@graphmemory/server 1.1.0 → 1.2.0

package/README.md

@@ -6,86 +6,90 @@ then exposes them as **58 MCP tools** + **REST API** + **Web UI**.
 
 ## Quick start
 
-### Docker (recommended)
-
 ```bash
-# 1. Create graph-memory.yaml
-cat > graph-memory.yaml << 'EOF'
-server:
-  host: "0.0.0.0"
-  port: 3000
-  modelsDir: "/data/models"
+npm install -g @graphmemory/server
+cd /path/to/my-project
+graphmemory serve
+```
 
-projects:
-  my-app:
-    projectDir: "/data/projects/my-app"
-EOF
+That's it. No config file needed — the current directory becomes your project. Open http://localhost:3000 for the web UI.
 
-# 2. Run
-docker run -d \
-  --name graph-memory \
-  -p 3000:3000 \
-  -v $(pwd)/graph-memory.yaml:/data/config/graph-memory.yaml:ro \
-  -v /path/to/my-app:/data/projects/my-app:ro \
-  -v graph-memory-models:/data/models \
-  ghcr.io/graph-memory/graphmemory-server
-```
+The embedding model (~560 MB) downloads on first startup and is cached at `~/.graph-memory/models/`.
 
-Open http://localhost:3000 — the web UI is ready. The embedding model (~560 MB) downloads on first startup.
+### Connect an MCP client
 
-### npm
+**Claude Code:**
 
 ```bash
-npm install -g @graphmemory/server
-graphmemory serve --config graph-memory.yaml
+claude mcp add --transport http --scope project graph-memory http://localhost:3000/mcp/my-project
 ```
 
-### From source
+**Claude Desktop** — add via **Settings > Connectors**, enter the URL:
 
-```bash
-git clone https://github.com/graph-memory/graphmemory.git
-cd graphmemory
-npm install && cd ui && npm install && cd ..
-npm run build
-node dist/cli/index.js serve --config graph-memory.yaml
+```
+http://localhost:3000/mcp/my-project
+```
+
+**Cursor / Windsurf / other clients** — enter the URL directly in settings:
+
+```
+http://localhost:3000/mcp/my-project
 ```
 
-## Connect an MCP client
+The project ID is your directory name. Multiple clients can connect simultaneously.
 
-Start the server, then connect MCP clients to `http://localhost:3000/mcp/{projectId}`.
+### With a config file
 
-**Claude Desktop** — add via **Settings > Connectors** in the app, enter the URL:
+For multi-project setups, custom embedding models, auth, or workspaces — create `graph-memory.yaml`:
 
+```yaml
+projects:
+  my-app:
+    projectDir: "/path/to/my-app"
+  docs-site:
+    projectDir: "/path/to/docs"
+    graphs:
+      code:
+        enabled: false
 ```
-http://localhost:3000/mcp/my-app
+
+```bash
+graphmemory serve --config graph-memory.yaml
 ```
 
-**Claude Code** — run in your project directory:
+See [docs/configuration.md](docs/configuration.md) for full reference and [graph-memory.yaml.example](graph-memory.yaml.example) for all options.
+
+### Docker
 
 ```bash
-claude mcp add --transport http --scope project graph-memory http://localhost:3000/mcp/my-app
+docker run -d \
+  --name graph-memory \
+  -p 3000:3000 \
+  -v $(pwd)/graph-memory.yaml:/data/config/graph-memory.yaml:ro \
+  -v /path/to/my-app:/data/projects/my-app:ro \
+  -v graph-memory-models:/data/models \
+  ghcr.io/graph-memory/graphmemory-server
 ```
 
-Or add to `.mcp.json` manually:
-
-```json
-{
-  "mcpServers": {
-    "graph-memory": {
-      "type": "http",
-      "url": "http://localhost:3000/mcp/my-app"
-    }
-  }
-}
-```
+Docker Compose:
 
-**Cursor / Windsurf / other clients** — enter the URL directly in settings:
+```yaml
+services:
+  graph-memory:
+    image: ghcr.io/graph-memory/graphmemory-server
+    ports:
+      - "3000:3000"
+    volumes:
+      - ./graph-memory.yaml:/data/config/graph-memory.yaml:ro
+      - /path/to/my-app:/data/projects/my-app
+      - models:/data/models
+    restart: unless-stopped
 
