@datalayer/agent-runtimes 1.0.3 → 1.0.4

package/lib/specs/guardrails.js

@@ -5,6 +5,40 @@
 // ============================================================================
 // Guardrail Definitions
 // ============================================================================
+export const ASYNC_GUARDRAIL_POLICY_GUARDRAIL_SPEC_0_0_1 = {
+    id: 'async-guardrail-policy',
+    version: '0.0.1',
+    name: 'Async Guardrail Policy',
+    description: 'Runs policy checks concurrently with model generation for lower latency and fail-fast blocking on unsafe prompts.',
+    identity_provider: 'datalayer',
+    identity_name: 'policy-bot@acme.com',
+    permissions: {
+        'read:data': true,
+        'write:data': false,
+        'execute:code': false,
+        'access:internet': false,
+        'send:email': false,
+        'deploy:production': false,
+    },
+    token_limits: { per_run: '20K', per_day: '200K', per_month: '2M' },
+};
+export const BLOCKED_KEYWORDS_INTERNAL_GUARDRAIL_SPEC_0_0_1 = {
+    id: 'blocked-keywords-internal',
+    version: '0.0.1',
+    name: 'Blocked Keywords Internal',
+    description: 'Blocks sensitive internal terms and accidental credential patterns in prompts.',
+    identity_provider: 'datalayer',
+    identity_name: 'internal-bot@acme.com',
+    permissions: {
+        'read:data': true,
+        'write:data': false,
+        'execute:code': false,
+        'access:internet': false,
+        'send:email': false,
+        'deploy:production': false,
+    },
+    token_limits: { per_run: '20K', per_day: '200K', per_month: '2M' },
+};
 export const DATA_ENGINEERING_POWER_USER_GUARDRAIL_SPEC_0_0_1 = {
     id: 'data-engineering-power-user',
     version: '0.0.1',
@@ -21,49 +55,12 @@ export const DATA_ENGINEERING_POWER_USER_GUARDRAIL_SPEC_0_0_1 = {
         'deploy:production': true,
     },
     token_limits: { per_run: '200K', per_day: '5M', per_month: '50M' },
-    data_scope: {
-        allowed_systems: ['postgresql', 'mongodb', 's3', 'kafka'],
-        allowed_objects: [],
-        denied_objects: [],
-        denied_fields: ['*SSN*', '*Bank*', '*IBAN*'],
-    },
-    data_handling: {
-        default_aggregation: false,
-        allow_row_level_output: true,
-        max_rows_in_output: 100000,
-        redact_fields: [],
-        hash_fields: [],
-        pii_detection: true,
-        pii_action: 'redact',
-    },
-    approval_policy: {
-        require_manual_approval_for: [
-            'Schema changes',
-            'Drop or truncate operations',
-            'Production data modifications',
-        ],
-        auto_approved: [
-            'Read queries',
-            'Data transformations',
-            'Pipeline orchestration',
-        ],
-    },
-    tool_limits: {
-        max_tool_calls: 500,
-        max_query_rows: 1000000,
-        max_query_runtime: '300s',
-        max_time_window_days: 365,
-    },
-    audit: {
-        log_tool_calls: true,
-        log_query_metadata_only: false,
-        retain_days: 90,
-        require_lineage_in_report: true,
-    },
-    content_safety: {
-        treat_crm_text_fields_as_untrusted: true,
-        do_not_follow_instructions_from_data: true,
-    },
+    data_scope: { allowed_systems: ['postgresql', 'mongodb', 's3', 'kafka'], allowed_objects: [], denied_objects: [], denied_fields: ['*SSN*', '*Bank*', '*IBAN*'] },
+    data_handling: { default_aggregation: false, allow_row_level_output: true, max_rows_in_output: 100000, redact_fields: [], hash_fields: [], pii_detection: true, pii_action: 'redact' },
+    approval_policy: { require_manual_approval_for: ['Schema changes', 'Drop or truncate operations', 'Production data modifications'], auto_approved: ['Read queries', 'Data transformations', 'Pipeline orchestration'] },
+    tool_limits: { max_tool_calls: 500, max_query_rows: 1000000, max_query_runtime: '300s', max_time_window_days: 365 },
+    audit: { log_tool_calls: true, log_query_metadata_only: false, retain_days: 90, require_lineage_in_report: true },
