@prmichaelsen/remember-mcp 3.20.1 → 4.0.1

package/src/services/trust-validator.spec.ts

@@ -2,107 +2,113 @@ import { validateTrustAssignment, suggestTrustLevel } from './trust-validator.js
 
 describe('validateTrustAssignment', () => {
   it('accepts trust levels in valid range', () => {
-    expect(validateTrustAssignment(0).valid).toBe(true);
-    expect(validateTrustAssignment(0.5).valid).toBe(true);
-    expect(validateTrustAssignment(1.0).valid).toBe(true);
+    expect(validateTrustAssignment(1).valid).toBe(true);
+    expect(validateTrustAssignment(3).valid).toBe(true);
+    expect(validateTrustAssignment(5).valid).toBe(true);
   });
 
-  it('rejects trust levels below 0', () => {
-    const result = validateTrustAssignment(-0.1);
+  it('rejects trust levels below 1', () => {
+    const result = validateTrustAssignment(0);
     expect(result.valid).toBe(false);
-    expect(result.warning).toContain('-0.1');
+    expect(result.warning).toContain('0');
   });
 
-  it('rejects trust levels above 1', () => {
-    const result = validateTrustAssignment(1.5);
+  it('rejects trust levels above 5', () => {
+    const result = validateTrustAssignment(6);
     expect(result.valid).toBe(false);
-    expect(result.warning).toContain('1.5');
+    expect(result.warning).toContain('6');
   });
 
-  it('warns for trust < 0.25', () => {
-    const result = validateTrustAssignment(0.1);
+  it('rejects non-integer trust levels', () => {
+    const result = validateTrustAssignment(2.5);
+    expect(result.valid).toBe(false);
+    expect(result.warning).toContain('2.5');
+  });
+
+  it('warns for trust >= 4 (RESTRICTED)', () => {
+    const result = validateTrustAssignment(4);
     expect(result.valid).toBe(true);
     expect(result.warning).toContain('very restrictive');
   });
 
-  it('warns for trust 0', () => {
-    const result = validateTrustAssignment(0);
+  it('warns for trust 5 (SECRET)', () => {
+    const result = validateTrustAssignment(5);
     expect(result.valid).toBe(true);
     expect(result.warning).toContain('very restrictive');
   });
 
-  it('does not warn for trust >= 0.25', () => {
-    expect(validateTrustAssignment(0.25).warning).toBeUndefined();
-    expect(validateTrustAssignment(0.5).warning).toBeUndefined();
-    expect(validateTrustAssignment(1.0).warning).toBeUndefined();
+  it('does not warn for trust <= 3', () => {
+    expect(validateTrustAssignment(1).warning).toBeUndefined();
+    expect(validateTrustAssignment(2).warning).toBeUndefined();
+    expect(validateTrustAssignment(3).warning).toBeUndefined();
   });
 });
 
 describe('suggestTrustLevel', () => {
   describe('tag overrides', () => {
-    it('returns 0.1 for private tag', () => {
-      expect(suggestTrustLevel('note', ['private'])).toBe(0.1);
+    it('returns 5 (SECRET) for private tag', () => {
+      expect(suggestTrustLevel('note', ['private'])).toBe(5);
     });
 
-    it('returns 0.1 for secret tag', () => {
-      expect(suggestTrustLevel('note', ['Secret'])).toBe(0.1);
+    it('returns 5 (SECRET) for secret tag', () => {
+      expect(suggestTrustLevel('note', ['Secret'])).toBe(5);
     });
 
-    it('returns 1.0 for public tag', () => {
-      expect(suggestTrustLevel('journal', ['public'])).toBe(1.0);
+    it('returns 1 (PUBLIC) for public tag', () => {
+      expect(suggestTrustLevel('journal', ['public'])).toBe(1);
     });
 
     it('tag override takes priority over content type', () => {
-      // journal normally suggests 0.75, but 'private' overrides to 0.1
-      expect(suggestTrustLevel('journal', ['private'])).toBe(0.1);
+      // journal normally suggests 4, but 'private' overrides to 5
+      expect(suggestTrustLevel('journal', ['private'])).toBe(5);
     });
   });
 
   describe('content type suggestions', () => {
-    it('suggests 0.75 for personal types', () => {
-      expect(suggestTrustLevel('journal')).toBe(0.75);
-      expect(suggestTrustLevel('memory')).toBe(0.75);
-      expect(suggestTrustLevel('event')).toBe(0.75);
+    it('suggests 4 (RESTRICTED) for personal types', () => {
+      expect(suggestTrustLevel('journal')).toBe(4);
+      expect(suggestTrustLevel('memory')).toBe(4);
+      expect(suggestTrustLevel('event')).toBe(4);
     });
 
