@prmichaelsen/remember-mcp 3.20.1 → 4.0.0

package/dist/server-factory.js

@@ -957,7 +957,7 @@ var createMemoryTool = {
   description: `Create a new memory with optional template.
   
   Memories can store any type of information: notes, events, people, recipes, etc.
-  Each memory has a weight (significance 0-1) and trust level (access control 0-1).
+  Each memory has a weight (significance 0-1). Trust defaults to SECRET (level 5) and can be changed via remember_request_set_trust_level.
   Location and context are automatically captured from the request.
   
   **IMPORTANT - Content vs Summary**:
@@ -994,12 +994,6 @@ var createMemoryTool = {
         minimum: 0,
         maximum: 1
       },
-      trust: {
-        type: "number",
-        description: "Access control level (0-1, default: 0.25)",
-        minimum: 0,
-        maximum: 1
-      },
       tags: {
         type: "array",
         items: { type: "string" },
@@ -1095,7 +1089,6 @@ async function handleCreateMemory(args, userId, authContext, context) {
       title: args.title,
       type: args.type,
       weight: args.weight,
-      trust: args.trust,
       tags: args.tags,
       references: args.references,
       template_id: args.template_id,
@@ -1216,8 +1209,10 @@ var searchMemoryTool = {
             description: "Minimum weight (0-1)"
           },
           trust_min: {
-            type: "number",
-            description: "Minimum trust level (0-1)"
+            type: "integer",
+            description: "Minimum trust level (1-5: 1=PUBLIC, 2=INTERNAL, 3=CONFIDENTIAL, 4=RESTRICTED, 5=SECRET)",
+            minimum: 1,
+            maximum: 5
           },
           date_from: {
             type: "string",
@@ -1452,12 +1447,6 @@ var updateMemoryTool = {
         minimum: 0,
         maximum: 1
       },
-      trust: {
-        type: "number",
-        description: "Updated access control level (0-1)",
-        minimum: 0,
-        maximum: 1
-      },
       tags: {
         type: "array",
         items: { type: "string" },
@@ -1548,7 +1537,6 @@ async function handleUpdateMemory(args, userId, authContext) {
       title: args.title,
       type: args.type,
       weight: args.weight,
-      trust: args.trust,
       tags: args.tags,
       references: args.references,
       parent_id: args.parent_id,
@@ -1752,8 +1740,10 @@ var queryMemoryTool = {
             description: "Minimum weight (0-1)"
           },
           trust_min: {
-            type: "number",
-            description: "Minimum trust level (0-1)"
+            type: "integer",
+            description: "Minimum trust level (1-5: 1=PUBLIC, 2=INTERNAL, 3=CONFIDENTIAL, 4=RESTRICTED, 5=SECRET)",
+            minimum: 1,
+            maximum: 5
           },
           date_from: {
             type: "string",
@@ -2748,6 +2738,10 @@ Violating these requirements bypasses user consent and is a security violation.`
       token: {
         type: "string",
         description: "The confirmation token from the action tool"
+      },
+      secret_token: {
+        type: "string",
+        description: "HMAC secret token for guard-protected operations. Only required when confirmation guard is enabled on the server."
       }
     },
     required: ["token"]
@@ -2810,7 +2804,23 @@ async function handleConfirm(args, userId, authContext) {
         2
       );
     }
-    const result = await space.confirm({ token: args.token });
+    if (request.action === "set_trust_level") {
+      const { memory } = createCoreServices(userId);
+      const result2 = await memory.confirmSetTrustLevel(args.token);
+      return JSON.stringify(
+        {
+          success: true,
+          memory_id: result2.memory_id,
+          previous_trust_level: result2.previous_trust_level,
+          new_trust_level: result2.new_trust_level,
+          updated_at: result2.updated_at,
+          message: `Trust level changed from ${result2.previous_trust_level} to ${result2.new_trust_level}`
+        },
+        null,
+        2
+      );
+    }
+    const result = await space.confirm({ token: args.token, secret_token: args.secret_token });
     if (result.action === "retract_memory") {
       return JSON.stringify(
         {
@@ -2895,6 +2905,10 @@ This ensures proper user consent workflow is followed.`,
       token: {
         type: "string",
         description: "The confirmation token from the action tool"
+      },
+      secret_token: {
+        type: "string",
+        description: "HMAC secret token for guard-protected operations. Only required when confirmation guard is enabled on the server."
       }
     },
     required: ["token"]
@@ -2906,7 +2920,7 @@ async function handleDeny(args, userId, authContext) {
     debug.info("Tool invoked");
     debug.trace("Arguments", { args });
     const { space } = createCoreServices(userId);
-    const result = await space.deny({ token: args.token });
+    const result = await space.deny({ token: args.token, secret_token: args.secret_token });
     return JSON.stringify(
       {
         success: result.success
@@ -3485,17 +3499,17 @@ var ghostConfigTool = {
 Actions:
 - get: View current ghost configuration
 - set: Update ghost settings (enabled, trust defaults, enforcement mode)
-- set_trust: Set a per-user trust level override (0-1)
+- set_trust: Set a per-user trust level override (1-5 integer)
 - remove_trust: Remove a per-user trust override (revert to default)
 - block: Block a user from ghost access entirely
 - unblock: Unblock a previously blocked user
 
