@prmichaelsen/remember-mcp 3.14.10 → 3.14.12

package/dist/server.js

@@ -3815,118 +3815,6 @@ async function handleCreateMemory(args, userId, authContext, context) {
 
 // src/tools/search-memory.ts
 init_logger();
-
-// src/utils/weaviate-filters.ts
-import { Filters as Filters6 } from "weaviate-client";
-function buildCombinedSearchFilters2(collection, filters) {
-  const memoryFilters = buildDocTypeFilters2(collection, "memory", filters);
-  const relationshipFilters = buildDocTypeFilters2(collection, "relationship", filters);
-  const validFilters = [memoryFilters, relationshipFilters].filter((f) => f !== void 0 && f !== null);
-  if (validFilters.length === 0) {
-    return void 0;
-  } else if (validFilters.length === 1) {
-    return validFilters[0];
-  } else {
-    return combineFiltersWithOr2(validFilters);
-  }
-}
-function buildDocTypeFilters2(collection, docType, filters) {
-  const filterList = [];
-  filterList.push(
-    collection.filter.byProperty("doc_type").equal(docType)
-  );
-  if (docType === "memory" && filters?.types && filters.types.length > 0) {
-    if (filters.types.length === 1) {
-      filterList.push(
-        collection.filter.byProperty("content_type").equal(filters.types[0])
-      );
-    } else {
-      filterList.push(
-        collection.filter.byProperty("content_type").containsAny(filters.types)
-      );
-    }
-  }
-  if (filters?.weight_min !== void 0) {
-    filterList.push(
-      collection.filter.byProperty("weight").greaterThanOrEqual(filters.weight_min)
-    );
-  }
-  if (filters?.weight_max !== void 0) {
-    filterList.push(
-      collection.filter.byProperty("weight").lessThanOrEqual(filters.weight_max)
-    );
-  }
-  if (filters?.trust_min !== void 0) {
-    filterList.push(
-      collection.filter.byProperty("trust_score").greaterThanOrEqual(filters.trust_min)
-    );
-  }
-  if (filters?.trust_max !== void 0) {
-    filterList.push(
-      collection.filter.byProperty("trust_score").lessThanOrEqual(filters.trust_max)
-    );
-  }
-  if (filters?.date_from) {
-    filterList.push(
-      collection.filter.byProperty("created_at").greaterThanOrEqual(new Date(filters.date_from))
-    );
-  }
-  if (filters?.date_to) {
-    filterList.push(
-      collection.filter.byProperty("created_at").lessThanOrEqual(new Date(filters.date_to))
-    );
-  }
-  if (filters?.tags && filters.tags.length > 0) {
-    if (filters.tags.length === 1) {
-      filterList.push(
-        collection.filter.byProperty("tags").containsAny([filters.tags[0]])
-      );
-    } else {
-      filterList.push(
-        collection.filter.byProperty("tags").containsAny(filters.tags)
-      );
-    }
-  }
-  return combineFiltersWithAnd2(filterList);
-}
-function buildMemoryOnlyFilters2(collection, filters) {
-  return buildDocTypeFilters2(collection, "memory", filters);
-}
-function combineFiltersWithAnd2(filters) {
-  const validFilters = filters.filter((f) => f !== void 0 && f !== null);
-  if (validFilters.length === 0) {
-    return void 0;
-  }
-  if (validFilters.length === 1) {
-    return validFilters[0];
-  }
-  return Filters6.and(...validFilters);
-}
-function combineFiltersWithOr2(filters) {
-  const validFilters = filters.filter((f) => f !== void 0 && f !== null);
-  if (validFilters.length === 0) {
-    return void 0;
-  }
-  if (validFilters.length === 1) {
-    return validFilters[0];
-  }
-  return Filters6.or(...validFilters);
-}
-function buildDeletedFilter2(collection, deletedFilter = "exclude") {
-  if (deletedFilter === "exclude") {