-    it('suggests 0.5 for system types', () => {
-      expect(suggestTrustLevel('system')).toBe(0.5);
-      expect(suggestTrustLevel('audit')).toBe(0.5);
-      expect(suggestTrustLevel('action')).toBe(0.5);
-      expect(suggestTrustLevel('history')).toBe(0.5);
+    it('suggests 3 (CONFIDENTIAL) for system types', () => {
+      expect(suggestTrustLevel('system')).toBe(3);
+      expect(suggestTrustLevel('audit')).toBe(3);
+      expect(suggestTrustLevel('action')).toBe(3);
+      expect(suggestTrustLevel('history')).toBe(3);
     });
 
-    it('suggests 0.5 for business types', () => {
-      expect(suggestTrustLevel('invoice')).toBe(0.5);
-      expect(suggestTrustLevel('contract')).toBe(0.5);
+    it('suggests 3 (CONFIDENTIAL) for business types', () => {
+      expect(suggestTrustLevel('invoice')).toBe(3);
+      expect(suggestTrustLevel('contract')).toBe(3);
     });
 
-    it('suggests 0.5 for communication types', () => {
-      expect(suggestTrustLevel('email')).toBe(0.5);
-      expect(suggestTrustLevel('conversation')).toBe(0.5);
-      expect(suggestTrustLevel('meeting')).toBe(0.5);
+    it('suggests 3 (CONFIDENTIAL) for communication types', () => {
+      expect(suggestTrustLevel('email')).toBe(3);
+      expect(suggestTrustLevel('conversation')).toBe(3);
+      expect(suggestTrustLevel('meeting')).toBe(3);
     });
 
-    it('suggests 0.75 for ghost type', () => {
-      expect(suggestTrustLevel('ghost')).toBe(0.75);
+    it('suggests 4 (RESTRICTED) for ghost type', () => {
+      expect(suggestTrustLevel('ghost')).toBe(4);
     });
 
-    it('suggests 0.25 for general/creative types', () => {
-      expect(suggestTrustLevel('note')).toBe(0.25);
-      expect(suggestTrustLevel('code')).toBe(0.25);
-      expect(suggestTrustLevel('article')).toBe(0.25);
-      expect(suggestTrustLevel('recipe')).toBe(0.25);
-      expect(suggestTrustLevel('bookmark')).toBe(0.25);
+    it('suggests 2 (INTERNAL) for general/creative types', () => {
+      expect(suggestTrustLevel('note')).toBe(2);
+      expect(suggestTrustLevel('code')).toBe(2);
+      expect(suggestTrustLevel('article')).toBe(2);
+      expect(suggestTrustLevel('recipe')).toBe(2);
+      expect(suggestTrustLevel('bookmark')).toBe(2);
     });
   });
 
   describe('edge cases', () => {
     it('handles empty tags array', () => {
-      expect(suggestTrustLevel('note', [])).toBe(0.25);
+      expect(suggestTrustLevel('note', [])).toBe(2);
     });
 
     it('handles undefined tags', () => {
-      expect(suggestTrustLevel('note')).toBe(0.25);
+      expect(suggestTrustLevel('note')).toBe(2);
     });
   });
 });

package/src/services/trust-validator.ts

@@ -1,6 +1,9 @@
 /**
  * Trust validator — validation and suggestions for trust-sensitive operations.
  *
+ * Uses integer TrustLevel 1–5 scale (higher = more confidential).
+ * Aligned with remember-core's trust-validator.service.
+ *
  * See agent/design/local.ghost-persona-system.md
  */
 