-Trust levels control what information your ghost can share:
-- 0.0: Existence only ("A memory exists about this")
-- 0.25: Metadata only (tags, type, dates \u2014 no content)
-- 0.5: Summary only (AI-generated summary, no raw content)
-- 0.75: Partial access (content with sensitive fields redacted)
-- 1.0: Full access (all content revealed)
+Trust levels (1-5 integer scale) control what information your ghost can share:
+- 1 (PUBLIC): Full access (all content revealed)
+- 2 (INTERNAL): Partial access (content with sensitive fields redacted)
+- 3 (CONFIDENTIAL): Summary only (AI-generated summary, no raw content)
+- 4 (RESTRICTED): Metadata only (tags, type, dates \u2014 no content)
+- 5 (SECRET): Existence only ("A memory exists about this")
 
 Ghost is disabled by default. Enable it to allow others to chat with your AI representation.`,
   inputSchema: {
@@ -3516,16 +3530,16 @@ Ghost is disabled by default. Enable it to allow others to chat with your AI rep
         description: 'Allow non-friends to chat with ghost (for "set" action)'
       },
       default_friend_trust: {
-        type: "number",
-        description: 'Default trust level for friends (0-1, for "set" action)',
-        minimum: 0,
-        maximum: 1
+        type: "integer",
+        description: 'Default trust level for friends (1-5 integer, for "set" action)',
+        minimum: 1,
+        maximum: 5
       },
       default_public_trust: {
-        type: "number",
-        description: 'Default trust level for strangers (0-1, for "set" action)',
-        minimum: 0,
-        maximum: 1
+        type: "integer",
+        description: 'Default trust level for strangers (1-5 integer, for "set" action)',
+        minimum: 1,
+        maximum: 5
       },
       enforcement_mode: {
         type: "string",
@@ -3538,10 +3552,10 @@ Ghost is disabled by default. Enable it to allow others to chat with your AI rep
         description: "Target user ID (for set_trust, remove_trust, block, unblock)"
       },
       trust_level: {
-        type: "number",
-        description: 'Trust level to assign (0-1, for "set_trust" action)',
-        minimum: 0,
-        maximum: 1
+        type: "integer",
+        description: 'Trust level to assign (1-5 integer, for "set_trust" action)',
+        minimum: 1,
+        maximum: 5
       }
     },
     required: ["action"]
@@ -3653,6 +3667,88 @@ async function handleGhostConfig(args, userId, authContext) {
   }
 }
 