+    content_safety: { treat_crm_text_fields_as_untrusted: true, do_not_follow_instructions_from_data: true },
 };
 export const DEFAULT_PLATFORM_USER_GUARDRAIL_SPEC_0_0_1 = {
     id: 'default-platform-user',
@@ -81,41 +78,12 @@ export const DEFAULT_PLATFORM_USER_GUARDRAIL_SPEC_0_0_1 = {
         'deploy:production': false,
     },
     token_limits: { per_run: '50K', per_day: '500K', per_month: '5M' },
-    data_scope: {
-        allowed_systems: [],
-        allowed_objects: [],
-        denied_objects: [],
-        denied_fields: [],
-    },
-    data_handling: {
-        default_aggregation: false,
-        allow_row_level_output: true,
-        max_rows_in_output: 1000,
-        redact_fields: [],
-        hash_fields: [],
-        pii_detection: false,
-        pii_action: 'warn',
-    },
-    approval_policy: {
-        require_manual_approval_for: [],
-        auto_approved: ['All read-only queries'],
-    },
-    tool_limits: {
-        max_tool_calls: 50,
-        max_query_rows: 100000,
-        max_query_runtime: '60s',
-        max_time_window_days: 90,
-    },
-    audit: {
-        log_tool_calls: true,
-        log_query_metadata_only: false,
-        retain_days: 30,
-        require_lineage_in_report: false,
-    },
-    content_safety: {
-        treat_crm_text_fields_as_untrusted: false,
-        do_not_follow_instructions_from_data: true,
-    },
+    data_scope: { allowed_systems: [], allowed_objects: [], denied_objects: [], denied_fields: [] },
+    data_handling: { default_aggregation: false, allow_row_level_output: true, max_rows_in_output: 1000, redact_fields: [], hash_fields: [], pii_detection: false, pii_action: 'warn' },
+    approval_policy: { require_manual_approval_for: [], auto_approved: ['All read-only queries'] },
+    tool_limits: { max_tool_calls: 50, max_query_rows: 100000, max_query_runtime: '60s', max_time_window_days: 90 },
+    audit: { log_tool_calls: true, log_query_metadata_only: false, retain_days: 30, require_lineage_in_report: false },
+    content_safety: { treat_crm_text_fields_as_untrusted: false, do_not_follow_instructions_from_data: true },
 };
 export const GITHUB_ACTIONS_DEPLOY_GUARDRAIL_SPEC_0_0_1 = {
     id: 'github-actions-deploy',
@@ -133,48 +101,12 @@ export const GITHUB_ACTIONS_DEPLOY_GUARDRAIL_SPEC_0_0_1 = {
         'deploy:production': true,
     },
     token_limits: { per_run: '150K', per_day: '3M', per_month: '30M' },
-    data_scope: {
-        allowed_systems: ['github', 'kubernetes', 'docker', 'terraform'],
-        allowed_objects: [],
-        denied_objects: [],
-        denied_fields: [],
-    },
-    data_handling: {
-        default_aggregation: false,
-        allow_row_level_output: true,
-        max_rows_in_output: 50000,
-        redact_fields: [],
-        hash_fields: [],
-        pii_detection: false,
-        pii_action: 'warn',
-    },
-    approval_policy: {
-        require_manual_approval_for: [
-            'Production environment changes',
-            'Infrastructure scaling beyond limits',
-        ],
-        auto_approved: [
-            'Staging deployments',
-            'Test environment operations',
-            'Build and package operations',
-        ],
-    },
-    tool_limits: {
-        max_tool_calls: 300,
-        max_query_rows: 500000,
-        max_query_runtime: '180s',
-        max_time_window_days: 365,
-    },
-    audit: {
-        log_tool_calls: true,
-        log_query_metadata_only: false,
-        retain_days: 180,
-        require_lineage_in_report: true,
-    },
-    content_safety: {
-        treat_crm_text_fields_as_untrusted: false,
-        do_not_follow_instructions_from_data: true,
-    },
+    data_scope: { allowed_systems: ['github', 'kubernetes', 'docker', 'terraform'], allowed_objects: [], denied_objects: [], denied_fields: [] },
+    data_handling: { default_aggregation: false, allow_row_level_output: true, max_rows_in_output: 50000, redact_fields: [], hash_fields: [], pii_detection: false, pii_action: 'warn' },
