@mnemoverse/mcp-memory-server 0.3.0 → 0.3.2

package/.github/workflows/release.yml

@@ -0,0 +1,138 @@
+name: release
+
+# Automated release pipeline for @mnemoverse/mcp-memory-server.
+#
+# Trigger: push a semver tag `vX.Y.Z` to main (e.g. `git tag v0.3.2 && git push origin v0.3.2`).
+#
+# What this workflow does, in order:
+#   1. Checks that the tag's version matches package.json#version (catches "forgot to bump" mistakes).
+#   2. npm ci + npm run build (prebuild regenerates every generated artifact from source.json).
+#   3. npm run verify:configs — drift check, fails fast if anything is out of sync with source.json.
+#   4. npm publish — uses a repo-scoped automation token stored in the NPM_TOKEN secret.
+#   5. Installs mcp-publisher CLI (Linux amd64 bottle from the releases bucket).
+#   6. mcp-publisher login github-oidc — uses GitHub Actions' OIDC token, NO stored PAT.
+#   7. mcp-publisher publish — uploads the freshly-generated server.json to registry.modelcontextprotocol.io.
+#   8. gh release create — posts a GitHub release with auto-generated notes.
+#
+# Why OIDC instead of a PAT:
+# The GitHub OIDC provider issues a short-lived JWT that the MCP Registry trusts on the basis
+# of the repo's owner (mnemoverse) and branch/tag claim. No long-lived secret sits in the repo.
+# Prereq: `permissions: id-token: write` on the job, and the authenticating user's org
+# membership (izgorodin in mnemoverse) must be public — already done.
+#
+# Prerequisite secrets you must add at repo Settings > Secrets and variables > Actions:
+#   - NPM_TOKEN — npm automation token from npmjs.com/settings/{org}/tokens/granular-access-tokens/new
+#                 (select "Automation", grant publish access to @mnemoverse/mcp-memory-server).
+#
+# To release:
+#   1. Bump version in package.json + src/index.ts on main (keep them in sync).
+#   2. `npm run generate:configs` to propagate the new version to server.json.
+#   3. Commit, push to main (through PR, drift CI passes).
+#   4. `git tag v$(node -p "require('./package.json').version")`.
+#   5. `git push origin v0.x.y`.
+# The workflow does the rest.
+
+on:
+  push:
+    tags:
+      - "v*"
+  workflow_dispatch:
+    inputs:
+      tag:
+        description: "Tag to release (e.g. v0.3.2). Must already exist."
+        required: true
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    permissions:
+      # contents:write — needed to create the GitHub release.
+      # id-token:write — required by `mcp-publisher login github-oidc`.
+      contents: write
+      id-token: write
+
+    steps:
+      - name: Checkout tag
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.inputs.tag || github.ref }}
+          fetch-depth: 0
+
+      - name: Setup Node
+        uses: actions/setup-node@v4
+        with:
+          node-version: "20"
+          registry-url: "https://registry.npmjs.org"
+
+      - name: Verify tag matches package.json#version
+        run: |
+          set -euo pipefail
+          TAG="${{ github.event.inputs.tag || github.ref_name }}"
+          TAG_VERSION="${TAG#v}"
+          PKG_VERSION="$(node -p "require('./package.json').version")"
+          echo "tag:         $TAG"
+          echo "tag version: $TAG_VERSION"
+          echo "pkg version: $PKG_VERSION"
+          if [ "$TAG_VERSION" != "$PKG_VERSION" ]; then
+            echo "::error::Tag $TAG (version $TAG_VERSION) does not match package.json version $PKG_VERSION"
+            exit 1
+          fi
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Build (runs generate:configs via prebuild)
+        run: npm run build
+
+      - name: Verify no drift between source.json and generated artifacts
+        run: npm run verify:configs
+
+      - name: Publish to npm
+        run: npm publish --access public
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+
+      - name: Install mcp-publisher CLI
+        run: |
+          set -euo pipefail
+          curl -sSL \
+            "https://github.com/modelcontextprotocol/registry/releases/latest/download/mcp-publisher_linux_amd64.tar.gz" \
+            | tar xz mcp-publisher
+          ./mcp-publisher --help
+
+      - name: Authenticate with MCP Registry via GitHub OIDC
+        run: ./mcp-publisher login github-oidc
+
+      - name: Publish to Official MCP Registry
+        run: ./mcp-publisher publish
+
+      - name: Verify the registry entry shows the new version
+        run: |
+          set -euo pipefail
+          TAG="${{ github.event.inputs.tag || github.ref_name }}"
+          VERSION="${TAG#v}"
+          echo "Waiting a few seconds for the registry to propagate..."
+          sleep 3
+          RESULT="$(curl -sS "https://registry.modelcontextprotocol.io/v0.1/servers/io.github.mnemoverse%2Fmcp-memory-server/versions/$VERSION")"
+          echo "$RESULT" | python3 -m json.tool
+          echo "$RESULT" | python3 -c "
+          import sys, json
+          d = json.load(sys.stdin)
+          srv = d['server']
+          assert srv['version'] == '$VERSION', f\"registry version {srv['version']} != $VERSION\"
+          print(f'✓ Registry shows {srv[\"name\"]}@{srv[\"version\"]}')
+          "
+
+      - name: Create GitHub release
+        uses: softprops/action-gh-release@v2
+        with:
+          tag_name: ${{ github.event.inputs.tag || github.ref_name }}
+          name: ${{ github.event.inputs.tag || github.ref_name }}
+          generate_release_notes: true
+          body: |
+            Published via automated release pipeline (`.github/workflows/release.yml`).
+
+            - npm: https://www.npmjs.com/package/@mnemoverse/mcp-memory-server
+            - MCP Registry: https://registry.modelcontextprotocol.io/v0.1/servers?search=mnemoverse
+
+            Full changelog below.