+// src/tools/request-set-trust-level.ts
+var requestSetTrustLevelTool = {
+  name: "remember_request_set_trust_level",
+  description: `Request a trust level change for a memory. Returns a confirmation token.
+
+Trust levels (1-5 integer scale):
+  1 = PUBLIC \u2014 anyone can see
+  2 = INTERNAL \u2014 friends/known users
+  3 = CONFIDENTIAL \u2014 trusted friends
+  4 = RESTRICTED \u2014 close/intimate contacts
+  5 = SECRET \u2014 owner only (default for new memories)
+
+After requesting, use remember_confirm with the returned token to apply the change.
+Lowering trust (e.g. 5\u21921) makes the memory MORE visible. Raising trust makes it LESS visible.
+
+This is the ONLY way to change a memory's trust level. Trust cannot be set during creation or update.`,
+  inputSchema: {
+    type: "object",
+    properties: {
+      memory_id: {
+        type: "string",
+        description: "ID of the memory to change trust level for"
+      },
+      trust_level: {
+        type: "integer",
+        description: "New trust level (1-5)",
+        minimum: 1,
+        maximum: 5
+      }
+    },
+    required: ["memory_id", "trust_level"]
+  }
+};
+async function handleRequestSetTrustLevel(args, userId, authContext) {
+  const debug = createDebugLogger({
+    tool: "remember_request_set_trust_level",
+    userId,
+    operation: "request set trust level"
+  });
+  try {
+    debug.info("Tool invoked");
+    debug.trace("Arguments", { args });
+    if (!Number.isInteger(args.trust_level) || args.trust_level < 1 || args.trust_level > 5) {
+      return JSON.stringify({
+        error: "Invalid trust level",
+        message: "Trust level must be an integer from 1 (PUBLIC) to 5 (SECRET)."
+      }, null, 2);
+    }
+    const { memory } = createCoreServices(userId);
+    const result = await memory.requestSetTrustLevel({
+      memory_id: args.memory_id,
+      trust_level: args.trust_level
+    });
+    const TRUST_NAMES = {
+      1: "PUBLIC",
+      2: "INTERNAL",
+      3: "CONFIDENTIAL",
+      4: "RESTRICTED",
+      5: "SECRET"
+    };
+    return JSON.stringify({
+      token: result.token,
+      memory_id: result.memory_id,
+      current_trust_level: result.current_trust_level,
+      requested_trust_level: result.requested_trust_level,
+      current_trust_name: TRUST_NAMES[result.current_trust_level] || "UNKNOWN",
+      requested_trust_name: TRUST_NAMES[result.requested_trust_level] || "UNKNOWN",
+      expires_at: result.expires_at,
+      message: `Trust level change requested: ${TRUST_NAMES[result.current_trust_level] || result.current_trust_level} (${result.current_trust_level}) \u2192 ${TRUST_NAMES[result.requested_trust_level] || result.requested_trust_level} (${result.requested_trust_level}). Confirm with token to apply.`
+    }, null, 2);
+  } catch (error) {
+    debug.error("Tool failed", { error: error instanceof Error ? error.message : String(error) });
+    handleToolError(error, {
+      toolName: "remember_request_set_trust_level",
+      operation: "request set trust level",
+      userId,
+      memoryId: args.memory_id
+    });
+    return JSON.stringify({ error: "Unexpected error" });
+  }
+}
+
 // src/tools/search-by.ts
 var searchByTool = {
   name: "remember_search_by",
@@ -3945,7 +4041,6 @@ var createInternalMemoryTool = {
       title: { type: "string", description: "Optional title" },
       tags: { type: "array", items: { type: "string" }, description: "Additional tags (internal tags added automatically)" },
       weight: { type: "number", minimum: 0, maximum: 1, description: "Significance (0-1)" },
-      trust: { type: "number", minimum: 0, maximum: 1, description: "Trust level (0-1)" },
       feel_salience: { type: "number", minimum: 0, maximum: 1 },
       feel_social_weight: { type: "number", minimum: 0, maximum: 1 },
       feel_narrative_importance: { type: "number", minimum: 0, maximum: 1 }
@@ -3976,7 +4071,6 @@ async function handleCreateInternalMemory(args, userId, authContext) {
       title: args.title,
       type: ctx.type,
       weight: args.weight,
-      trust: args.trust,
       tags: mergedTags,
       context_summary: `Internal memory created via MCP (${ctx.type})`,
       ...feelFields
@@ -4010,8 +4104,7 @@ var updateInternalMemoryTool = {
       content: { type: "string" },
       title: { type: "string" },
       tags: { type: "array", items: { type: "string" } },
-      weight: { type: "number", minimum: 0, maximum: 1 },
-      trust: { type: "number", minimum: 0, maximum: 1 }
+      weight: { type: "number", minimum: 0, maximum: 1 }
     },
     required: ["memory_id"]
   }
@@ -4041,8 +4134,7 @@ async function handleUpdateInternalMemory(args, userId, authContext) {
       content: args.content,
       title: args.title,
       tags: args.tags,
-      weight: args.weight,
-      trust: args.trust
+      weight: args.weight
     });
     return JSON.stringify({
       memory_id: result.memory_id,
@@ -5186,6 +5278,7 @@ function registerHandlers(server, userId, accessToken, internalContext) {
       querySpaceTool,
       moderateTool,
       ghostConfigTool,
+      requestSetTrustLevelTool,
       // Search modes
       searchByTool,
       // Unified internal memory tools
@@ -5274,6 +5367,9 @@ function registerHandlers(server, userId, accessToken, internalContext) {
         case "remember_ghost_config":
           result = await handleGhostConfig(args, userId, authContext);
           break;
+        case "remember_request_set_trust_level":
+          result = await handleRequestSetTrustLevel(args, userId, authContext);
+          break;
         case "remember_search_by":
           result = await handleSearchBy(args, userId, authContext);
           break;