+    approval_policy: { require_manual_approval_for: ['Production environment changes', 'Infrastructure scaling beyond limits'], auto_approved: ['Staging deployments', 'Test environment operations', 'Build and package operations'] },
+    tool_limits: { max_tool_calls: 300, max_query_rows: 500000, max_query_runtime: '180s', max_time_window_days: 365 },
+    audit: { log_tool_calls: true, log_query_metadata_only: false, retain_days: 180, require_lineage_in_report: true },
+    content_safety: { treat_crm_text_fields_as_untrusted: false, do_not_follow_instructions_from_data: true },
 };
 export const GITHUB_CI_BOT_GUARDRAIL_SPEC_0_0_1 = {
     id: 'github-ci-bot',
@@ -192,48 +124,12 @@ export const GITHUB_CI_BOT_GUARDRAIL_SPEC_0_0_1 = {
         'deploy:production': false,
     },
     token_limits: { per_run: '100K', per_day: '2M', per_month: '20M' },
-    data_scope: {
-        allowed_systems: ['github', 'npm', 'pypi'],
-        allowed_objects: [],
-        denied_objects: [],
-        denied_fields: [],
-    },
-    data_handling: {
-        default_aggregation: false,
-        allow_row_level_output: true,
-        max_rows_in_output: 10000,
-        redact_fields: [],
-        hash_fields: [],
-        pii_detection: false,
-        pii_action: 'warn',
-    },
-    approval_policy: {
-        require_manual_approval_for: [
-            'Any production deployment',
-            'Any write to protected branches',
-        ],
-        auto_approved: [
-            'Build and test operations',
-            'Package installation',
-            'Code analysis and linting',
-        ],
-    },
-    tool_limits: {
-        max_tool_calls: 200,
-        max_query_rows: 500000,
-        max_query_runtime: '120s',
-        max_time_window_days: 365,
-    },
-    audit: {
-        log_tool_calls: true,
-        log_query_metadata_only: false,
-        retain_days: 90,
-        require_lineage_in_report: false,
-    },
-    content_safety: {
-        treat_crm_text_fields_as_untrusted: false,
-        do_not_follow_instructions_from_data: true,
-    },
+    data_scope: { allowed_systems: ['github', 'npm', 'pypi'], allowed_objects: [], denied_objects: [], denied_fields: [] },
+    data_handling: { default_aggregation: false, allow_row_level_output: true, max_rows_in_output: 10000, redact_fields: [], hash_fields: [], pii_detection: false, pii_action: 'warn' },
+    approval_policy: { require_manual_approval_for: ['Any production deployment', 'Any write to protected branches'], auto_approved: ['Build and test operations', 'Package installation', 'Code analysis and linting'] },
+    tool_limits: { max_tool_calls: 200, max_query_rows: 500000, max_query_runtime: '120s', max_time_window_days: 365 },
+    audit: { log_tool_calls: true, log_query_metadata_only: false, retain_days: 90, require_lineage_in_report: false },
+    content_safety: { treat_crm_text_fields_as_untrusted: false, do_not_follow_instructions_from_data: true },
 };
 export const GOOGLE_WORKSPACE_AGENT_GUARDRAIL_SPEC_0_0_1 = {
     id: 'google-workspace-agent',
@@ -251,54 +147,65 @@ export const GOOGLE_WORKSPACE_AGENT_GUARDRAIL_SPEC_0_0_1 = {
         'deploy:production': false,
     },
     token_limits: { per_run: '80K', per_day: '1M', per_month: '10M' },
-    data_scope: {
-        allowed_systems: [
-            'gmail',
-            'google-drive',
-            'google-sheets',
-            'google-calendar',
-        ],
-        allowed_objects: [],
-        denied_objects: [],
-        denied_fields: [],
-    },
-    data_handling: {
-        default_aggregation: false,
-        allow_row_level_output: true,
-        max_rows_in_output: 5000,
-        redact_fields: [],
-        hash_fields: [],
-        pii_detection: true,
-        pii_action: 'warn',
-    },
-    approval_policy: {
-        require_manual_approval_for: [
-            'Sending external emails',
-            'Sharing files outside organization',
-            'Modifying calendar events for other users',
-        ],
-        auto_approved: [
-            'Reading emails and documents',