-```
-http://localhost:3000/mcp/my-app
+volumes:
+  models:
 ```
 
-See [docs/cli.md](docs/cli.md) for stdio transport and other connection options.
+See [docs/docker.md](docs/docker.md) for details.
 
 ## What it does
 
@@ -99,7 +103,7 @@ See [docs/cli.md](docs/cli.md) for stdio transport and other connection options.
 | **Skills** | Reusable recipes with steps, triggers, and usage tracking |
 | **Hybrid search** | BM25 keyword + vector cosine similarity with BFS graph expansion |
 | **Real-time** | File watching + WebSocket push to UI |
-| **Multi-project** | One process manages multiple projects with YAML hot-reload |
+| **Multi-project** | One process manages multiple projects from a single config |
 | **Workspaces** | Share knowledge/tasks/skills across related projects |
 | **Auth & ACL** | Password login (JWT), API keys, 4-level access control |
 
@@ -125,31 +129,6 @@ Graph (Cytoscape.js visualization), Tools (MCP explorer), Help.
 
 Light/dark theme. Real-time WebSocket updates. Login page when auth is configured.
 
-## Configuration
-
-All configuration via `graph-memory.yaml`. Only `projects.<id>.projectDir` is required:
-
-```yaml
-server:
-  host: "127.0.0.1"
-  port: 3000
-  embedding:
-    model: "Xenova/bge-m3"
-
-projects:
-  my-app:
-    projectDir: "/path/to/my-app"
-    graphs:
-      docs:
-        include: "**/*.md"               # default
-      code:
-        include: "**/*.{js,ts,jsx,tsx}"  # default
-      skills:
-        enabled: false
-```
-
-See [docs/configuration.md](docs/configuration.md) for full reference and [graph-memory.yaml.example](graph-memory.yaml.example) for all options.
-
 ## Authentication
 
 ```yaml
@@ -171,26 +150,6 @@ server:
 
 See [docs/authentication.md](docs/authentication.md).
 