-    return collection.filter.byProperty("deleted_at").isNull(true);
-  } else if (deletedFilter === "only") {
-    return collection.filter.byProperty("deleted_at").isNull(false);
-  }
-  return null;
-}
-
-// src/services/trust-enforcement.ts
-function buildTrustFilter2(collection, accessorTrustLevel) {
-  return collection.filter.byProperty("trust_score").lessThanOrEqual(accessorTrustLevel);
-}
-
-// src/tools/search-memory.ts
 var searchMemoryTool = {
   name: "remember_search_memory",
   description: `Search memories AND relationships using hybrid semantic and keyword search.
@@ -4057,12 +3945,12 @@ async function handleSearchMemory(args, userId, authContext) {
     const alpha = args.alpha ?? 0.7;
     const limit = args.limit ?? 10;
     const offset = args.offset ?? 0;
-    const deletedFilter = buildDeletedFilter2(collection, args.deleted_filter || "exclude");
-    const trustFilter = ghostMode ? buildTrustFilter2(collection, ghostMode.accessor_trust_level) : null;
-    const searchFilters = includeRelationships ? buildCombinedSearchFilters2(collection, args.filters) : buildMemoryOnlyFilters2(collection, args.filters);
+    const deletedFilter = buildDeletedFilter(collection, args.deleted_filter || "exclude");
+    const trustFilter = ghostMode ? buildTrustFilter(collection, ghostMode.accessor_trust_level) : null;
+    const searchFilters = includeRelationships ? buildCombinedSearchFilters(collection, args.filters) : buildMemoryOnlyFilters(collection, args.filters);
     const hasExplicitTypeFilter = args.filters?.types && args.filters.types.length > 0;
     const ghostExclusionFilter = !hasExplicitTypeFilter ? collection.filter.byProperty("content_type").notEqual("ghost") : null;
-    const combinedFilters = combineFiltersWithAnd2([deletedFilter, trustFilter, ghostExclusionFilter, searchFilters].filter((f) => f !== null));
+    const combinedFilters = combineFiltersWithAnd([deletedFilter, trustFilter, ghostExclusionFilter, searchFilters].filter((f) => f !== null));
     const searchOptions = {
       alpha,
       limit: limit + offset
@@ -4524,12 +4412,12 @@ async function handleQueryMemory(args, userId, authContext) {
     const minRelevance = args.min_relevance ?? 0.6;
     const includeContext = args.include_context ?? true;
     const format = args.format ?? "detailed";
-    const deletedFilter = buildDeletedFilter2(collection, args.deleted_filter || "exclude");
-    const trustFilter = ghostMode ? buildTrustFilter2(collection, ghostMode.accessor_trust_level) : null;
-    const searchFilters = buildCombinedSearchFilters2(collection, args.filters);
+    const deletedFilter = buildDeletedFilter(collection, args.deleted_filter || "exclude");
+    const trustFilter = ghostMode ? buildTrustFilter(collection, ghostMode.accessor_trust_level) : null;
+    const searchFilters = buildCombinedSearchFilters(collection, args.filters);
     const hasExplicitTypeFilter = args.filters?.types && args.filters.types.length > 0;
     const ghostExclusionFilter = !hasExplicitTypeFilter ? collection.filter.byProperty("content_type").notEqual("ghost") : null;
-    const combinedFilters = combineFiltersWithAnd2([deletedFilter, trustFilter, ghostExclusionFilter, searchFilters].filter((f) => f !== null));
+    const combinedFilters = combineFiltersWithAnd([deletedFilter, trustFilter, ghostExclusionFilter, searchFilters].filter((f) => f !== null));
     const searchOptions = {
       limit,
       distance: 1 - minRelevance,
@@ -5641,7 +5529,7 @@ async function handleDeny(args, userId, authContext) {
 }
 