@@ -16,21 +19,20 @@ export interface TrustValidationResult {
 
 /**
  * Validate a trust level assignment.
- * Warns if trust < 0.25 (very private — existence-only for most accessors).
+ * Warns if trust >= 4 (Restricted/Secret — very restrictive).
  * Returns invalid for out-of-range values.
  *
- * @param trustLevel - The trust level being assigned (0-1)
- * @param content - Optional content for context-aware validation
+ * @param trustLevel - The trust level being assigned (1-5 integer)
  */
-export function validateTrustAssignment(trustLevel: number, content?: string): TrustValidationResult {
-  if (trustLevel < 0 || trustLevel > 1) {
-    return { valid: false, warning: `Trust level must be between 0 and 1, got ${trustLevel}` };
+export function validateTrustAssignment(trustLevel: number): TrustValidationResult {
+  if (!Number.isInteger(trustLevel) || trustLevel < 1 || trustLevel > 5) {
+    return { valid: false, warning: `Trust level must be an integer between 1 and 5, got ${trustLevel}` };
   }
 
-  if (trustLevel < 0.25) {
+  if (trustLevel >= 4) {
     return {
       valid: true,
-      warning: `Trust level ${trustLevel} is very restrictive — most accessors will see only that this memory exists. Consider 0.25+ for metadata visibility.`,
+      warning: `Trust level ${trustLevel} is very restrictive — most accessors will have limited visibility. Consider level 2 (INTERNAL) or 3 (CONFIDENTIAL) for broader access.`,
     };
   }
 
@@ -40,31 +42,31 @@ export function validateTrustAssignment(trustLevel: number, content?: string): T
 /**
  * Suggest an appropriate trust level based on content type and tags.
  *
- * Guidelines:
- * - System/audit/action: 0.5 (internal, summary access for trusted users)
- * - Personal (journal, memory, event): 0.75 (share with close friends)
- * - Business (invoice, contract): 0.5 (summary only for collaborators)
- * - Communication (email, conversation): 0.5 (summary only)
- * - Creative/content: 0.25 (metadata for discovery, full access for trusted)
- * - Default: 0.25 (conservative — metadata only)
+ * Guidelines (1-5 integer scale):
+ * - Personal (journal, memory, event): RESTRICTED (4) — close contacts only
+ * - System/audit/action: CONFIDENTIAL (3) — trusted friends
+ * - Business (invoice, contract): CONFIDENTIAL (3)
+ * - Communication (email, conversation): CONFIDENTIAL (3)
+ * - Ghost conversations: RESTRICTED (4)
+ * - Default: INTERNAL (2) — conservative
  *
  * Tag overrides:
- * - 'private' or 'secret': 0.1 (near-hidden)
- * - 'public': 1.0 (open to all)
+ * - 'private' or 'secret': SECRET (5)
+ * - 'public': PUBLIC (1)
  *
  * @param contentType - The type of content
  * @param tags - Optional tags that may affect suggestion
- * @returns Suggested trust level (0-1)
+ * @returns Suggested trust level (1-5)
  */
 export function suggestTrustLevel(contentType: ContentType, tags?: string[]): number {
   // Tag-based overrides take priority
   if (tags && tags.length > 0) {
     const lowerTags = tags.map(t => t.toLowerCase());
     if (lowerTags.includes('private') || lowerTags.includes('secret')) {
-      return 0.1;
+      return 5; // SECRET
     }
     if (lowerTags.includes('public')) {
-      return 1.0;
+      return 1; // PUBLIC
     }
   }
 
@@ -74,32 +76,32 @@ export function suggestTrustLevel(contentType: ContentType, tags?: string[]): nu
     case 'journal':
     case 'memory':
     case 'event':
-      return 0.75;
+      return 4; // RESTRICTED
 
     // System/internal
     case 'system':
     case 'audit':
     case 'action':
     case 'history':
-      return 0.5;
+      return 3; // CONFIDENTIAL
 
     // Business
     case 'invoice':
     case 'contract':
-      return 0.5;
+      return 3; // CONFIDENTIAL
 
     // Communication
     case 'email':
     case 'conversation':
     case 'meeting':
-      return 0.5;
+      return 3; // CONFIDENTIAL
 