-## Docker Compose
-
-```yaml
-services:
-  graph-memory:
-    image: ghcr.io/graph-memory/graphmemory-server
-    ports:
-      - "3000:3000"
-    volumes:
-      - ./graph-memory.yaml:/data/config/graph-memory.yaml:ro
-      - /path/to/my-app:/data/projects/my-app
-      - models:/data/models
-    restart: unless-stopped
-
-volumes:
-  models:
-```
-
-See [docs/docker.md](docs/docker.md).
-
 ## Development
 
 ```bash

package/dist/api/index.js

@@ -37,13 +37,11 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.createMcpServer = createMcpServer;
-exports.startStdioServer = startStdioServer;
 exports.startHttpServer = startHttpServer;
 exports.startMultiProjectHttpServer = startMultiProjectHttpServer;
 const http_1 = __importDefault(require("http"));
 const crypto_1 = require("crypto");
 const mcp_js_1 = require("@modelcontextprotocol/sdk/server/mcp.js");
-const stdio_js_1 = require("@modelcontextprotocol/sdk/server/stdio.js");
 const streamableHttp_js_1 = require("@modelcontextprotocol/sdk/server/streamableHttp.js");
 const embedder_1 = require("../lib/embedder");
 const index_1 = require("../api/rest/index");
@@ -180,7 +178,7 @@ function createMcpServer(docGraph, codeGraph, knowledgeGraph, fileIndexGraph, ta
         };
     // Build instructions for MCP clients (workspace/project context)
     const instructions = sessionContext ? buildInstructions(sessionContext) : undefined;
-    const server = new mcp_js_1.McpServer({ name: 'graphmemory', version: '1.1.0' }, instructions ? { instructions } : undefined);
+    const server = new mcp_js_1.McpServer({ name: 'graphmemory', version: '1.2.0' }, instructions ? { instructions } : undefined);
     // Mutation tools are registered through mutServer to serialize concurrent writes
     const mutServer = mutationQueue ? createMutationServer(server, mutationQueue) : server;
     // Context tool (always registered)
@@ -225,7 +223,7 @@ function createMcpServer(docGraph, codeGraph, knowledgeGraph, fileIndexGraph, ta
     if (knowledgeGraph) {
         const ctx = projectDir ? { ...(0, manager_types_1.noopContext)(), projectDir } : (0, manager_types_1.noopContext)();
         const knowledgeMgr = new knowledge_1.KnowledgeGraphManager(knowledgeGraph, fns.knowledge, ctx, {
-            docGraph, codeGraph, fileIndexGraph, taskGraph,
+            docGraph, codeGraph, fileIndexGraph, taskGraph, skillGraph,
         });
         createNote.register(mutServer, knowledgeMgr);
         updateNote.register(mutServer, knowledgeMgr);
@@ -245,7 +243,7 @@ function createMcpServer(docGraph, codeGraph, knowledgeGraph, fileIndexGraph, ta
     if (taskGraph) {
         const taskCtx = projectDir ? { ...(0, manager_types_1.noopContext)(), projectDir } : (0, manager_types_1.noopContext)();
         const taskMgr = new task_1.TaskGraphManager(taskGraph, fns.tasks, taskCtx, {
-            docGraph, codeGraph, knowledgeGraph, fileIndexGraph,
+            docGraph, codeGraph, knowledgeGraph, fileIndexGraph, skillGraph,
         });
         createTask.register(mutServer, taskMgr);
         updateTask.register(mutServer, taskMgr);
@@ -284,19 +282,19 @@ function createMcpServer(docGraph, codeGraph, knowledgeGraph, fileIndexGraph, ta
     }
     return server;
 }
-async function startStdioServer(docGraph, codeGraph, knowledgeGraph, fileIndexGraph, taskGraph, embedFn, projectDir, skillGraph, sessionContext) {
-    const server = createMcpServer(docGraph, codeGraph, knowledgeGraph, fileIndexGraph, taskGraph, embedFn, undefined, projectDir, skillGraph, sessionContext);
-    const transport = new stdio_js_1.StdioServerTransport();
-    await server.connect(transport);
-    process.stderr.write('[server] MCP server running on stdio\n');
-}
 // ---------------------------------------------------------------------------
 // HTTP transport (Streamable HTTP)
 // ---------------------------------------------------------------------------
+const MAX_BODY_SIZE = 10 * 1024 * 1024; // 10 MB
 async function collectBody(req) {
     const chunks = [];
-    for await (const chunk of req)
+    let size = 0;
+    for await (const chunk of req) {
+        size += chunk.length;
+        if (size > MAX_BODY_SIZE)
+            throw new Error('Request body too large');
         chunks.push(chunk);
+    }
     return JSON.parse(Buffer.concat(chunks).toString());
 }
 async function startHttpServer(host, port, sessionTimeoutMs, docGraph, codeGraph, knowledgeGraph, fileIndexGraph, taskGraph, embedFn, projectDir, skillGraph, sessionContext) {
@@ -314,40 +312,46 @@ async function startHttpServer(host, port, sessionTimeoutMs, docGraph, codeGraph
     }, 60_000);
     sweepInterval.unref();
     const httpServer = http_1.default.createServer(async (req, res) => {
-        if (req.url !== '/mcp') {
-            res.writeHead(404).end();
-            return;
-        }
-        const sessionId = req.headers['mcp-session-id'];