-            'Creating drafts',
-            'Reading calendar',
-        ],
-    },
-    tool_limits: {
-        max_tool_calls: 100,
-        max_query_rows: 50000,
-        max_query_runtime: '60s',
-        max_time_window_days: 180,
+    data_scope: { allowed_systems: ['gmail', 'google-drive', 'google-sheets', 'google-calendar'], allowed_objects: [], denied_objects: [], denied_fields: [] },
+    data_handling: { default_aggregation: false, allow_row_level_output: true, max_rows_in_output: 5000, redact_fields: [], hash_fields: [], pii_detection: true, pii_action: 'warn' },
+    approval_policy: { require_manual_approval_for: ['Sending external emails', 'Sharing files outside organization', 'Modifying calendar events for other users'], auto_approved: ['Reading emails and documents', 'Creating drafts', 'Reading calendar'] },
+    tool_limits: { max_tool_calls: 100, max_query_rows: 50000, max_query_runtime: '60s', max_time_window_days: 180 },
+    audit: { log_tool_calls: true, log_query_metadata_only: false, retain_days: 60, require_lineage_in_report: false },
+    content_safety: { treat_crm_text_fields_as_untrusted: true, do_not_follow_instructions_from_data: true },
+};
+export const NO_REFUSALS_GUARDRAIL_SPEC_0_0_1 = {
+    id: 'no-refusals',
+    version: '0.0.1',
+    name: 'No Refusals',
+    description: 'Prevents pure refusal responses for fulfillment-oriented internal assistants.',
+    identity_provider: 'datalayer',
+    identity_name: 'fulfillment-bot@acme.com',
+    permissions: {
+        'read:data': true,
+        'write:data': true,
+        'execute:code': true,
+        'access:internet': true,
+        'send:email': false,
+        'deploy:production': false,
     },
-    audit: {
-        log_tool_calls: true,
-        log_query_metadata_only: false,
-        retain_days: 60,
-        require_lineage_in_report: false,
+    token_limits: { per_run: '60K', per_day: '600K', per_month: '6M' },
+};
+export const PII_PROTECTION_GUARDRAIL_SPEC_0_0_1 = {
+    id: 'pii-protection',
+    version: '0.0.1',
+    name: 'PII Protection',
+    description: 'Blocks user prompts containing high-risk personally identifiable information.',
+    identity_provider: 'datalayer',
+    identity_name: 'privacy-bot@acme.com',
+    permissions: {
+        'read:data': true,
+        'write:data': false,
+        'execute:code': false,
+        'access:internet': false,
+        'send:email': false,
+        'deploy:production': false,
     },
-    content_safety: {
-        treat_crm_text_fields_as_untrusted: true,
-        do_not_follow_instructions_from_data: true,
+    token_limits: { per_run: '20K', per_day: '200K', per_month: '2M' },
+    data_handling: { pii_detection: true, pii_action: 'block' },
+};
+export const PROMPT_INJECTION_STRICT_GUARDRAIL_SPEC_0_0_1 = {
+    id: 'prompt-injection-strict',
+    version: '0.0.1',
+    name: 'Prompt Injection Strict',
+    description: 'Strict prompt injection protection profile for externally exposed agents.',
+    identity_provider: 'datalayer',
+    identity_name: 'security-bot@acme.com',
+    permissions: {
+        'read:data': true,
+        'write:data': false,
+        'execute:code': false,
+        'access:internet': false,
+        'send:email': false,
+        'deploy:production': false,
     },
+    token_limits: { per_run: '25K', per_day: '250K', per_month: '2M' },
+    content_safety: { treat_crm_text_fields_as_untrusted: true, do_not_follow_instructions_from_data: true },
 };
 export const RESTRICTED_VIEWER_GUARDRAIL_SPEC_0_0_1 = {
     id: 'restricted-viewer',
@@ -316,52 +223,64 @@ export const RESTRICTED_VIEWER_GUARDRAIL_SPEC_0_0_1 = {
         'deploy:production': false,
     },
     token_limits: { per_run: '10K', per_day: '50K', per_month: '500K' },
-    data_scope: {
-        allowed_systems: [],
-        allowed_objects: [],
-        denied_objects: [],
-        denied_fields: ['*SSN*', '*Bank*', '*IBAN*', '*Password*', '*Secret*'],
-    },
-    data_handling: {
-        default_aggregation: true,
