|---|---|---|
eu-dora | EU | 7 years | 5 types | β Required |
sg-mas-trm | Singapore | 5 years | 5 types | β Required |
us-soc2 | US/Global | 1 year | 3 types | βͺ Optional |
global-default | Global | 90 days | 2 types | βͺ Optional |
KYC Compliance Demo
Built-in demo workflow showing how Nucleus governs a KYC document review:
nucleus kyc review APP-001 # Low risk β β
APPROVE
nucleus kyc review APP-002 # Medium risk β β οΈ ESCALATE (PEP match)
nucleus kyc review APP-003 # High risk β β REJECT (sanctions)
nucleus kyc demo # Run all 3 in sequence
Each review generates:
- 5 automated checks (sanctions, PEP, document validity, risk factors, source of funds)
- Full decision trail stored as DSoR (Decision System of Record) trace
- HITL approval request for risky applications
- Sovereignty guarantee: all processing is local
Audit Reports
Generate audit-ready reports for regulators:
nucleus audit-report # Terminal text
nucleus audit-report --format json # JSON for APIs
nucleus audit-report --format html -o report.html # HTML for compliance officers
Sovereignty Status
See your full sovereignty posture:
nucleus sovereign
Shows: sovereignty score (0-100), memory health, governance posture, DSoR integrity, data residency guarantee.
π Full Feature Set
Core β Persistent Agent Memory
| Feature | Command | Description |
|---|---|---|
| Engrams | nucleus_engrams | Persistent knowledge that survives sessions |
| Sessions | nucleus_sessions | Save and resume work context |
| Morning Brief | nucleus morning-brief | Daily compounding intelligence brief |
| End of Day | nucleus end-of-day | Capture learnings as engrams |
Governance β Agent Controls
| Feature | Command | Description |
|---|---|---|
| Compliance | nucleus comply | Jurisdiction-aware configuration |
| Audit Reports | nucleus audit-report | Audit-ready compliance reports |
| KYC Demo | nucleus kyc | Pre-built compliance demo workflow |
| DSoR Traces | nucleus trace | Browse decision trails |
| Sovereignty | nucleus sovereign | Full sovereignty posture report |
| Secure | nucleus secure | One-command hardening + security certificate |
| HITL | Built-in | Human-in-the-loop approval gates |
| Kill Switch | Built-in | Emergency halt for agent operations |
| Hypervisor | nucleus_governance | File locking, security, mode control |
Interactive β AI Chat
| Feature | Command | Description |
|---|---|---|
| Chat | nucleus chat | Multi-provider terminal AI (Gemini/Anthropic/Groq) |
| Multi-Turn | Built-in | Native conversation history with session resume |
| Tool Calling | Built-in | Native function calling + <execute> tag fallback |
| Dual-Agent | /dual <provider> | Primary generates, reviewer critiques |
Orchestration β Multi-Agent Coordination
| Feature | Command | Description |
|---|---|---|
| Tasks | nucleus_tasks | Track work across agents |
| Sync | nucleus_sync | Multi-agent brain synchronization |
| Slots | nucleus_slots | Agent orchestration with sprint mode |
| Federation | nucleus_federation | Multi-brain coordination |
β‘ Comparison
| Cloud Agent Platforms | IDE-Native Agents | Nucleus | |
|---|---|---|---|
| Security | β οΈ Varies widely | β οΈ Cloud-managed | β Hypervisor + audit trail |
| Compliance | β None | β None | β DORA, MAS TRM, SOC2 |
| Audit Trail | β | β οΈ Basic logs | β Full DSoR + HTML reports |
| HITL | β | β οΈ Limited | β Jurisdiction-configurable |
| Cross-Platform | β οΈ Vendor lock-in | β Single IDE | β Any MCP client |
| Local-First | β Cloud-required | β οΈ Some cloud | β 100% local |
| Open Source | β οΈ Varies | β Mostly closed | β MIT |
π³ Deployment
Docker (per jurisdiction)
# EU DORA deployment
docker compose -f deploy/docker-compose.eu-dora.yml up -d
# Or use the one-command deployment script
./deploy/deploy.sh eu-dora
Local
pip install nucleus-mcp
nucleus init
nucleus comply --jurisdiction eu-dora
nucleus sovereign # Verify
π Anonymous Telemetry
Nucleus collects anonymous, aggregate usage statistics to improve the product. No personal data, no engram content, no org docs β ever.