 // src/tools/search-space.ts
-import { Filters as Filters7 } from "weaviate-client";
+import { Filters as Filters6 } from "weaviate-client";
 var searchSpaceTool = {
   name: "remember_search_space",
   description: `Search shared spaces and/or groups to discover memories from other users.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@prmichaelsen/remember-mcp",
-  "version": "3.14.10",
+  "version": "3.14.12",
   "description": "Multi-tenant memory system MCP server with vector search and relationships",
   "main": "dist/server.js",
   "type": "module",
@@ -50,8 +50,7 @@
     "@modelcontextprotocol/sdk": "^1.0.4",
     "@prmichaelsen/firebase-admin-sdk-v8": "^2.2.0",
     "@prmichaelsen/mcp-auth": "^7.0.4",
-    "@prmichaelsen/remember-core": "^0.22.3",
-    "@prmichaelsen/remember-mcp": "^2.7.3",
+    "@prmichaelsen/remember-core": "^0.22.5",
     "dotenv": "^16.4.5",
     "uuid": "^13.0.0",
     "weaviate-client": "^3.2.0"

package/src/services/access-control.ts

@@ -16,7 +16,7 @@ import type { Memory } from '../types/memory.js';
 import type { AccessResult } from '../types/access-result.js';
 import type { GhostConfig } from '../types/ghost-config.js';
 import { DEFAULT_GHOST_CONFIG } from '../types/ghost-config.js';
-import { isTrustSufficient } from './trust-enforcement.js';
+import { isTrustSufficient } from '@prmichaelsen/remember-core';
 
 // ─── Types ─────────────────────────────────────────────────────────────────
 

package/src/tools/query-memory.ts

@@ -7,8 +7,7 @@ import type { Memory, SearchFilters, DeletedFilter } from '../types/memory.js';
 import { getMemoryCollection } from '../weaviate/schema.js';
 import { logger } from '../utils/logger.js';
 import { handleToolError } from '../utils/error-handler.js';
-import { buildCombinedSearchFilters, buildDeletedFilter, combineFiltersWithAnd } from '../utils/weaviate-filters.js';
-import { buildTrustFilter } from '../services/trust-enforcement.js';
+import { buildCombinedSearchFilters, buildDeletedFilter, combineFiltersWithAnd, buildTrustFilter } from '@prmichaelsen/remember-core';
 import { createDebugLogger } from '../utils/debug.js';
 import type { AuthContext } from '../types/auth.js';
 

package/src/tools/search-memory.ts

@@ -7,8 +7,7 @@ import type { Memory, Relationship, SearchOptions, SearchResult, SearchFilters }
 import { getMemoryCollection } from '../weaviate/schema.js';
 import { logger } from '../utils/logger.js';
 import { handleToolError } from '../utils/error-handler.js';
-import { buildCombinedSearchFilters, buildMemoryOnlyFilters, buildDeletedFilter, combineFiltersWithAnd } from '../utils/weaviate-filters.js';
-import { buildTrustFilter } from '../services/trust-enforcement.js';
+import { buildCombinedSearchFilters, buildMemoryOnlyFilters, buildDeletedFilter, combineFiltersWithAnd, buildTrustFilter } from '@prmichaelsen/remember-core';
 import { createDebugLogger } from '../utils/debug.js';
 import type { AuthContext } from '../types/auth.js';
 