-        // Existing session — route to its transport
-        if (sessionId && sessions.has(sessionId)) {
-            const session = sessions.get(sessionId);
-            session.lastActivity = Date.now();
-            const body = req.method === 'POST' ? await collectBody(req) : undefined;
-            await session.transport.handleRequest(req, res, body);
-            return;
+        try {
+            if (req.url !== '/mcp') {
+                res.writeHead(404).end();
+                return;
+            }
+            const sessionId = req.headers['mcp-session-id'];
+            // Existing session — route to its transport
+            if (sessionId && sessions.has(sessionId)) {
+                const session = sessions.get(sessionId);
+                session.lastActivity = Date.now();
+                const body = req.method === 'POST' ? await collectBody(req) : undefined;
+                await session.transport.handleRequest(req, res, body);
+                return;
+            }
+            // New session — only POST (initialize) can create one
+            if (req.method !== 'POST') {
+                res.writeHead(400).end('No session');
+                return;
+            }
+            const body = await collectBody(req);
+            const transport = new streamableHttp_js_1.StreamableHTTPServerTransport({
+                sessionIdGenerator: () => (0, crypto_1.randomUUID)(),
+                onsessioninitialized: (sid) => {
+                    sessions.set(sid, { server: mcpServer, transport, lastActivity: Date.now() });
+                    process.stderr.write(`[http] Session ${sid} started\n`);
+                },
+            });
+            transport.onclose = () => {
+                const sid = transport.sessionId;
+                if (sid)
+                    sessions.delete(sid);
+            };
+            const mcpServer = createMcpServer(docGraph, codeGraph, knowledgeGraph, fileIndexGraph, taskGraph, embedFn, undefined, projectDir, skillGraph, sessionContext);
+            await mcpServer.connect(transport);
+            await transport.handleRequest(req, res, body);
         }
-        // New session — only POST (initialize) can create one
-        if (req.method !== 'POST') {
-            res.writeHead(400).end('No session');
-            return;
+        catch (err) {
+            if (!res.headersSent)
+                res.writeHead(400).end(String(err));
         }
-        const body = await collectBody(req);
-        const transport = new streamableHttp_js_1.StreamableHTTPServerTransport({
-            sessionIdGenerator: () => (0, crypto_1.randomUUID)(),
-            onsessioninitialized: (sid) => {
-                sessions.set(sid, { server: mcpServer, transport, lastActivity: Date.now() });
-                process.stderr.write(`[http] Session ${sid} started\n`);
-            },
-        });
-        transport.onclose = () => {
-            const sid = transport.sessionId;
-            if (sid)
-                sessions.delete(sid);
-        };
-        const mcpServer = createMcpServer(docGraph, codeGraph, knowledgeGraph, fileIndexGraph, taskGraph, embedFn, undefined, projectDir, skillGraph, sessionContext);
-        await mcpServer.connect(transport);
-        await transport.handleRequest(req, res, body);
     });
     return new Promise((resolve) => {
         httpServer.listen(port, host, () => {
@@ -373,95 +377,104 @@ async function startMultiProjectHttpServer(host, port, sessionTimeoutMs, project
     // Express app handles /api/* routes
     const restApp = (0, index_1.createRestApp)(projectManager, restOptions);
     const httpServer = http_1.default.createServer(async (req, res) => {
-        // Route /api/* to Express
-        if (req.url?.startsWith('/api/')) {
-            restApp(req, res);
-            return;
-        }
-        // Route: /mcp/{workspaceId}/{projectId} or /mcp/{projectId}
-        const wsMatch = req.url?.match(/^\/mcp\/([^/?]+)\/([^/?]+)/);
-        const projMatch = !wsMatch ? req.url?.match(/^\/mcp\/([^/?]+)/) : null;
-        if (!wsMatch && !projMatch) {
-            // Everything else (UI static files, SPA fallback) goes through Express
-            restApp(req, res);
-            return;
-        }
-        // Resolve project and optional workspace from URL
-        let projectId;
-        let workspaceId;
-        if (wsMatch) {
-            const maybeWs = decodeURIComponent(wsMatch[1]);
-            const maybeProjId = decodeURIComponent(wsMatch[2]);
-            const ws = projectManager.getWorkspace(maybeWs);
-            if (ws) {
-                // Valid workspace route
-                if (!ws.config.projects.includes(maybeProjId)) {
-                    res.writeHead(404).end(JSON.stringify({ error: `Project "${maybeProjId}" is not part of workspace "${maybeWs}"` }));
-                    return;
+        try {