     // Ghost conversations — private by default
     case 'ghost':
-      return 0.75;
+      return 4; // RESTRICTED
 
     // Default — conservative
     default:
-      return 0.25;
+      return 2; // INTERNAL
   }
 }

package/src/tools/confirm.spec.ts

@@ -0,0 +1,108 @@
+/**
+ * Tests for confirm tool — secret_token passthrough and set_trust_level handling.
+ */
+
+import { handleConfirm } from './confirm.js';
+
+// ─── Mocks ──────────────────────────────────────────────────
+
+jest.mock('../core-services.js', () => ({
+  createCoreServices: jest.fn(),
+}));
+
+jest.mock('../weaviate/client.js', () => ({
+  getWeaviateClient: jest.fn(),
+  getMemoryCollectionName: jest.fn((userId: string) => `Memory_users_${userId}`),
+}));
+
+jest.mock('../utils/debug.js', () => ({
+  createDebugLogger: jest.fn(() => ({
+    info: jest.fn(),
+    debug: jest.fn(),
+    trace: jest.fn(),
+    error: jest.fn(),
+    time: jest.fn((_: string, fn: () => any) => fn()),
+  })),
+}));
+
+jest.mock('../utils/error-handler.js', () => ({
+  handleToolError: jest.fn(),
+}));
+
+import { createCoreServices } from '../core-services.js';
+const mockCreateCoreServices = createCoreServices as jest.MockedFunction<any>;
+
+// ─── Tests ───────────────────────────────────────────────────
+
+describe('confirm tool', () => {
+  let mockConfirm: jest.Mock;
+  let mockValidateToken: jest.Mock;
+
+  beforeEach(() => {
+    jest.clearAllMocks();
+    mockConfirm = jest.fn();
+    mockValidateToken = jest.fn();
+
+    mockCreateCoreServices.mockReturnValue({
+      space: { confirm: mockConfirm },
+      token: { validateToken: mockValidateToken, confirmRequest: jest.fn() },
+    });
+  });
+
+  it('passes secret_token through to space.confirm when provided', async () => {
+    mockValidateToken.mockResolvedValue({ action: 'publish_memory' });
+    mockConfirm.mockResolvedValue({
+      action: 'publish_memory',
+      success: true,
+      composite_id: 'u1.m1',
+      published_to: ['spaces: public'],
+      space_ids: ['public'],
+      group_ids: [],
+    });
+
+    await handleConfirm({ token: 'tok-1', secret_token: 'sec-abc' }, 'user-1');
+
+    expect(mockConfirm).toHaveBeenCalledWith({ token: 'tok-1', secret_token: 'sec-abc' });
+  });
+
+  it('works without secret_token (backward compatible)', async () => {
+    mockValidateToken.mockResolvedValue({ action: 'publish_memory' });
+    mockConfirm.mockResolvedValue({
+      action: 'publish_memory',
+      success: true,
+      composite_id: 'u1.m1',
+      published_to: ['spaces: public'],
+      space_ids: ['public'],
+      group_ids: [],
+    });
+
+    await handleConfirm({ token: 'tok-1' }, 'user-1');
+
+    expect(mockConfirm).toHaveBeenCalledWith({ token: 'tok-1', secret_token: undefined });
+  });
+
+  it('handles set_trust_level action via memory.confirmSetTrustLevel', async () => {
+    const mockConfirmSetTrustLevel = jest.fn().mockResolvedValue({
+      memory_id: 'mem-1',
+      previous_trust_level: 'normal',
+      new_trust_level: 'core',
+      updated_at: '2026-03-20T00:00:00Z',
+    });
+
+    mockValidateToken.mockResolvedValue({ action: 'set_trust_level' });
+    mockCreateCoreServices.mockReturnValue({
+      space: { confirm: mockConfirm },
+      token: { validateToken: mockValidateToken, confirmRequest: jest.fn() },
+      memory: { confirmSetTrustLevel: mockConfirmSetTrustLevel },
+    });
+
+    const result = JSON.parse(await handleConfirm({ token: 'tok-trust' }, 'user-1') as string);
+
+    expect(result.success).toBe(true);
+    expect(result.memory_id).toBe('mem-1');
+    expect(result.previous_trust_level).toBe('normal');
+    expect(result.new_trust_level).toBe('core');
+    expect(result.message).toBe('Trust level changed from normal to core');
+    expect(mockConfirmSetTrustLevel).toHaveBeenCalledWith('tok-trust');
+  });
+});