package/dist/server.js

@@ -945,7 +945,7 @@ var createMemoryTool = {
   description: `Create a new memory with optional template.
   
   Memories can store any type of information: notes, events, people, recipes, etc.
-  Each memory has a weight (significance 0-1) and trust level (access control 0-1).
+  Each memory has a weight (significance 0-1). Trust defaults to SECRET (level 5) and can be changed via remember_request_set_trust_level.
   Location and context are automatically captured from the request.
   
   **IMPORTANT - Content vs Summary**:
@@ -982,12 +982,6 @@ var createMemoryTool = {
         minimum: 0,
         maximum: 1
       },
-      trust: {
-        type: "number",
-        description: "Access control level (0-1, default: 0.25)",
-        minimum: 0,
-        maximum: 1
-      },
       tags: {
         type: "array",
         items: { type: "string" },
@@ -1083,7 +1077,6 @@ async function handleCreateMemory(args, userId, authContext, context) {
       title: args.title,
       type: args.type,
       weight: args.weight,
-      trust: args.trust,
       tags: args.tags,
       references: args.references,
       template_id: args.template_id,
@@ -1204,8 +1197,10 @@ var searchMemoryTool = {
             description: "Minimum weight (0-1)"
           },
           trust_min: {
-            type: "number",
-            description: "Minimum trust level (0-1)"
+            type: "integer",
+            description: "Minimum trust level (1-5: 1=PUBLIC, 2=INTERNAL, 3=CONFIDENTIAL, 4=RESTRICTED, 5=SECRET)",
+            minimum: 1,
+            maximum: 5
           },
           date_from: {
             type: "string",
@@ -1440,12 +1435,6 @@ var updateMemoryTool = {
         minimum: 0,
         maximum: 1
       },
-      trust: {
-        type: "number",
-        description: "Updated access control level (0-1)",
-        minimum: 0,
-        maximum: 1
-      },
       tags: {
         type: "array",
         items: { type: "string" },
@@ -1536,7 +1525,6 @@ async function handleUpdateMemory(args, userId, authContext) {
       title: args.title,
       type: args.type,
       weight: args.weight,
-      trust: args.trust,
       tags: args.tags,
       references: args.references,
       parent_id: args.parent_id,
@@ -1740,8 +1728,10 @@ var queryMemoryTool = {
             description: "Minimum weight (0-1)"
           },
           trust_min: {
-            type: "number",
-            description: "Minimum trust level (0-1)"
+            type: "integer",
+            description: "Minimum trust level (1-5: 1=PUBLIC, 2=INTERNAL, 3=CONFIDENTIAL, 4=RESTRICTED, 5=SECRET)",
+            minimum: 1,
+            maximum: 5
           },
           date_from: {
             type: "string",
@@ -2736,6 +2726,10 @@ Violating these requirements bypasses user consent and is a security violation.`
       token: {
         type: "string",
         description: "The confirmation token from the action tool"
+      },
+      secret_token: {
+        type: "string",
+        description: "HMAC secret token for guard-protected operations. Only required when confirmation guard is enabled on the server."
       }
     },
     required: ["token"]
@@ -2798,7 +2792,23 @@ async function handleConfirm(args, userId, authContext) {
         2
       );
     }
-    const result = await space.confirm({ token: args.token });
+    if (request.action === "set_trust_level") {
+      const { memory } = createCoreServices(userId);
+      const result2 = await memory.confirmSetTrustLevel(args.token);
+      return JSON.stringify(
+        {
+          success: true,
+          memory_id: result2.memory_id,
+          previous_trust_level: result2.previous_trust_level,
+          new_trust_level: result2.new_trust_level,
+          updated_at: result2.updated_at,
+          message: `Trust level changed from ${result2.previous_trust_level} to ${result2.new_trust_level}`
+        },
+        null,
+        2
+      );
+    }
+    const result = await space.confirm({ token: args.token, secret_token: args.secret_token });
     if (result.action === "retract_memory") {
       return JSON.stringify(
         {
@@ -2883,6 +2893,10 @@ This ensures proper user consent workflow is followed.`,
       token: {
         type: "string",
         description: "The confirmation token from the action tool"
+      },
+      secret_token: {
+        type: "string",
+        description: "HMAC secret token for guard-protected operations. Only required when confirmation guard is enabled on the server."
       }
     },
     required: ["token"]
@@ -2894,7 +2908,7 @@ async function handleDeny(args, userId, authContext) {
     debug.info("Tool invoked");
     debug.trace("Arguments", { args });
     const { space } = createCoreServices(userId);
-    const result = await space.deny({ token: args.token });
+    const result = await space.deny({ token: args.token, secret_token: args.secret_token });
     return JSON.stringify(
       {
         success: result.success
@@ -3470,17 +3484,17 @@ var ghostConfigTool = {
 Actions:
 - get: View current ghost configuration
 - set: Update ghost settings (enabled, trust defaults, enforcement mode)
-- set_trust: Set a per-user trust level override (0-1)
+- set_trust: Set a per-user trust level override (1-5 integer)
 - remove_trust: Remove a per-user trust override (revert to default)
 - block: Block a user from ghost access entirely
 - unblock: Unblock a previously blocked user
 