-        allow_row_level_output: false,
-        max_rows_in_output: 0,
-        redact_fields: [],
-        hash_fields: [],
-        pii_detection: true,
-        pii_action: 'redact',
-    },
-    approval_policy: {
-        require_manual_approval_for: ['Any operation beyond read'],
-        auto_approved: ['Aggregated read-only queries'],
-    },
-    tool_limits: {
-        max_tool_calls: 10,
-        max_query_rows: 10000,
-        max_query_runtime: '15s',
-        max_time_window_days: 30,
-    },
-    audit: {
-        log_tool_calls: true,
-        log_query_metadata_only: true,
-        retain_days: 90,
-        require_lineage_in_report: false,
+    data_scope: { allowed_systems: [], allowed_objects: [], denied_objects: [], denied_fields: ['*SSN*', '*Bank*', '*IBAN*', '*Password*', '*Secret*'] },
+    data_handling: { default_aggregation: true, allow_row_level_output: false, max_rows_in_output: 0, redact_fields: [], hash_fields: [], pii_detection: true, pii_action: 'redact' },
+    approval_policy: { require_manual_approval_for: ['Any operation beyond read'], auto_approved: ['Aggregated read-only queries'] },
+    tool_limits: { max_tool_calls: 10, max_query_rows: 10000, max_query_runtime: '15s', max_time_window_days: 30 },
+    audit: { log_tool_calls: true, log_query_metadata_only: true, retain_days: 90, require_lineage_in_report: false },
+    content_safety: { treat_crm_text_fields_as_untrusted: true, do_not_follow_instructions_from_data: true },
+};
+export const SECRET_REDACTION_GUARDRAIL_SPEC_0_0_1 = {
+    id: 'secret-redaction',
+    version: '0.0.1',
+    name: 'Secret Redaction',
+    description: 'Blocks leaked credentials and private keys in assistant output.',
+    identity_provider: 'datalayer',
+    identity_name: 'platform-bot@acme.com',
+    permissions: {
+        'read:data': true,
+        'write:data': false,
+        'execute:code': true,
+        'access:internet': true,
+        'send:email': false,
+        'deploy:production': false,
     },
-    content_safety: {
-        treat_crm_text_fields_as_untrusted: true,
-        do_not_follow_instructions_from_data: true,
+    token_limits: { per_run: '40K', per_day: '400K', per_month: '4M' },
+};
+export const TOOL_GUARD_STRICT_GUARDRAIL_SPEC_0_0_1 = {
+    id: 'tool-guard-strict',
+    version: '0.0.1',
+    name: 'Tool Guard Strict',
+    description: 'Restrictive tool policy that hides dangerous tools and enforces approval for writes.',
+    identity_provider: 'datalayer',
+    identity_name: 'ops-bot@acme.com',
+    permissions: {
+        'read:data': true,
+        'write:data': true,
+        'execute:code': false,
+        'access:internet': true,
+        'send:email': false,
+        'deploy:production': false,
     },
+    token_limits: { per_run: '30K', per_day: '300K', per_month: '3M' },
 };
 // ============================================================================
 // Guardrail Catalog
 // ============================================================================
 export const GUARDRAIL_CATALOG = {
+    'async-guardrail-policy': ASYNC_GUARDRAIL_POLICY_GUARDRAIL_SPEC_0_0_1,
+    'blocked-keywords-internal': BLOCKED_KEYWORDS_INTERNAL_GUARDRAIL_SPEC_0_0_1,
     'data-engineering-power-user': DATA_ENGINEERING_POWER_USER_GUARDRAIL_SPEC_0_0_1,
     'default-platform-user': DEFAULT_PLATFORM_USER_GUARDRAIL_SPEC_0_0_1,
     'github-actions-deploy': GITHUB_ACTIONS_DEPLOY_GUARDRAIL_SPEC_0_0_1,
     'github-ci-bot': GITHUB_CI_BOT_GUARDRAIL_SPEC_0_0_1,
     'google-workspace-agent': GOOGLE_WORKSPACE_AGENT_GUARDRAIL_SPEC_0_0_1,
+    'no-refusals': NO_REFUSALS_GUARDRAIL_SPEC_0_0_1,
+    'pii-protection': PII_PROTECTION_GUARDRAIL_SPEC_0_0_1,
+    'prompt-injection-strict': PROMPT_INJECTION_STRICT_GUARDRAIL_SPEC_0_0_1,
     'restricted-viewer': RESTRICTED_VIEWER_GUARDRAIL_SPEC_0_0_1,
+    'secret-redaction': SECRET_REDACTION_GUARDRAIL_SPEC_0_0_1,
+    'tool-guard-strict': TOOL_GUARD_STRICT_GUARDRAIL_SPEC_0_0_1,
 };
 /**
  * Map identity provider to an icon key for the UI.