package/dist/services/trust-enforcement.d.ts

@@ -1,83 +0,0 @@
-/**
- * Trust enforcement service — 3 configurable modes for cross-user memory access.
- *
- * - query mode (default): memories above trust threshold never returned from Weaviate
- * - prompt mode: all memories returned, formatted/redacted by trust level
- * - hybrid mode: query filter for trust 0.0, prompt filter for rest
- *
- * See agent/design/local.ghost-persona-system.md
- */
-import type { Memory } from '../types/memory.js';
-import type { TrustEnforcementMode } from '../types/ghost-config.js';
-/** Trust level thresholds mapping continuous 0-1 values to discrete behavior tiers */
-export declare const TRUST_THRESHOLDS: {
-    readonly FULL_ACCESS: 1;
-    readonly PARTIAL_ACCESS: 0.75;
-    readonly SUMMARY_ONLY: 0.5;
-    readonly METADATA_ONLY: 0.25;
-    readonly EXISTENCE_ONLY: 0;
-};
-/**
- * Build a Weaviate filter that restricts memories by trust score.
- * Only returns memories where trust_score <= accessorTrustLevel.
- *
- * Trust 1.0 memories require accessor trust >= 1.0 to even appear in results.
- * When they do appear, formatMemoryForPrompt caps output to existence-only.
- *
- * @param collection - Weaviate collection instance
- * @param accessorTrustLevel - The accessor's trust level (0-1)
- * @returns Weaviate filter object
- */
-export declare function buildTrustFilter(collection: any, accessorTrustLevel: number): any;
-/**
- * Formatted memory representation for prompt-level enforcement.
- * Content is redacted/formatted based on trust level.
- */
-export interface FormattedMemory {
-    memory_id: string;
-    trust_tier: string;
-    content: string;
-}
-/**
- * Format a memory for inclusion in an LLM prompt, redacted by trust level.
- *
- * Trust tiers:
- * - 1.0  Full Access:    full content, all details
- * - 0.75 Partial Access: content with sensitive fields redacted
- * - 0.5  Summary Only:   title + summary, no content
- * - 0.25 Metadata Only:  type, date, tags — no content or summary
- * - 0.0  Existence Only: "A memory exists about this topic"
- *
- * Trust 1.0 memories are always existence-only for cross-users, regardless of
- * accessor trust level. Use `isSelfAccess = true` to bypass for owner access.
- *
- * @param memory - The memory to format
- * @param accessorTrustLevel - The accessor's trust level (0-1)
- * @param isSelfAccess - True if the accessor is the memory owner (bypasses trust 1.0 cap)
- * @returns Formatted memory for prompt inclusion
- */
-export declare function formatMemoryForPrompt(memory: Memory, accessorTrustLevel: number, isSelfAccess?: boolean): FormattedMemory;
-/**
- * Get a human-readable label for a trust level.
- */
-export declare function getTrustLevelLabel(trust: number): string;
-/**
- * Get LLM instruction text describing what to reveal at a given trust level.
- */
-export declare function getTrustInstructions(trust: number): string;
-/**
- * Redact sensitive fields from a memory for partial access.
- * Returns a copy with location, context, and references cleared.
- */
-export declare function redactSensitiveFields(memory: Memory, _trust: number): Memory;
-/**
- * Check whether an accessor's trust level is sufficient for a memory.
- * Access is granted when accessorTrust >= memoryTrust.
- */
-export declare function isTrustSufficient(memoryTrust: number, accessorTrust: number): boolean;
-/**
- * Determine the enforcement mode to use.
- * Convenience function that returns the mode from GhostConfig or falls back to 'query'.
- */
-export declare function resolveEnforcementMode(mode?: TrustEnforcementMode): TrustEnforcementMode;
-//# sourceMappingURL=trust-enforcement.d.ts.map

package/dist/services/trust-enforcement.spec.d.ts

@@ -1,2 +0,0 @@
-export {};
-//# sourceMappingURL=trust-enforcement.spec.d.ts.map