package/src/tools/confirm.ts

@@ -53,6 +53,10 @@ Violating these requirements bypasses user consent and is a security violation.`
         type: 'string',
         description: 'The confirmation token from the action tool',
       },
+      secret_token: {
+        type: 'string',
+        description: 'HMAC secret token for guard-protected operations. Only required when confirmation guard is enabled on the server.',
+      },
     },
     required: ['token'],
   },
@@ -60,6 +64,7 @@ Violating these requirements bypasses user consent and is a security violation.`
 
 interface ConfirmArgs {
   token: string;
+  secret_token?: string;
 }
 
 /**
@@ -140,8 +145,26 @@ export async function handleConfirm(
       );
     }
 
+    // Handle set_trust_level via MemoryService
+    if (request.action === 'set_trust_level') {
+      const { memory } = createCoreServices(userId);
+      const result = await memory.confirmSetTrustLevel(args.token);
+      return JSON.stringify(
+        {
+          success: true,
+          memory_id: result.memory_id,
+          previous_trust_level: result.previous_trust_level,
+          new_trust_level: result.new_trust_level,
+          updated_at: result.updated_at,
+          message: `Trust level changed from ${result.previous_trust_level} to ${result.new_trust_level}`,
+        },
+        null,
+        2
+      );
+    }
+
     // Delegate publish/retract/revise to core SpaceService
-    const result = await space.confirm({ token: args.token });
+    const result = await space.confirm({ token: args.token, secret_token: args.secret_token });
 
     // Format response based on action type
     if (result.action === 'retract_memory') {

package/src/tools/create-internal-memory.ts

@@ -29,7 +29,6 @@ export const createInternalMemoryTool = {
       title: { type: 'string', description: 'Optional title' },
       tags: { type: 'array', items: { type: 'string' }, description: 'Additional tags (internal tags added automatically)' },
       weight: { type: 'number', minimum: 0, maximum: 1, description: 'Significance (0-1)' },
-      trust: { type: 'number', minimum: 0, maximum: 1, description: 'Trust level (0-1)' },
       feel_salience: { type: 'number', minimum: 0, maximum: 1 },
       feel_social_weight: { type: 'number', minimum: 0, maximum: 1 },
       feel_narrative_importance: { type: 'number', minimum: 0, maximum: 1 },
@@ -43,7 +42,6 @@ export interface CreateInternalMemoryArgs {
   title?: string;
   tags?: string[];
   weight?: number;
-  trust?: number;
   [key: string]: any;
 }
 
@@ -81,7 +79,6 @@ export async function handleCreateInternalMemory(
       title: args.title,
       type: ctx.type as any,
       weight: args.weight,
-      trust: args.trust,
       tags: mergedTags,
       context_summary: `Internal memory created via MCP (${ctx.type})`,
       ...feelFields,

package/src/tools/create-memory.spec.ts

@@ -114,13 +114,17 @@ describe('updateMemoryTool definition', () => {
     expect(required).not.toContain('group_ids');
   });
 
-  it('has optional content, title, type, weight, trust, tags properties', () => {
+  it('has optional content, title, type, weight, tags properties', () => {
     const props = updateMemoryTool.inputSchema.properties as Record<string, any>;
     expect(props.content).toBeDefined();
     expect(props.title).toBeDefined();
     expect(props.type).toBeDefined();
     expect(props.weight).toBeDefined();
-    expect(props.trust).toBeDefined();
     expect(props.tags).toBeDefined();
   });
+
+  it('does not expose trust in schema', () => {
+    const props = updateMemoryTool.inputSchema.properties as Record<string, any>;
+    expect(props.trust).toBeUndefined();
+  });
 });

package/src/tools/create-memory.ts

@@ -18,7 +18,7 @@ export const createMemoryTool = {
   description: `Create a new memory with optional template.
   