+            // Route /api/* to Express
+            if (req.url?.startsWith('/api/')) {
+                restApp(req, res);
+                return;
+            }
+            // Route: /mcp/{workspaceId}/{projectId} or /mcp/{projectId}
+            const wsMatch = req.url?.match(/^\/mcp\/([^/?]+)\/([^/?]+)/);
+            const projMatch = !wsMatch ? req.url?.match(/^\/mcp\/([^/?]+)/) : null;
+            if (!wsMatch && !projMatch) {
+                // Everything else (UI static files, SPA fallback) goes through Express
+                restApp(req, res);
+                return;
+            }
+            // Resolve project and optional workspace from URL
+            let projectId;
+            let workspaceId;
+            if (wsMatch) {
+                const maybeWs = decodeURIComponent(wsMatch[1]);
+                const maybeProjId = decodeURIComponent(wsMatch[2]);
+                const ws = projectManager.getWorkspace(maybeWs);
+                if (ws) {
+                    // Valid workspace route
+                    if (!ws.config.projects.includes(maybeProjId)) {
+                        res.writeHead(404).end(JSON.stringify({ error: `Project "${maybeProjId}" is not part of workspace "${maybeWs}"` }));
+                        return;
+                    }
+                    workspaceId = maybeWs;
+                    projectId = maybeProjId;
+                }
+                else {
+                    // Not a workspace — treat first segment as projectId (fallback)
+                    projectId = maybeWs;
                 }
-                workspaceId = maybeWs;
-                projectId = maybeProjId;
             }
             else {
-                // Not a workspace — treat first segment as projectId (fallback)
-                projectId = maybeWs;
+                projectId = decodeURIComponent(projMatch[1]);
             }
-        }
-        else {
-            projectId = decodeURIComponent(projMatch[1]);
-        }
-        const sessionId = req.headers['mcp-session-id'];
-        // Existing session — route to its transport
-        if (sessionId && sessions.has(sessionId)) {
-            const session = sessions.get(sessionId);
-            if (session.projectId !== projectId) {
-                res.writeHead(400).end('Session belongs to a different project');
+            const sessionId = req.headers['mcp-session-id'];
+            // Existing session — route to its transport
+            if (sessionId && sessions.has(sessionId)) {
+                const session = sessions.get(sessionId);
+                if (session.projectId !== projectId) {
+                    res.writeHead(400).end('Session belongs to a different project');
+                    return;
+                }
+                session.lastActivity = Date.now();
+                const body = req.method === 'POST' ? await collectBody(req) : undefined;
+                await session.transport.handleRequest(req, res, body);
                 return;
             }
-            session.lastActivity = Date.now();
-            const body = req.method === 'POST' ? await collectBody(req) : undefined;
-            await session.transport.handleRequest(req, res, body);
-            return;
-        }
-        // New session — only POST (initialize) can create one
-        if (req.method !== 'POST') {
-            res.writeHead(400).end('No session');
-            return;
+            // New session — only POST (initialize) can create one
+            if (req.method !== 'POST') {
+                res.writeHead(400).end('No session');
+                return;
+            }
+            // Validate project exists
+            const project = projectManager.getProject(projectId);
+            if (!project) {
+                res.writeHead(404).end(JSON.stringify({ error: `Project "${projectId}" not found` }));
+                return;
+            }
+            // Build session context (auto-detect workspace if not in URL)
+            const ws = workspaceId
+                ? projectManager.getWorkspace(workspaceId)
+                : projectManager.getProjectWorkspace(projectId);
+            const sessionCtx = {
+                projectId,
+                workspaceId: ws?.id,
+                workspaceProjects: ws?.config.projects,
+            };
+            const body = await collectBody(req);
+            const transport = new streamableHttp_js_1.StreamableHTTPServerTransport({
+                sessionIdGenerator: () => (0, crypto_1.randomUUID)(),
+                onsessioninitialized: (sid) => {
+                    sessions.set(sid, { projectId, workspaceId: ws?.id, server: mcpServer, transport, lastActivity: Date.now() });
+                    process.stderr.write(`[http] Session ${sid} started (project: ${projectId}${ws ? `, workspace: ${ws.id}` : ''})\n`);
+                },
+            });