package/dist/utils/weaviate-filters.d.ts

@@ -1,56 +0,0 @@
-/**
- * Weaviate v3 Filter Builder Utilities
- *
- * Provides helper functions to build Weaviate v3 filters using the fluent API.
- * Replaces old v2 filter format (path/operator/valueText) with v3 collection.filter.byProperty()
- */
-import type { SearchFilters } from '../types/memory.js';
-/**
- * Deleted filter options
- */
-export type DeletedFilter = 'exclude' | 'include' | 'only';
-/**
- * Build filters for searching both memories and relationships
- * Uses OR logic: (doc_type=memory AND memory_filters) OR (doc_type=relationship AND relationship_filters)
- *
- * @param collection - Weaviate collection instance
- * @param filters - Optional search filters
- * @returns Combined filter or undefined if no filters
- */
-export declare function buildCombinedSearchFilters(collection: any, filters?: SearchFilters): any;
-/**
- * Build filters for memory-only search (backward compatibility)
- *
- * @param collection - Weaviate collection instance
- * @param filters - Optional search filters
- * @returns Combined filter or undefined if no filters
- */
-export declare function buildMemoryOnlyFilters(collection: any, filters?: SearchFilters): any;
-/**
- * Build filters specifically for relationship-only search
- *
- * @param collection - Weaviate collection instance
- * @param filters - Optional search filters
- * @returns Combined filter or undefined if no filters
- */
-export declare function buildRelationshipOnlyFilters(collection: any, filters?: SearchFilters): any;
-/**
- * Combine multiple filters with AND logic
- *
- * @param filters - Array of filter objects
- * @returns Combined filter or undefined
- */
-export declare function combineFiltersWithAnd(filters: any[]): any;
-/**
- * Helper to check if a filter result is empty
- */
-export declare function hasFilters(filter: any): boolean;
-/**
- * Build filter for deleted_at field based on deleted_filter parameter
- *
- * @param collection - Weaviate collection instance
- * @param deletedFilter - Filter mode: 'exclude' (default), 'include', or 'only'
- * @returns Filter for deleted_at field, or null if no filter needed
- */
-export declare function buildDeletedFilter(collection: any, deletedFilter?: DeletedFilter): any | null;
-//# sourceMappingURL=weaviate-filters.d.ts.map

package/dist/utils/weaviate-filters.spec.d.ts

@@ -1,8 +0,0 @@
-/**
- * Unit tests for Weaviate v3 filter builders
- *
- * Note: These tests verify filter builder logic, not exact Weaviate filter structure.
- * The actual Filters.and() and Filters.or() methods return Weaviate internal objects.
- */
-export {};
-//# sourceMappingURL=weaviate-filters.spec.d.ts.map

