Make your agents smarter, safer, stateful, and governed. All in a single SQLite file.
Paste this into your agent
Visit https://github.com/jacobprall/moneypenny and set up the local mcp sidecar
Your agent will set up Moneypenny and start using it as a tool.
> Where did we land on the auth refactor? I started it two weeks ago.
> What did the docs say about the rate limit on that API?
> Catch me up on Acme. I haven't looked since Tuesday.
> What does design-agent know that I don't?
> Push the schema migration to prod.
> Show me every denied action this week.
The problem
Context resets every session. Yesterday's decisions, research, and preferences are gone. You re-explain everything or the agent guesses.
Tool calls run unchecked. No policy, no guardrails, no way to say "block destructive SQL" or "rate-limit shell access."
When something goes wrong, there's no trail. You can't trace what the agent did, what it was denied, or why.
Adding state means infrastructure: Postgres, Redis, a vector database, and an ops team to keep it running.
The solution
Every turn enriches a persistent knowledge graph. Facts are extracted, linked, and compressed so today's session builds on yesterday's. No infrastructure to manage. No state to lose.
Multiple agents share knowledge via CRDTs with scoped visibility. Delegate research to one agent and have it sync findings back. Each agent keeps its own persona, memory, and policies.
Operations are governed before they execute. Static rules, behavioral limits, rate controls, all evaluated in-process. Denials flow back as context the agent can reason about, not silent failures. Everything is auditable and queryable — by you and the agent itself.
Agents share what they know via CRDTs. Scoped visibility — private, shared, or protected — enforced at the SQL level. Delegate tasks across agents with independent memory and persona. No central server.
One query searches all of your agent's knowledge — facts, conversations, documents, and session context. Semantic and full-text search combined, deduplicated, and diversity-ranked.
Cron-scheduled prompts, reflection loops, pipelines, and custom JavaScript — all governed by the same policy engine. Define once, sync across agents.
Feed URLs, files, or raw text into the knowledge base. HTML is stripped and normalized automatically. Content is chunked, embedded, and searchable within seconds.
JavaScript tools persist in the database and sync across agents. Connect any MCP server. Runtime skills track usage and success rate — high performers surface more in retrieval.
SQLCipher encryption for the agent database. Keys stored in your OS keychain — never plaintext on disk. Data at rest is opaque without the key.
Architecture
Everything lives in one SQLite file per agent: memory, documents, policies, audit trail, job schedules, sync state. Seven extensions are statically linked into one Rust binary: vector search, on-device inference, CRDT sync, JavaScript tools, and RAG.
The database is the runtime, not just the storage layer. Policy evaluation, fact extraction, knowledge search, tool governance, and audit logging all execute inside SQLite — not in application code that happens to persist to a database. The orchestrator is a thin async loop; the intelligence lives at the data boundary.
No Postgres, no Redis, no vector database, no message queue. Every surface — CLI, MCP sidecar, HTTP API, Slack, Discord — is a thin adapter over the same core. Deploy anywhere you can run a binary. Back up by copying a file.