package/.github/workflows/verify-configs.yml

@@ -0,0 +1,55 @@
+name: verify-configs
+
+# Mechanical drift detection for the single-source-of-truth distribution
+# config pipeline. See CONTRIBUTING.md for the design.
+#
+# This workflow MUST pass before any PR can merge into main. It runs the
+# generator in --check mode, which:
+#   1. Re-emits all 14 generated artifacts from src/configs/source.json
+#   2. Re-rewrites the README.md install block from the same source
+#   3. Compares each result to what is committed
+#   4. Exits 1 if anything differs
+#
+# If you see this job fail in your PR, run `npm run generate:configs` locally
+# and commit the regenerated files. Do NOT bypass — the whole point is that
+# bypassing leaves the README/snippets/marketplace listings drifting from
+# the actual npm package.
+
+on:
+  pull_request:
+    paths:
+      - "src/configs/source.json"
+      - "scripts/generate-configs.mjs"
+      - "package.json"
+      - "README.md"
+      - "docs/configs/**"
+      - "docs/snippets/**"
+      - "smithery.yaml"
+      - "server.json"
+      - ".github/workflows/verify-configs.yml"
+  push:
+    branches: [main]
+    paths:
+      - "src/configs/source.json"
+      - "scripts/generate-configs.mjs"
+      - "package.json"
+      - "README.md"
+      - "docs/configs/**"
+      - "docs/snippets/**"
+      - "smithery.yaml"
+      - "server.json"
+      - ".github/workflows/verify-configs.yml"
+
+jobs:
+  verify:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Node
+        uses: actions/setup-node@v4
+        with:
+          node-version: "20"
+
+      - name: Verify all 15 distribution artifacts are in sync with source.json
+        run: node scripts/generate-configs.mjs --check