package/src/services/trust-enforcement.spec.ts

@@ -1,309 +0,0 @@
-import {
-  buildTrustFilter,
-  formatMemoryForPrompt,
-  getTrustLevelLabel,
-  getTrustInstructions,
-  redactSensitiveFields,
-  isTrustSufficient,
-  resolveEnforcementMode,
-  TRUST_THRESHOLDS,
-} from './trust-enforcement.js';
-import type { Memory } from '../types/memory.js';
-
-// ─── Test Fixtures ─────────────────────────────────────────────────────────
-
-const mockMemory: Memory = {
-  id: 'mem-1',
-  user_id: 'user-owner',
-  doc_type: 'memory',
-  content: 'My private journal entry about my feelings.',
-  title: 'Journal Entry: Feb 2026',
-  summary: 'Reflections on the month of February.',
-  type: 'journal',
-  weight: 0.5,
-  trust: 0.75,
-  location: {
-    gps: { latitude: 37.7749, longitude: -122.4194, timestamp: '2026-01-01T00:00:00Z' },
-    address: { formatted: '123 Main St, San Francisco, CA' },
-    source: 'gps',
-    confidence: 0.9,
-    is_approximate: false,
-  },
-  context: {
-    timestamp: '2026-02-15T10:00:00Z',
-    source: { type: 'manual' },
-    participants: [{ user_id: 'user-owner', role: 'user' }],
-    environment: { device: 'laptop' },
-    notes: 'Written during morning coffee',
-  },
-  relationships: ['rel-1'],
-  access_count: 5,
-  last_accessed_at: '2026-02-20T08:00:00Z',
-  created_at: '2026-02-15T10:00:00Z',
-  updated_at: '2026-02-20T08:00:00Z',
-  version: 2,
-  tags: ['personal', 'reflection'],
-  references: ['https://private-blog.example.com/entry-1'],
-  base_weight: 0.5,
-};
-
-// Mock Weaviate collection
-function createMockCollection() {
-  const filterResult = { lessThanOrEqual: jest.fn().mockReturnValue('trust_filter') };
-  return {
-    filter: {
-      byProperty: jest.fn().mockReturnValue(filterResult),
-    },
-    _filterResult: filterResult,
-  };
-}
-
-// ─── buildTrustFilter ──────────────────────────────────────────────────────
-
-describe('buildTrustFilter', () => {
-  it('creates a filter for trust_score <= accessorTrustLevel', () => {
-    const collection = createMockCollection();
-    const result = buildTrustFilter(collection, 0.5);
-    expect(collection.filter.byProperty).toHaveBeenCalledWith('trust_score');
-    expect(collection._filterResult.lessThanOrEqual).toHaveBeenCalledWith(0.5);
-    expect(result).toBe('trust_filter');
-  });
-
-  it('works with trust level 0', () => {
-    const collection = createMockCollection();
-    buildTrustFilter(collection, 0);
-    expect(collection._filterResult.lessThanOrEqual).toHaveBeenCalledWith(0);
-  });
-
-  it('works with trust level 1 (includes trust 1.0 memories for acknowledgment)', () => {
-    const collection = createMockCollection();
-    buildTrustFilter(collection, 1.0);
-    expect(collection._filterResult.lessThanOrEqual).toHaveBeenCalledWith(1.0);
-  });
-});
-
-// ─── formatMemoryForPrompt ─────────────────────────────────────────────────
-
-describe('formatMemoryForPrompt', () => {
-  it('returns full content at trust 1.0', () => {
-    const result = formatMemoryForPrompt(mockMemory, 1.0);
-    expect(result.trust_tier).toBe('Full Access');
-    expect(result.content).toContain(mockMemory.content);
-    expect(result.content).toContain(mockMemory.title!);
-    expect(result.content).toContain(mockMemory.summary!);
-    expect(result.content).toContain('personal, reflection');
-    expect(result.content).toContain(mockMemory.created_at);
-    expect(result.memory_id).toBe('mem-1');
-  });
-
-  it('returns redacted content at trust 0.75', () => {
-    const result = formatMemoryForPrompt(mockMemory, 0.75);
-    expect(result.trust_tier).toBe('Partial Access');
-    expect(result.content).toContain(mockMemory.content);
-    expect(result.content).toContain('personal, reflection');
-    // Should not contain full summary (only in full access)
-    expect(result.content).not.toContain(mockMemory.summary!);
-  });
-
-  it('returns summary only at trust 0.5', () => {