package/lib/specs/mcpServers.js

@@ -94,14 +94,7 @@ export const GITHUB_MCP_SERVER_0_0_1 = {
     emoji: '🐙 - git - collaboration',
     url: '',
     command: 'docker',
-    args: [
-        'run',
-        '-i',
-        '--rm',
-        '-e',
-        'GITHUB_PERSONAL_ACCESS_TOKEN',
-        'ghcr.io/github/github-mcp-server',
-    ],
+    args: ['run', '-i', '--rm', '-e', 'GITHUB_PERSONAL_ACCESS_TOKEN', 'ghcr.io/github/github-mcp-server'],
     transport: 'stdio',
     enabled: true,
     isAvailable: false,
@@ -122,10 +115,7 @@ export const GOOGLE_WORKSPACE_MCP_SERVER_0_0_1 = {
     enabled: true,
     isAvailable: false,
     tools: [],
-    requiredEnvVars: [
-        'GOOGLE_OAUTH_CLIENT_ID:0.0.1',
-        'GOOGLE_OAUTH_CLIENT_SECRET:0.0.1',
-    ],
+    requiredEnvVars: ['GOOGLE_OAUTH_CLIENT_ID:0.0.1', 'GOOGLE_OAUTH_CLIENT_SECRET:0.0.1'],
 };
 export const HUGGINGFACE_MCP_SERVER_0_0_1 = {
     id: 'huggingface',
@@ -136,13 +126,7 @@ export const HUGGINGFACE_MCP_SERVER_0_0_1 = {
     emoji: '🤗',
     url: '',
     command: 'npx',
-    args: [
-        '-y',
-        'mcp-remote',
-        'https://huggingface.co/mcp',
-        '--header',
-        'Authorization: Bearer ${HF_TOKEN}',
-    ],
+    args: ['-y', 'mcp-remote', 'https://huggingface.co/mcp', '--header', 'Authorization: Bearer ${HF_TOKEN}'],
     transport: 'stdio',
     enabled: true,
     isAvailable: false,
@@ -158,13 +142,7 @@ export const KAGGLE_MCP_SERVER_0_0_1 = {
     emoji: '📊',
     url: '',
     command: 'npx',
-    args: [
-        '-y',
-        'mcp-remote',
-        'https://www.kaggle.com/mcp',
-        '--header',
-        'Authorization: Bearer ${KAGGLE_TOKEN}',
-    ],
+    args: ['-y', 'mcp-remote', 'https://www.kaggle.com/mcp', '--header', 'Authorization: Bearer ${KAGGLE_TOKEN}'],
     transport: 'stdio',
     enabled: true,
     isAvailable: false,
@@ -185,10 +163,7 @@ export const SALESFORCE_MCP_SERVER_0_0_1 = {
     enabled: true,
     isAvailable: false,
     tools: [],
-    requiredEnvVars: [
-        'SALESFORCE_ACCESS_TOKEN:0.0.1',
-        'SALESFORCE_INSTANCE_URL:0.0.1',
-    ],
+    requiredEnvVars: ['SALESFORCE_ACCESS_TOKEN:0.0.1', 'SALESFORCE_INSTANCE_URL:0.0.1'],
 };
 export const SLACK_MCP_SERVER_0_0_1 = {
     id: 'slack',
@@ -204,11 +179,7 @@ export const SLACK_MCP_SERVER_0_0_1 = {
     enabled: true,
     isAvailable: false,
     tools: [],
-    requiredEnvVars: [
-        'SLACK_BOT_TOKEN:0.0.1',
-        'SLACK_TEAM_ID:0.0.1',
-        'SLACK_CHANNEL_IDS:0.0.1',
-    ],
+    requiredEnvVars: ['SLACK_BOT_TOKEN:0.0.1', 'SLACK_TEAM_ID:0.0.1', 'SLACK_CHANNEL_IDS:0.0.1'],
 };
 export const TAVILY_MCP_SERVER_0_0_1 = {