β οΈ Note: Anonymous telemetry powers the autonomous incident brain engine (
telemetry.nucleusos.dev). Disabling it may degrade or disable autonomy features like policy adaptation, crash-loop detection, and rollout health scoring. Only opt out if you have a fully local telemetry stack.
Opt out in 1 command:
nucleus config --no-telemetry
# or via env: NUCLEUS_ANON_TELEMETRY=false
# or in config: telemetry.anonymous.enabled: false
What's collected: command name, duration, error type, Nucleus/Python version, OS platform.
What's NEVER collected: engram content, file paths, prompts, API keys, any PII.
See TELEMETRY.md for full details.
π¦ v1.6.2 β Interactive Intelligence
- Multi-Provider Chat β
nucleus chatwith Gemini, Anthropic, Groq (hot-switchable via/provider) - Native Tool Calling β Anthropic
tool_useAPI + Groq OpenAI function calling - Model-Aware Gating β 70b+ models use native tools; 8b models use
<execute>tags - Groq Auto-Rotation β Cascades across models on rate limit
- Session Resume β Chat history auto-loads from disk on startup
nucleus secureβ One-command security hardening + posture report with certificate- 263 tests passing β Routing fuzzer, session resume, tool pattern detection
π¦ v1.6.0 β The Autonomous Incident Brain
- Automated Incident Response, Adaptive Policy Engine, Reliability Policy Surface
- Full-Stack Health Monitoring with crash-loop defense
- Safe Rollouts & Auto-Rollback with health-gated releases
π¦ v1.5.0 β The Sovereign Kernel
- Adaptive Path Discovery β Zero-conf brain location (Env > CWD > Home)
- Universal Shell Integration β Integrated bash/zsh completions via
self-setup - Federation Level 1 β Automated local peer discovery via IPC
- DSoR Self-Healing β Automated reconciliation of orphaned decisions in audit logs
- CLI Sovereignty β Unified routing, Python-native bootstrap, and health monitoring
- 80+ tests β All passing (including stale lock recovery and recursion guards)
See CHANGELOG.md for full details.
π€ Community & Contributing
- π Found a bug? Open an Issue
- π‘ Feature idea? Start a Discussion
- π§ Want to contribute? See CONTRIBUTING.md
- π¬ Join Discord β Join the Nucleus Development Server
π License
MIT Β© 2026 Nucleus Team | [email protected]
Built for the AI-native enterprise. Star us if Nucleus gives your agents a brain β and a conscience. β
Verwandte Server
Scout Monitoring MCP
SponsorPut performance and error data directly in the hands of your AI assistant.
Alpha Vantage MCP Server
SponsorAccess financial market data: realtime & historical stock, ETF, options, forex, crypto, commodities, fundamentals, technical indicators, & more
Translator AI
Translate JSON i18n files using Google Gemini or local Ollama models, with incremental caching support.
Overture
Visual plan approval for AI coding agents. See your agent's plan as an interactive graph, attach context, choose approaches, then approve before any code is written.
AgentOps MCP
An MCP server for AgentOps, providing observability and evaluation tools for AI agents.
Swagger MCP Server
An example MCP server for deployment on Cloudflare Workers without authentication.
Sonic Pi MCP
Interact with Sonic Pi, the live coding music synth, using OSC messages.
Neovim LSP MCP Server
Bridges AI coding assistants with Neovim's Language Server Protocol for AI-powered code intelligence and navigation.
UseGrant MCP Server
Interact with the UseGrant API for programmatic access control and permissions management.
Crypto HFT MCP Server
Integrate AI with high-frequency cryptocurrency trading systems.
Gemini MCP Tool
A server for integrating with the Google Gemini CLI to perform AI-powered tasks.
FastAPI MCP Server
A MCP server implementation using the FastAPI framework, configurable via environment variables.