package/CONTRIBUTING.md

@@ -0,0 +1,199 @@
+# Contributing to mcp-memory-server
+
+This package is the public face of Mnemoverse across every AI tool marketplace. A single typo in an install snippet breaks every Cursor / VS Code / Claude Desktop / Smithery / Official MCP Registry / GitHub README copy of it. To make that impossible, we use a **single source of truth** with mechanical drift detection.
+
+> **Read this before editing any install snippet, config, or README install section.** The rules are short, but ignoring them produces silent breakage that we only notice when a user reports it.
+
+---
+
+## The one rule
+
+**`src/configs/source.json` is the only file you may edit by hand for distribution metadata.** Everything else is generated and any manual edit will be overwritten — or, worse, will silently drift until CI catches it.
+
+Files that are **generated** (never edit by hand):
+
+| File | What it powers |
+| ---- | -------------- |
+| `docs/configs/cursor.json` | Cursor `.cursor/mcp.json` snippet |
+| `docs/configs/claude-desktop.json` | Claude Desktop `claude_desktop_config.json` snippet |
+| `docs/configs/windsurf.json` | Windsurf `mcp_config.json` snippet |
+| `docs/configs/vscode.json` | VS Code `.vscode/mcp.json` snippet (uses `servers`, not `mcpServers`) |
+| `docs/configs/cursor-deep-link.txt` | Base64-encoded `cursor://...` install URL |
+| `docs/configs/vscode-deep-link.txt` | URL-encoded `vscode:mcp/install?...` URL |
+| `docs/configs/claude-code-cli.sh` | `claude mcp add ...` shell command |
+| `smithery.yaml` | Smithery.ai `configSchema` + `commandFunction` |
+| `server.json` | Official MCP Registry manifest |
+| `docs/snippets/claude-code.md` | Markdown partial — Claude Code install (consumed by README + docs site) |
+| `docs/snippets/cursor.md` | Markdown partial — Cursor install |
+| `docs/snippets/claude-desktop.md` | Markdown partial — Claude Desktop install |
+| `docs/snippets/vscode.md` | Markdown partial — VS Code install |
+| `docs/snippets/windsurf.md` | Markdown partial — Windsurf install |
+| `README.md` (only the section between `<!-- INSTALL_SNIPPETS_START -->` and `<!-- INSTALL_SNIPPETS_END -->`) | Top-level install section, in-place rewritten by the generator |
+
+If your editor pops up a diff in any of these files and you didn't change `src/configs/source.json`, the diff is wrong. Discard it.
+
+## How to change a distribution config
+
+```bash
+# 1. Edit the source
+$EDITOR src/configs/source.json
+
+# 2. Regenerate everything
+npm run generate:configs
+
+# 3. Verify nothing else drifted
+npm run verify:configs
+
+# 4. Commit BOTH the source change AND every regenerated file
+git add src/configs/source.json docs/ smithery.yaml server.json README.md
+git commit -m "..."
+```
+
+If you forget step 2 and push only the source change, **CI will fail on the drift check** before the PR can merge. This is intentional — mechanical enforcement is the whole point.
+
+## CI and the optional pre-push hook
+
+There are two layers of drift detection — they catch the same problem at different points and you should not skip either.
+
+### Layer 1: GitHub Actions (mandatory)
+
+Every PR runs [`.github/workflows/verify-configs.yml`](.github/workflows/verify-configs.yml), which executes `node scripts/generate-configs.mjs --check`. The job fails the build if any of the 15 generated artifacts (or the README install block) does not match what would be re-emitted from `src/configs/source.json`. **The job is required for merge into `main`.** This is the authoritative gate — it works for forks, blocks PRs, can't be bypassed by `--no-verify`, and protects you from your own typos.
+
+### Layer 2: Local pre-push hook (recommended, opt-in)
+
+Faster feedback (~50 ms vs ~30-60 s for CI). Catches the drift before the commit even hits GitHub. Install once per clone:
+
+```bash
+npm run install-hooks
+```
+
+This writes `.git/hooks/pre-push` (per-clone, not committed) that runs `npm run verify:configs` before every push. If it fails, your push is aborted and you get the same `✗ Drift detected: ...` message you would have seen in CI — just locally and 1000× faster.
+
+If you ever need to bypass it for a one-off (e.g., pushing a temporary branch you don't care about), use `git push --no-verify`. **Do not bypass for branches that target `main`** — CI will reject them anyway.
+
+We deliberately avoid `husky` and `pre-commit` — those would add a dependency and force the hook on everyone, including casual contributors who just want to fix a typo. The opt-in script is one command and zero deps.
+
+## How `npm run generate:configs` works
+
+`scripts/generate-configs.mjs` reads `src/configs/source.json` and emits 15 artifacts:
+
+1. **9 distribution configs** in `docs/configs/`, plus `smithery.yaml` and `server.json` at the repo root.
+2. **5 Markdown partials** in `docs/snippets/` — these are the same install snippets, formatted for inclusion in any Markdown context (README, mnemoverse-docs site pages, llms.txt, etc.).
+3. **1 in-place rewrite** of the install section in `README.md`, between the `<!-- INSTALL_SNIPPETS_START -->` and `<!-- INSTALL_SNIPPETS_END -->` HTML comment markers. The rest of the README is human-prose and is left untouched.
+
+The generator is **idempotent**: running it twice in a row produces zero changes the second time. CI relies on this property — it runs the generator with `--check`, which verifies every output matches what is committed and fails the build otherwise.
+
+## How to add a new distribution channel
+
+1. Add a new generator function in `scripts/generate-configs.mjs` that produces the channel's config from the data already in `source.json` (do NOT introduce a parallel data source — extend `source.json` instead if you need new fields).