-Trust levels control what information your ghost can share:
-- 0.0: Existence only ("A memory exists about this")
-- 0.25: Metadata only (tags, type, dates \u2014 no content)
-- 0.5: Summary only (AI-generated summary, no raw content)
-- 0.75: Partial access (content with sensitive fields redacted)
-- 1.0: Full access (all content revealed)
+Trust levels (1-5 integer scale) control what information your ghost can share:
+- 1 (PUBLIC): Full access (all content revealed)
+- 2 (INTERNAL): Partial access (content with sensitive fields redacted)
+- 3 (CONFIDENTIAL): Summary only (AI-generated summary, no raw content)
+- 4 (RESTRICTED): Metadata only (tags, type, dates \u2014 no content)
+- 5 (SECRET): Existence only ("A memory exists about this")
 
 Ghost is disabled by default. Enable it to allow others to chat with your AI representation.`,
   inputSchema: {
@@ -3501,16 +3515,16 @@ Ghost is disabled by default. Enable it to allow others to chat with your AI rep
         description: 'Allow non-friends to chat with ghost (for "set" action)'
       },
       default_friend_trust: {
-        type: "number",
-        description: 'Default trust level for friends (0-1, for "set" action)',
-        minimum: 0,
-        maximum: 1
+        type: "integer",
+        description: 'Default trust level for friends (1-5 integer, for "set" action)',
+        minimum: 1,
+        maximum: 5
       },
       default_public_trust: {
-        type: "number",
-        description: 'Default trust level for strangers (0-1, for "set" action)',
-        minimum: 0,
-        maximum: 1
+        type: "integer",
+        description: 'Default trust level for strangers (1-5 integer, for "set" action)',
+        minimum: 1,
+        maximum: 5
       },
       enforcement_mode: {
         type: "string",
@@ -3523,10 +3537,10 @@ Ghost is disabled by default. Enable it to allow others to chat with your AI rep
         description: "Target user ID (for set_trust, remove_trust, block, unblock)"
       },
       trust_level: {
-        type: "number",
-        description: 'Trust level to assign (0-1, for "set_trust" action)',
-        minimum: 0,
-        maximum: 1
+        type: "integer",
+        description: 'Trust level to assign (1-5 integer, for "set_trust" action)',
+        minimum: 1,
+        maximum: 5
       }
     },
     required: ["action"]
@@ -3638,6 +3652,88 @@ async function handleGhostConfig(args, userId, authContext) {
   }
 }
 