+            transport.onclose = () => {
+                const sid = transport.sessionId;
+                if (sid)
+                    sessions.delete(sid);
+            };
+            const mcpServer = createMcpServer(project.docGraph, project.codeGraph, project.knowledgeGraph, project.fileIndexGraph, project.taskGraph, project.embedFns, project.mutationQueue, project.config.projectDir, project.skillGraph, sessionCtx);
+            await mcpServer.connect(transport);
+            await transport.handleRequest(req, res, body);
         }
-        // Validate project exists
-        const project = projectManager.getProject(projectId);
-        if (!project) {
-            res.writeHead(404).end(JSON.stringify({ error: `Project "${projectId}" not found` }));
-            return;
+        catch (err) {
+            if (!res.headersSent)
+                res.writeHead(400).end(String(err));
         }
-        // Build session context (auto-detect workspace if not in URL)
-        const ws = workspaceId
-            ? projectManager.getWorkspace(workspaceId)
-            : projectManager.getProjectWorkspace(projectId);
-        const sessionCtx = {
-            projectId,
-            workspaceId: ws?.id,
-            workspaceProjects: ws?.config.projects,
-        };
-        const body = await collectBody(req);
-        const transport = new streamableHttp_js_1.StreamableHTTPServerTransport({
-            sessionIdGenerator: () => (0, crypto_1.randomUUID)(),
-            onsessioninitialized: (sid) => {
-                sessions.set(sid, { projectId, workspaceId: ws?.id, server: mcpServer, transport, lastActivity: Date.now() });
-                process.stderr.write(`[http] Session ${sid} started (project: ${projectId}${ws ? `, workspace: ${ws.id}` : ''})\n`);
-            },
-        });
-        transport.onclose = () => {
-            const sid = transport.sessionId;
-            if (sid)
-                sessions.delete(sid);
-        };
-        const mcpServer = createMcpServer(project.docGraph, project.codeGraph, project.knowledgeGraph, project.fileIndexGraph, project.taskGraph, project.embedFns, project.mutationQueue, project.config.projectDir, project.skillGraph, sessionCtx);
-        await mcpServer.connect(transport);
-        await transport.handleRequest(req, res, body);
     });
     // Attach WebSocket server for real-time events
-    (0, websocket_1.attachWebSocket)(httpServer, projectManager);
+    (0, websocket_1.attachWebSocket)(httpServer, projectManager, {
+        jwtSecret: restOptions?.serverConfig?.jwtSecret,
+        users: restOptions?.users,
+    });
     return new Promise((resolve) => {
         httpServer.listen(port, host, () => {
             process.stderr.write(`[server] MCP endpoints: http://${host}:${port}/mcp/{projectId} and /mcp/{workspaceId}/{projectId}\n`);

package/dist/api/rest/index.js

@@ -63,7 +63,7 @@ function createRestApp(projectManager, options) {
     }
     if (rl && rl.search > 0) {
         const searchLimiter = (0, express_rate_limit_1.default)({ windowMs: 60_000, max: rl.search, standardHeaders: true, legacyHeaders: false, message: rateLimitMsg });
-        app.use('/api/projects/:projectId/knowledge/notes/search', searchLimiter);
+        app.use('/api/projects/:projectId/knowledge/search', searchLimiter);
         app.use('/api/projects/:projectId/tasks/search', searchLimiter);
         app.use('/api/projects/:projectId/skills/search', searchLimiter);
         app.use('/api/projects/:projectId/docs/search', searchLimiter);

package/dist/api/rest/websocket.js

@@ -2,19 +2,40 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.attachWebSocket = attachWebSocket;
 const ws_1 = require("ws");
+const jwt_1 = require("../../lib/jwt");
 /**
  * Attach a WebSocket server to the HTTP server at /api/ws.
  * Broadcasts all ProjectManager events to connected clients.
  * Each event includes projectId — clients filter on their side.
  */
-function attachWebSocket(httpServer, projectManager) {
+function attachWebSocket(httpServer, projectManager, options) {
     const wss = new ws_1.WebSocketServer({ noServer: true });
+    const jwtSecret = options?.jwtSecret;
+    const users = options?.users ?? {};
+    const hasUsers = Object.keys(users).length > 0;
     // Handle upgrade requests for /api/ws
     httpServer.on('upgrade', (req, socket, head) => {
         if (req.url !== '/api/ws') {
             socket.destroy();
             return;
         }
+        // Auth: if users are configured, require valid JWT cookie or reject
+        if (hasUsers && jwtSecret) {
+            const cookie = req.headers.cookie ?? '';
+            const match = cookie.match(/(?:^|;\s*)mgm_access=([^;]+)/);
+            const token = match?.[1];
+            if (!token) {
+                socket.write('HTTP/1.1 401 Unauthorized\r\n\r\n');
+                socket.destroy();
+                return;