+2. Add the new artifact to the `OUTPUTS` array.
+3. If the channel needs a Markdown install snippet, also add a `snippet*()` helper and a `docs/snippets/{channel}.md` entry. If the snippet should also appear in README, append it to `readmeInstallBlock()`.
+4. Update this `CONTRIBUTING.md` table above with the new file.
+5. Run `npm run generate:configs && npm run verify:configs`. Both must succeed.
+6. Commit everything together — the source change, the new generator function, the new generated files, and the updated `CONTRIBUTING.md`.
+
+## Things you must not do
+
+- ❌ **Edit a generated file directly.** Even a one-character fix will be reverted on the next `generate:configs` and CI will fail in the meantime.
+- ❌ **Bypass the drift check.** Do not pass `--no-verify` or skip CI. The check exists because we got bitten by 8 copies of the same install snippet drifting in different directions.
+- ❌ **Hard-code distribution metadata in `src/index.ts`.** The MCP server source code only knows about tools, transport, and the API URL. Channel-specific stuff lives in `source.json`.
+- ❌ **Create a parallel "config" file alongside `source.json`.** If `source.json` is missing a field you need, add it to `source.json` and update the generator. One source.
+
+## Versioning and releases
+
+`package.json#version` → `src/index.ts#version` (server name reported to MCP clients) → `server.json#version` (Official MCP Registry).
+
+These are bumped manually in the first two files and propagated by the generator to the third. If they drift, the drift check on `server.json` catches it on every PR.
+
+### Automated release pipeline
+
+Releases are automated by [`.github/workflows/release.yml`](.github/workflows/release.yml). You bump the version on `main`, push a semver tag, and the workflow does the rest: npm publish, MCP Registry publish (via GitHub OIDC — no stored PAT), GitHub release.
+
+The workflow is triggered by any tag matching `v*` pushed to the repo. To release:
+
+```bash
+# 1. Bump version in package.json
+$EDITOR package.json
+
+# 2. Match it in src/index.ts (search for version: "...")
+$EDITOR src/index.ts
+
+# 3. Regenerate (this updates server.json to match)
+npm run generate:configs
+
+# 4. Build and run any local checks you want before tagging
+npm run build
+npm run verify:configs
+
+# 5. PR + squash-merge to main (drift CI runs on the PR)
+git checkout -b release/vX.Y.Z
+git add -A && git commit -m "release: vX.Y.Z"
+git push -u origin release/vX.Y.Z
+gh pr create --fill && gh pr merge --squash --delete-branch
+git checkout main && git pull --ff-only
+
+# 6. Tag main and push the tag
+git tag -a vX.Y.Z -m "vX.Y.Z"
+git push origin vX.Y.Z
+```
+
+That push fires [`.github/workflows/release.yml`](.github/workflows/release.yml), which:
+
+1. Verifies the tag matches `package.json#version` (belt and suspenders).
+2. Runs `npm ci && npm run build` (which also runs `generate:configs` via `prebuild`).
+3. Runs `npm run verify:configs` for drift.
+4. `npm publish` using the `NPM_TOKEN` secret.
+5. Installs `mcp-publisher` from its Linux amd64 release bottle.
+6. Authenticates to the Registry via `mcp-publisher login github-oidc` — this uses GitHub Actions' OIDC identity token. **No long-lived PAT is stored anywhere.** The prerequisite is that the authenticating GitHub account's membership in the `mnemoverse` org be **public** (already the case for `izgorodin`).
+7. `mcp-publisher publish` uploads the freshly-generated `server.json`.
+8. Verifies the registry entry via a direct curl against the public API.
+9. Creates a GitHub release with auto-generated notes.
+
+If any step fails, the release is aborted — nothing partial gets published. You can re-push the same tag after fixing the issue.
+
+### One-time setup for the workflow
+
+A single secret must be added at [Settings → Secrets → Actions](https://github.com/mnemoverse/mcp-memory-server/settings/secrets/actions):
+
+| Secret | How to get it |
+| ------ | ------------- |
+| `NPM_TOKEN` | [npmjs.com → Settings → Access Tokens → Generate New Token](https://www.npmjs.com/settings/mnemoverse/tokens/granular-access-tokens/new) → **Automation** token, scope: publish to `@mnemoverse/mcp-memory-server`. |
+
+Nothing else. GitHub OIDC provides the MCP Registry credential at run time, so we do not store an `MCP_GITHUB_TOKEN` secret at all.
+
+### Manual trigger
+
+If you need to re-run the pipeline for a tag that was already pushed (e.g. the workflow was added after the tag), use `workflow_dispatch`:
+
+```bash
+gh workflow run release.yml -f tag=v0.3.1
+```
+
+Or click **Run workflow** on the Actions tab and enter the tag.
+
+## Testing changes locally
+
+The fastest feedback loop is:
+
+```bash
+# Build
+npm run build
+
+# Pack into an installable tarball
+npm pack
+
+# Smoke test in an isolated dir
+mkdir /tmp/mcp-smoke && cd /tmp/mcp-smoke
+npm init -y >/dev/null
+npm install /path/to/mcp-memory-server/mnemoverse-mcp-memory-server-X.Y.Z.tgz
+MNEMOVERSE_API_KEY=mk_test_fake ./node_modules/.bin/mcp-memory-server
+# → should print "Error: MNEMOVERSE_API_KEY environment variable is required" if unset, or start a stdio MCP server if set
+```
+
+For end-to-end testing against the live API, set a real `mk_live_*` key and pipe a few JSON-RPC messages on stdin (`initialize`, `notifications/initialized`, `tools/call`).
+
+## Who to ask
+
+- For the design rationale behind single-source-of-truth: see [PR #6](https://github.com/mnemoverse/mcp-memory-server/pull/6).
+- For the README rewriter design: see [PR #11](https://github.com/mnemoverse/mcp-memory-server/pull/11).
+- For everything else, open an issue.