     id: 'tavily',

package/lib/specs/memory.d.ts

@@ -10,12 +10,14 @@ import type { MemorySpec } from '../types';
 export declare const Memories: {
     readonly EPHEMERAL: "ephemeral";
     readonly MEM0: "mem0";
+    readonly MEMPALACE: "mempalace";
     readonly MEMU: "memu";
     readonly SIMPLEMEM: "simplemem";
 };
 export type MemoryId = (typeof Memories)[keyof typeof Memories];
 export declare const EPHEMERAL_MEMORY_0_0_1: MemorySpec;
 export declare const MEM0_MEMORY_0_0_1: MemorySpec;
+export declare const MEMPALACE_MEMORY_0_0_1: MemorySpec;
 export declare const MEMU_MEMORY_0_0_1: MemorySpec;
 export declare const SIMPLEMEM_MEMORY_0_0_1: MemorySpec;
 export declare const MEMORY_CATALOGUE: Record<string, MemorySpec>;

package/lib/specs/memory.js

@@ -8,6 +8,7 @@
 export const Memories = {
     EPHEMERAL: 'ephemeral',
     MEM0: 'mem0',
+    MEMPALACE: 'mempalace',
     MEMU: 'memu',
     SIMPLEMEM: 'simplemem',
 };
@@ -36,6 +37,17 @@ export const MEM0_MEMORY_0_0_1 = {
     icon: 'brain',
     emoji: '🧠',
 };
+export const MEMPALACE_MEMORY_0_0_1 = {
+    id: 'mempalace',
+    version: '0.0.1',
+    name: 'MemPalace Memory',
+    description: 'Highest-scoring AI memory system ever benchmarked (96.6% LongMemEval R@5 raw, 100% with Haiku rerank). Inspired by the ancient Greek method of loci, MemPalace organizes memories into a navigable palace: wings (people/projects), halls (memory types), rooms (specific topics), closets (compressed summaries), and drawers (verbatim originals). Includes AAAK lossless compression (30x token reduction), a temporal knowledge graph, specialist agents with diaries, and contradiction detection. Entirely local — no cloud, no API keys, no subscription. Works with any LLM.',
+    persistence: 'permanent',
+    scope: 'user',
+    backend: 'chromadb',
+    icon: 'castle',
+    emoji: '🏰',
+};
 export const MEMU_MEMORY_0_0_1 = {
     id: 'memu',
     version: '0.0.1',
@@ -62,10 +74,11 @@ export const SIMPLEMEM_MEMORY_0_0_1 = {
 // Memory Catalog
 // ============================================================================
 export const MEMORY_CATALOGUE = {
-    ephemeral: EPHEMERAL_MEMORY_0_0_1,
-    mem0: MEM0_MEMORY_0_0_1,
-    memu: MEMU_MEMORY_0_0_1,
-    simplemem: SIMPLEMEM_MEMORY_0_0_1,
+    'ephemeral': EPHEMERAL_MEMORY_0_0_1,
+    'mem0': MEM0_MEMORY_0_0_1,
+    'mempalace': MEMPALACE_MEMORY_0_0_1,
+    'memu': MEMU_MEMORY_0_0_1,
+    'simplemem': SIMPLEMEM_MEMORY_0_0_1,
 };
 export const DEFAULT_MEMORY = Memories.EPHEMERAL;
 function resolveMemoryId(memoryId) {

package/lib/specs/models.js

@@ -118,11 +118,7 @@ export const BEDROCK_US_ANTHROPIC_CLAUDE_3_5_HAIKU_20241022_V1_0_0_0_1 = {