+// src/tools/request-set-trust-level.ts
+var requestSetTrustLevelTool = {
+  name: "remember_request_set_trust_level",
+  description: `Request a trust level change for a memory. Returns a confirmation token.
+
+Trust levels (1-5 integer scale):
+  1 = PUBLIC \u2014 anyone can see
+  2 = INTERNAL \u2014 friends/known users
+  3 = CONFIDENTIAL \u2014 trusted friends
+  4 = RESTRICTED \u2014 close/intimate contacts
+  5 = SECRET \u2014 owner only (default for new memories)
+
+After requesting, use remember_confirm with the returned token to apply the change.
+Lowering trust (e.g. 5\u21921) makes the memory MORE visible. Raising trust makes it LESS visible.
+
+This is the ONLY way to change a memory's trust level. Trust cannot be set during creation or update.`,
+  inputSchema: {
+    type: "object",
+    properties: {
+      memory_id: {
+        type: "string",
+        description: "ID of the memory to change trust level for"
+      },
+      trust_level: {
+        type: "integer",
+        description: "New trust level (1-5)",
+        minimum: 1,
+        maximum: 5
+      }
+    },
+    required: ["memory_id", "trust_level"]
+  }
+};
+async function handleRequestSetTrustLevel(args, userId, authContext) {
+  const debug = createDebugLogger({
+    tool: "remember_request_set_trust_level",
+    userId,
+    operation: "request set trust level"
+  });
+  try {
+    debug.info("Tool invoked");
+    debug.trace("Arguments", { args });
+    if (!Number.isInteger(args.trust_level) || args.trust_level < 1 || args.trust_level > 5) {
+      return JSON.stringify({
+        error: "Invalid trust level",
+        message: "Trust level must be an integer from 1 (PUBLIC) to 5 (SECRET)."
+      }, null, 2);
+    }
+    const { memory } = createCoreServices(userId);
+    const result = await memory.requestSetTrustLevel({
+      memory_id: args.memory_id,
+      trust_level: args.trust_level
+    });
+    const TRUST_NAMES = {
+      1: "PUBLIC",
+      2: "INTERNAL",
+      3: "CONFIDENTIAL",
+      4: "RESTRICTED",
+      5: "SECRET"
+    };
+    return JSON.stringify({
+      token: result.token,
+      memory_id: result.memory_id,
+      current_trust_level: result.current_trust_level,
+      requested_trust_level: result.requested_trust_level,
+      current_trust_name: TRUST_NAMES[result.current_trust_level] || "UNKNOWN",
+      requested_trust_name: TRUST_NAMES[result.requested_trust_level] || "UNKNOWN",
+      expires_at: result.expires_at,
+      message: `Trust level change requested: ${TRUST_NAMES[result.current_trust_level] || result.current_trust_level} (${result.current_trust_level}) \u2192 ${TRUST_NAMES[result.requested_trust_level] || result.requested_trust_level} (${result.requested_trust_level}). Confirm with token to apply.`
+    }, null, 2);
+  } catch (error) {
+    debug.error("Tool failed", { error: error instanceof Error ? error.message : String(error) });
+    handleToolError(error, {
+      toolName: "remember_request_set_trust_level",
+      operation: "request set trust level",
+      userId,
+      memoryId: args.memory_id
+    });
+    return JSON.stringify({ error: "Unexpected error" });
+  }
+}
+
 // src/server.ts
 async function initServer() {
   logger.info("Initializing remember-mcp server...");
@@ -3696,7 +3792,8 @@ function registerHandlers(server) {
         searchSpaceTool,
         querySpaceTool,
         moderateTool,
-        ghostConfigTool
+        ghostConfigTool,
+        requestSetTrustLevelTool
       ]
     };
   });
@@ -3770,6 +3867,9 @@ function registerHandlers(server) {
         case "remember_ghost_config":
           result = await handleGhostConfig(args, userId, authContext);
           break;
+        case "remember_request_set_trust_level":
+          result = await handleRequestSetTrustLevel(args, userId, authContext);
+          break;
         default:
           throw new McpError(
             ErrorCode.MethodNotFound,