+            }
+            const payload = (0, jwt_1.verifyToken)(token, jwtSecret);
+            if (!payload || payload.type !== 'access' || !users[payload.userId]) {
+                socket.write('HTTP/1.1 401 Unauthorized\r\n\r\n');
+                socket.destroy();
+                return;
+            }
+        }
         wss.handleUpgrade(req, socket, head, (ws) => {
             ws.on('error', (err) => {
                 process.stderr.write(`[ws] Client error: ${err}\n`);

package/dist/api/tools/knowledge/create-relation.js

@@ -12,8 +12,8 @@ function register(server, mgr) {
             fromId: zod_1.z.string().describe('Source note ID'),
             toId: zod_1.z.string().describe('Target note ID, or target node ID in docs/code/files/tasks graph'),
             kind: zod_1.z.string().describe('Relation type, e.g. "depends_on", "references"'),
-            targetGraph: zod_1.z.enum(['docs', 'code', 'files', 'tasks']).optional()
-                .describe('Set to "docs", "code", "files", or "tasks" to create a cross-graph link instead of note-to-note'),
+            targetGraph: zod_1.z.enum(['docs', 'code', 'files', 'tasks', 'skills']).optional()
+                .describe('Set to "docs", "code", "files", "tasks", or "skills" to create a cross-graph link instead of note-to-note'),
             projectId: zod_1.z.string().optional().describe('Project ID that the target node belongs to. Defaults to the current project.'),
         },
     }, async ({ fromId, toId, kind, targetGraph, projectId }) => {

package/dist/api/tools/knowledge/delete-relation.js

@@ -9,8 +9,8 @@ function register(server, mgr) {
         inputSchema: {
             fromId: zod_1.z.string().describe('Source note ID'),
             toId: zod_1.z.string().describe('Target note ID, or target node ID in docs/code/files/tasks graph'),
-            targetGraph: zod_1.z.enum(['docs', 'code', 'files', 'tasks']).optional()
-                .describe('Set to "docs", "code", "files", or "tasks" when deleting a cross-graph link'),
+            targetGraph: zod_1.z.enum(['docs', 'code', 'files', 'tasks', 'skills']).optional()
+                .describe('Set to "docs", "code", "files", "tasks", or "skills" when deleting a cross-graph link'),
             projectId: zod_1.z.string().optional().describe('Project ID that the target node belongs to. Defaults to the current project.'),
         },
     }, async ({ fromId, toId, targetGraph, projectId }) => {

package/dist/api/tools/knowledge/find-linked-notes.js

@@ -11,7 +11,7 @@ function register(server, mgr) {
             'Use get_note to fetch full content of a returned note.',
         inputSchema: {
             targetId: zod_1.z.string().describe('Target node ID in the external graph (e.g. "src/config.ts", "src/auth.ts::login", "docs/api.md::Setup")'),
-            targetGraph: zod_1.z.enum(['docs', 'code', 'files', 'tasks']).describe('Which graph the target belongs to: "docs", "code", "files", or "tasks"'),
+            targetGraph: zod_1.z.enum(['docs', 'code', 'files', 'tasks', 'skills']).describe('Which graph the target belongs to'),
             kind: zod_1.z.string().optional().describe('Filter by relation kind (e.g. "references", "depends_on"). If omitted, returns all relations.'),
             projectId: zod_1.z.string().optional().describe('Project ID that the target node belongs to. Defaults to the current project.'),
         },

package/dist/api/tools/tasks/create-task-link.js

@@ -10,7 +10,7 @@ function register(server, mgr) {
         inputSchema: {
             taskId: zod_1.z.string().describe('Source task ID'),
             targetId: zod_1.z.string().describe('Target node ID in the external graph (e.g. "src/auth.ts::login", "api.md::Setup", "my-note")'),
-            targetGraph: zod_1.z.enum(['docs', 'code', 'files', 'knowledge'])
+            targetGraph: zod_1.z.enum(['docs', 'code', 'files', 'knowledge', 'skills'])
                 .describe('Which graph the target belongs to'),
             kind: zod_1.z.string().describe('Relation type, e.g. "references", "fixes", "implements"'),
             projectId: zod_1.z.string().optional().describe('Project ID that the target node belongs to. Defaults to the current project.'),

package/dist/api/tools/tasks/delete-task-link.js

@@ -9,7 +9,7 @@ function register(server, mgr) {
         inputSchema: {
             taskId: zod_1.z.string().describe('Source task ID'),
             targetId: zod_1.z.string().describe('Target node ID in the external graph'),
-            targetGraph: zod_1.z.enum(['docs', 'code', 'files', 'knowledge'])
+            targetGraph: zod_1.z.enum(['docs', 'code', 'files', 'knowledge', 'skills'])
                 .describe('Which graph the target belongs to'),
             projectId: zod_1.z.string().optional().describe('Project ID that the target node belongs to. Defaults to the current project.'),
         },