     description: 'Claude Haiku 3.5 via AWS Bedrock - fast and efficient',
     provider: 'bedrock',
     default: false,
-    requiredEnvVars: [
-        'AWS_ACCESS_KEY_ID',
-        'AWS_SECRET_ACCESS_KEY',
-        'AWS_DEFAULT_REGION',
-    ],
+    requiredEnvVars: ['AWS_ACCESS_KEY_ID', 'AWS_SECRET_ACCESS_KEY', 'AWS_DEFAULT_REGION'],
 };
 export const BEDROCK_US_ANTHROPIC_CLAUDE_OPUS_4_6_V1_0_0_1 = {
     id: 'bedrock:us.anthropic.claude-opus-4-6-v1',
@@ -131,11 +127,7 @@ export const BEDROCK_US_ANTHROPIC_CLAUDE_OPUS_4_6_V1_0_0_1 = {
     description: 'Claude Opus 4.6 via AWS Bedrock',
     provider: 'bedrock',
     default: false,
-    requiredEnvVars: [
-        'AWS_ACCESS_KEY_ID',
-        'AWS_SECRET_ACCESS_KEY',
-        'AWS_DEFAULT_REGION',
-    ],
+    requiredEnvVars: ['AWS_ACCESS_KEY_ID', 'AWS_SECRET_ACCESS_KEY', 'AWS_DEFAULT_REGION'],
 };
 export const BEDROCK_US_ANTHROPIC_CLAUDE_OPUS_4_20250514_V1_0_0_0_1 = {
     id: 'bedrock:us.anthropic.claude-opus-4-20250514-v1:0',
@@ -144,11 +136,7 @@ export const BEDROCK_US_ANTHROPIC_CLAUDE_OPUS_4_20250514_V1_0_0_0_1 = {
     description: 'Claude Opus 4 via AWS Bedrock - highest capability',
     provider: 'bedrock',
     default: false,
-    requiredEnvVars: [
-        'AWS_ACCESS_KEY_ID',
-        'AWS_SECRET_ACCESS_KEY',
-        'AWS_DEFAULT_REGION',
-    ],
+    requiredEnvVars: ['AWS_ACCESS_KEY_ID', 'AWS_SECRET_ACCESS_KEY', 'AWS_DEFAULT_REGION'],
 };
 export const BEDROCK_US_ANTHROPIC_CLAUDE_SONNET_4_5_20250929_V1_0_0_0_1 = {
     id: 'bedrock:us.anthropic.claude-sonnet-4-5-20250929-v1:0',
@@ -157,11 +145,7 @@ export const BEDROCK_US_ANTHROPIC_CLAUDE_SONNET_4_5_20250929_V1_0_0_0_1 = {
     description: 'Claude Sonnet 4.5 via AWS Bedrock - balanced performance',
     provider: 'bedrock',
     default: true,
-    requiredEnvVars: [
-        'AWS_ACCESS_KEY_ID',
-        'AWS_SECRET_ACCESS_KEY',
-        'AWS_DEFAULT_REGION',
-    ],
+    requiredEnvVars: ['AWS_ACCESS_KEY_ID', 'AWS_SECRET_ACCESS_KEY', 'AWS_DEFAULT_REGION'],
 };
 export const BEDROCK_US_ANTHROPIC_CLAUDE_SONNET_4_20250514_V1_0_0_0_1 = {
     id: 'bedrock:us.anthropic.claude-sonnet-4-20250514-v1:0',
@@ -170,11 +154,7 @@ export const BEDROCK_US_ANTHROPIC_CLAUDE_SONNET_4_20250514_V1_0_0_0_1 = {
     description: 'Claude Sonnet 4 via AWS Bedrock - strong reasoning',
     provider: 'bedrock',
     default: false,
-    requiredEnvVars: [
-        'AWS_ACCESS_KEY_ID',
-        'AWS_SECRET_ACCESS_KEY',
-        'AWS_DEFAULT_REGION',
-    ],
+    requiredEnvVars: ['AWS_ACCESS_KEY_ID', 'AWS_SECRET_ACCESS_KEY', 'AWS_DEFAULT_REGION'],
 };
 export const OPENAI_GPT_4_1_MINI_0_0_1 = {
     id: 'openai:gpt-4.1-mini',