   Memories can store any type of information: notes, events, people, recipes, etc.
-  Each memory has a weight (significance 0-1) and trust level (access control 0-1).
+  Each memory has a weight (significance 0-1). Trust defaults to SECRET (level 5) and can be changed via remember_request_set_trust_level.
   Location and context are automatically captured from the request.
   
   **IMPORTANT - Content vs Summary**:
@@ -56,12 +56,6 @@ export const createMemoryTool = {
         minimum: 0,
         maximum: 1,
       },
-      trust: {
-        type: 'number',
-        description: 'Access control level (0-1, default: 0.25)',
-        minimum: 0,
-        maximum: 1,
-      },
       tags: {
         type: 'array',
         items: { type: 'string' },
@@ -149,7 +143,6 @@ export interface CreateMemoryArgs {
   title?: string;
   type?: ContentType;
   weight?: number;
-  trust?: number;
   tags?: string[];
   references?: string[];
   template_id?: string;
@@ -201,7 +194,6 @@ export async function handleCreateMemory(
       title: args.title,
       type: args.type,
       weight: args.weight,
-      trust: args.trust,
       tags: args.tags,
       references: args.references,
       template_id: args.template_id,

package/src/tools/deny.spec.ts

@@ -0,0 +1,59 @@
+/**
+ * Tests for deny tool — secret_token passthrough.
+ */
+
+import { handleDeny } from './deny.js';
+
+// ─── Mocks ──────────────────────────────────────────────────
+
+jest.mock('../core-services.js', () => ({
+  createCoreServices: jest.fn(),
+}));
+
+jest.mock('../utils/debug.js', () => ({
+  createDebugLogger: jest.fn(() => ({
+    info: jest.fn(),
+    debug: jest.fn(),
+    trace: jest.fn(),
+    error: jest.fn(),
+    time: jest.fn((_: string, fn: () => any) => fn()),
+  })),
+}));
+
+jest.mock('../utils/error-handler.js', () => ({
+  handleToolError: jest.fn(),
+}));
+
+import { createCoreServices } from '../core-services.js';
+const mockCreateCoreServices = createCoreServices as jest.MockedFunction<any>;
+
+// ─── Tests ───────────────────────────────────────────────────
+
+describe('deny tool', () => {
+  let mockDeny: jest.Mock;
+
+  beforeEach(() => {
+    jest.clearAllMocks();
+    mockDeny = jest.fn();
+
+    mockCreateCoreServices.mockReturnValue({
+      space: { deny: mockDeny },
+    });
+  });
+
+  it('passes secret_token through to space.deny when provided', async () => {
+    mockDeny.mockResolvedValue({ success: true });
+
+    await handleDeny({ token: 'tok-1', secret_token: 'sec-abc' }, 'user-1');
+
+    expect(mockDeny).toHaveBeenCalledWith({ token: 'tok-1', secret_token: 'sec-abc' });
+  });
+
+  it('works without secret_token (backward compatible)', async () => {
+    mockDeny.mockResolvedValue({ success: true });
+
+    await handleDeny({ token: 'tok-1' }, 'user-1');
+
+    expect(mockDeny).toHaveBeenCalledWith({ token: 'tok-1', secret_token: undefined });
+  });
+});

package/src/tools/deny.ts

@@ -45,6 +45,10 @@ This ensures proper user consent workflow is followed.`,
         type: 'string',
         description: 'The confirmation token from the action tool',
       },
+      secret_token: {
+        type: 'string',
+        description: 'HMAC secret token for guard-protected operations. Only required when confirmation guard is enabled on the server.',
+      },
     },
     required: ['token'],
   },
@@ -52,6 +56,7 @@ This ensures proper user consent workflow is followed.`,
 
 interface DenyArgs {
   token: string;
+  secret_token?: string;
 }
 
 /**
@@ -68,7 +73,7 @@ export async function handleDeny(
     debug.trace('Arguments', { args });
 
     const { space } = createCoreServices(userId);
-    const result = await space.deny({ token: args.token });
+    const result = await space.deny({ token: args.token, secret_token: args.secret_token });
 
     return JSON.stringify(
       {