-    const result = formatMemoryForPrompt(mockMemory, 0.5);
-    expect(result.trust_tier).toBe('Summary Only');
-    expect(result.content).toContain(mockMemory.title!);
-    expect(result.content).toContain(mockMemory.summary!);
-    expect(result.content).not.toContain(mockMemory.content);
-  });
-
-  it('returns (No summary available) when summary missing at trust 0.5', () => {
-    const noSummary = { ...mockMemory, summary: undefined };
-    const result = formatMemoryForPrompt(noSummary, 0.5);
-    expect(result.content).toContain('(No summary available)');
-  });
-
-  it('returns metadata only at trust 0.25', () => {
-    const result = formatMemoryForPrompt(mockMemory, 0.25);
-    expect(result.trust_tier).toBe('Metadata Only');
-    expect(result.content).toContain('[journal]');
-    expect(result.content).toContain('personal, reflection');
-    expect(result.content).not.toContain(mockMemory.content);
-    expect(result.content).not.toContain(mockMemory.summary!);
-  });
-
-  it('returns existence only at trust 0', () => {
-    const result = formatMemoryForPrompt(mockMemory, 0);
-    expect(result.trust_tier).toBe('Existence Only');
-    expect(result.content).toBe('A memory exists about this topic.');
-    expect(result.content).not.toContain(mockMemory.content);
-    expect(result.content).not.toContain(mockMemory.title!);
-  });
-
-  it('handles memory without title gracefully', () => {
-    const noTitle = { ...mockMemory, title: undefined };
-    const result = formatMemoryForPrompt(noTitle, 1.0);
-    expect(result.content).toContain('Untitled');
-  });
-
-  it('handles memory with empty tags', () => {
-    const noTags = { ...mockMemory, tags: [] };
-    const result = formatMemoryForPrompt(noTags, 1.0);
-    expect(result.content).not.toContain('Tags:');
-  });
-
-  describe('trust 1.0 memories (existence-only for cross-users)', () => {
-    const trust1Memory = { ...mockMemory, trust: 1.0 };
-
-    it('returns existence-only for cross-user even at accessor trust 1.0', () => {
-      const result = formatMemoryForPrompt(trust1Memory, 1.0);
-      expect(result.trust_tier).toBe('Existence Only');
-      expect(result.content).toBe('A memory exists about this topic.');
-    });
-
-    it('returns existence-only for cross-user at any trust level', () => {
-      for (const trust of [0, 0.25, 0.5, 0.75, 1.0]) {
-        const result = formatMemoryForPrompt(trust1Memory, trust);
-        expect(result.trust_tier).toBe('Existence Only');
-        expect(result.content).not.toContain(trust1Memory.content);
-      }
-    });
-
-    it('returns full content for owner (isSelfAccess = true)', () => {
-      const result = formatMemoryForPrompt(trust1Memory, 1.0, true);
-      expect(result.trust_tier).toBe('Full Access');
-      expect(result.content).toContain(trust1Memory.content);
-    });
-
-    it('does not leak title, summary, or tags for cross-user', () => {
-      const result = formatMemoryForPrompt(trust1Memory, 1.0);
-      expect(result.content).not.toContain(trust1Memory.title!);
-      expect(result.content).not.toContain(trust1Memory.summary!);
-      expect(result.content).not.toContain('personal');
-    });
-  });
-});
-
-// ─── getTrustLevelLabel ────────────────────────────────────────────────────
-
-describe('getTrustLevelLabel', () => {
-  it('returns Full Access at 1.0', () => {
-    expect(getTrustLevelLabel(1.0)).toBe('Full Access');
-  });
-
-  it('returns Partial Access at 0.75', () => {
-    expect(getTrustLevelLabel(0.75)).toBe('Partial Access');
-  });
-
-  it('returns Summary Only at 0.5', () => {
-    expect(getTrustLevelLabel(0.5)).toBe('Summary Only');
-  });
-
-  it('returns Metadata Only at 0.25', () => {
-    expect(getTrustLevelLabel(0.25)).toBe('Metadata Only');
-  });
-
-  it('returns Existence Only at 0', () => {
-    expect(getTrustLevelLabel(0)).toBe('Existence Only');
-  });
-
-  it('maps intermediate values to nearest lower threshold', () => {
