Agents
An agent in Moneypenny is a self-contained unit of intelligence backed by a single SQLite file. That file contains the agent’s memory, policies, skills, knowledge, audit trail, sessions, and tool definitions.
Because Moneypenny exposes its entire surface area via MCP (Model Context Protocol), every operation that works from the CLI also works as a natural language request through any MCP-compatible client — Claude Desktop, Cursor, or anything else that speaks the protocol.
Agent Anatomy
Every agent has:
| Component | Storage | Purpose |
|---|---|---|
| Facts | facts table | Long-term structured memory |
| Messages | messages table | Conversation history |
| Knowledge | documents + chunks tables | Ingested documents |
| Skills | skills table | Reusable procedures and tool definitions |
| Policies | policies table | Governance rules |
| Jobs | jobs + job_runs tables | Scheduled tasks |
| Audit | policy_audit table | Decision log |
| Scratch | scratch table | Session-scoped working memory |
Creating Agents
Initialization creates a default agent named main:
mp initAsk your MCP-connected agent:
Initialize a new Moneypenny project.
Create additional agents:
mp agent create researchmp agent create ops-botAsk your MCP-connected agent:
Create a new agent called research.
Agent creation goes through the canonical operation pipeline — policy-checked, hooked, and audited like any other mutation.
Agent Configuration
Each agent is configured in moneypenny.toml:
[[agents]]name = "main"trust_level = "standard"persona = "You are a helpful engineering assistant."
[agents.llm]provider = "anthropic" # or "local" for GGUF, "http" for other APIs# api_base = "https://api.openai.com"# api_key = "sk-..."# model = "gpt-4o"
[agents.embedding]provider = "local"model = "nomic-embed-text-v1.5"dimensions = 768Update config at runtime:
mp agent config main persona "You are a senior SRE."Ask your MCP-connected agent:
Update the main agent’s persona to “You are a senior SRE.”
Trust Levels
Agents have a trust level that policies can reference:
standard— default, subject to all policy ruleselevated— can be granted access to restricted resourcesadmin— full access (still audited)
Trust levels are labels — their meaning is defined by the policies you write.
Listing and Inspecting
mp agent listmp agent statusmp agent status researchAsk your MCP-connected agent:
List all agents.
Show me agent status.
Show me the status of the research agent.
Status shows memory stats: fact count, session count, document count, and skill count.
Deleting Agents
mp agent delete research --confirmAsk your MCP-connected agent:
Delete the research agent.
This removes the agent from the registry and deletes its database file.
Multi-Agent Architecture
When running mp start, each agent runs as a separate worker process.
The gateway routes messages to the correct worker based on agent name.
Agents can delegate to each other with depth-limited recursion.
Gateway ├── Worker: main (main.db) ├── Worker: research (research.db) └── Worker: ops-bot (ops-bot.db)Facts, skills, policies, and jobs can sync between agents via CRDT. Conversations and scratch stay local to each agent.
Portability
An agent is its database file. To move an agent:
cp mp-data/main.db /backup/main.db # backupscp mp-data/main.db server:/agents/main.db # transferOpen with any SQLite client to inspect:
sqlite3 mp-data/main.db "SELECT pointer, confidence FROM facts WHERE status='active';"