package/README.md

@@ -1,8 +1,13 @@
 # @mnemoverse/mcp-memory-server
 
-Persistent AI memory for Claude Code, Cursor, VS Code, and any MCP client.
+[![npm version](https://img.shields.io/npm/v/@mnemoverse/mcp-memory-server.svg?color=cb3837&label=npm)](https://www.npmjs.com/package/@mnemoverse/mcp-memory-server)
+[![npm downloads](https://img.shields.io/npm/dm/@mnemoverse/mcp-memory-server.svg?color=blue&label=downloads)](https://www.npmjs.com/package/@mnemoverse/mcp-memory-server)
+[![MCP Registry](https://img.shields.io/badge/MCP_Registry-listed-0ea5e9)](https://registry.modelcontextprotocol.io/v0.1/servers?search=mnemoverse)
+[![License: MIT](https://img.shields.io/badge/License-MIT-green.svg)](https://opensource.org/licenses/MIT)
 
-Your agent remembers everything — across sessions, projects, and tools. One memory, everywhere.
+Shared AI memory across Claude, Cursor, VS Code, ChatGPT, and any MCP client. Write once, recall anywhere.
+
+Your agent remembers everything — across sessions, projects, and tools. One API key, one memory, everywhere.
 
 ## Quick Start
 
@@ -12,10 +17,14 @@ Sign up at [console.mnemoverse.com](https://console.mnemoverse.com) — takes 30
 
 ### 2. Connect to your AI tool
 
-**Claude Code:**
+<!-- INSTALL_SNIPPETS_START — generated from src/configs/source.json. Run `npm run generate:configs` to refresh. Do not edit by hand. -->
+
+**Claude Code** — add via CLI:
 
 ```bash
-claude mcp add mnemoverse -e MNEMOVERSE_API_KEY=mk_live_YOUR_KEY -- npx @mnemoverse/mcp-memory-server
+claude mcp add mnemoverse \
+  -e MNEMOVERSE_API_KEY=mk_live_YOUR_KEY \
+  -- npx -y @mnemoverse/mcp-memory-server@latest
 ```
 