-    expect(getTrustLevelLabel(0.9)).toBe('Partial Access');
-    expect(getTrustLevelLabel(0.6)).toBe('Summary Only');
-    expect(getTrustLevelLabel(0.3)).toBe('Metadata Only');
-    expect(getTrustLevelLabel(0.1)).toBe('Existence Only');
-  });
-});
-
-// ─── getTrustInstructions ──────────────────────────────────────────────────
-
-describe('getTrustInstructions', () => {
-  it('returns appropriate instructions for each tier', () => {
-    expect(getTrustInstructions(1.0)).toContain('full access');
-    expect(getTrustInstructions(0.75)).toContain('partial access');
-    expect(getTrustInstructions(0.5)).toContain('summary');
-    expect(getTrustInstructions(0.25)).toContain('metadata');
-    expect(getTrustInstructions(0)).toContain('acknowledge');
-  });
-});
-
-// ─── redactSensitiveFields ─────────────────────────────────────────────────
-
-describe('redactSensitiveFields', () => {
-  it('clears GPS and address from location', () => {
-    const redacted = redactSensitiveFields(mockMemory, 0.75);
-    expect(redacted.location.gps).toBeNull();
-    expect(redacted.location.address).toBeNull();
-    expect(redacted.location.source).toBe('unavailable');
-  });
-
-  it('clears context participants and environment', () => {
-    const redacted = redactSensitiveFields(mockMemory, 0.75);
-    expect(redacted.context.participants).toBeUndefined();
-    expect(redacted.context.environment).toBeUndefined();
-    expect(redacted.context.notes).toBeUndefined();
-  });
-
-  it('clears references', () => {
-    const redacted = redactSensitiveFields(mockMemory, 0.75);
-    expect(redacted.references).toBeUndefined();
-  });
-
-  it('preserves content and tags', () => {
-    const redacted = redactSensitiveFields(mockMemory, 0.75);
-    expect(redacted.content).toBe(mockMemory.content);
-    expect(redacted.tags).toEqual(mockMemory.tags);
-    expect(redacted.title).toBe(mockMemory.title);
-  });
-
-  it('preserves core context fields', () => {
-    const redacted = redactSensitiveFields(mockMemory, 0.75);
-    expect(redacted.context.timestamp).toBe(mockMemory.context.timestamp);
-    expect(redacted.context.source).toEqual(mockMemory.context.source);
-  });
-
-  it('does not mutate original memory', () => {
-    const originalLocation = mockMemory.location.gps;
-    redactSensitiveFields(mockMemory, 0.75);
-    expect(mockMemory.location.gps).toBe(originalLocation);
-  });
-});
-
-// ─── isTrustSufficient ─────────────────────────────────────────────────────
-
-describe('isTrustSufficient', () => {
-  it('returns true when accessor trust >= memory trust', () => {
-    expect(isTrustSufficient(0.5, 0.75)).toBe(true);
-    expect(isTrustSufficient(0.5, 0.5)).toBe(true);
-    expect(isTrustSufficient(0, 0)).toBe(true);
-    expect(isTrustSufficient(1.0, 1.0)).toBe(true);
-  });
-
-  it('returns false when accessor trust < memory trust', () => {
-    expect(isTrustSufficient(0.75, 0.5)).toBe(false);
-    expect(isTrustSufficient(1.0, 0.99)).toBe(false);
-    expect(isTrustSufficient(0.25, 0)).toBe(false);
-  });
-});
-
-// ─── resolveEnforcementMode ────────────────────────────────────────────────
-
-describe('resolveEnforcementMode', () => {
-  it('returns the provided mode', () => {
-    expect(resolveEnforcementMode('query')).toBe('query');
-    expect(resolveEnforcementMode('prompt')).toBe('prompt');
-    expect(resolveEnforcementMode('hybrid')).toBe('hybrid');
-  });
-
-  it('defaults to query when undefined', () => {
-    expect(resolveEnforcementMode(undefined)).toBe('query');
-  });
-});
-
-// ─── TRUST_THRESHOLDS ──────────────────────────────────────────────────────
-
-describe('TRUST_THRESHOLDS', () => {
-  it('has correct values', () => {
-    expect(TRUST_THRESHOLDS.FULL_ACCESS).toBe(1.0);
-    expect(TRUST_THRESHOLDS.PARTIAL_ACCESS).toBe(0.75);
-    expect(TRUST_THRESHOLDS.SUMMARY_ONLY).toBe(0.5);
-    expect(TRUST_THRESHOLDS.METADATA_ONLY).toBe(0.25);
-    expect(TRUST_THRESHOLDS.EXISTENCE_ONLY).toBe(0.0);
-  });
-});