 **Cursor** — add to `.cursor/mcp.json`:
@@ -25,7 +34,10 @@ claude mcp add mnemoverse -e MNEMOVERSE_API_KEY=mk_live_YOUR_KEY -- npx @mnemove
   "mcpServers": {
     "mnemoverse": {
       "command": "npx",
-      "args": ["@mnemoverse/mcp-memory-server"],
+      "args": [
+        "-y",
+        "@mnemoverse/mcp-memory-server@latest"
+      ],
       "env": {
         "MNEMOVERSE_API_KEY": "mk_live_YOUR_KEY"
       }
@@ -34,18 +46,20 @@ claude mcp add mnemoverse -e MNEMOVERSE_API_KEY=mk_live_YOUR_KEY -- npx @mnemove
 }
 ```
 
-**VS Code** — add to settings.json:
+**VS Code** — add to `.vscode/mcp.json` (note: VS Code uses `servers`, not `mcpServers`):
 
 ```json
 {
-  "mcp": {
-    "servers": {
-      "mnemoverse": {
-        "command": "npx",
-        "args": ["@mnemoverse/mcp-memory-server"],
-        "env": {
-          "MNEMOVERSE_API_KEY": "mk_live_YOUR_KEY"
-        }
+  "servers": {
+    "mnemoverse": {
+      "type": "stdio",
+      "command": "npx",
+      "args": [
+        "-y",
+        "@mnemoverse/mcp-memory-server@latest"
+      ],
+      "env": {
+        "MNEMOVERSE_API_KEY": "mk_live_YOUR_KEY"
       }
     }
   }
@@ -59,7 +73,10 @@ claude mcp add mnemoverse -e MNEMOVERSE_API_KEY=mk_live_YOUR_KEY -- npx @mnemove
   "mcpServers": {
     "mnemoverse": {
       "command": "npx",
-      "args": ["@mnemoverse/mcp-memory-server"],
+      "args": [
+        "-y",
+        "@mnemoverse/mcp-memory-server@latest"
+      ],
       "env": {
         "MNEMOVERSE_API_KEY": "mk_live_YOUR_KEY"
       }
@@ -68,17 +85,27 @@ claude mcp add mnemoverse -e MNEMOVERSE_API_KEY=mk_live_YOUR_KEY -- npx @mnemove
 }
 ```
 
-### 3. Done
+> Why `@latest`? Bare `npx @mnemoverse/mcp-memory-server` is cached indefinitely by npm and stops re-checking the registry. The `@latest` suffix forces a metadata lookup on every Claude Code / Cursor / VS Code session start (~100-300ms), so you always pick up new releases.
+
+<!-- INSTALL_SNIPPETS_END -->
+
+> ⚠️ **Restart your AI client** after editing the config. MCP servers are only picked up on client startup.
+
+### 3. Try it — 30 seconds to verify it works
+
+Paste this in your AI chat:
+
+> **"Remember that my favourite TypeScript framework is Hono, and please call `memory_write` to save it."**
 
-Your AI now has persistent memory. Try:
+Your agent should call `memory_write` and confirm the memory was stored.
 
-> "Remember that I prefer Railway for deployments"
+Then open a **new chat / new session** (this is the whole point — memory survives restarts), and ask:
 
-Then in a new session:
+> **"What's my favourite TypeScript framework?"**
 
-> "Where should I deploy this?"
+Your agent should call `memory_read`, find the entry, and answer "Hono". If it does — you're wired up. Write whatever you want next.
 
-It remembers.
+If it doesn't remember: check that the client was fully restarted and the config has your real `mk_live_...` key, not the placeholder.
 
 ## Tools
 
@@ -88,6 +115,8 @@ It remembers.
 | `memory_read` | Search memories by natural language query |
 | `memory_feedback` | Rate memories as helpful or not (improves future recall) |
 | `memory_stats` | Check how many memories stored, which domains exist |
+| `memory_delete` | Permanently delete a single memory by `atom_id` |
+| `memory_delete_domain` | Wipe an entire domain (requires `confirm: true` safety interlock) |
 
 ## Ideas: What to Remember