@prmichaelsen/remember-mcp 4.0.2 → 4.1.0

package/agent/tasks/milestone-24-mcp-elicitation-confirmation/task-530-create-elicitation-helper.md

@@ -0,0 +1,78 @@
+# Task 530: Create Elicitation Helper Utility
+
+**Milestone**: [M24 - MCP Elicitation Confirmation Flow](../../milestones/milestone-24-mcp-elicitation-confirmation.md)
+**Design Reference**: None
+**Estimated Time**: 1-2 hours
+**Dependencies**: None
+**Status**: Not Started
+
+---
+
+## Objective
+
+Create `src/utils/elicitation.ts` — a shared helper that checks if the connected MCP client supports elicitation, issues a confirmation-only prompt via `server.elicitInput()`, and returns a discriminated result type.
+
+---
+
+## Context
+
+MCP elicitation (`elicitation/create`) allows the server to pause a tool call and ask the user directly through the client. The MCP SDK v1.27.1 exposes `server.elicitInput()` on the `Server` class. Clients declare elicitation support via `ClientCapabilities.elicitation`.
+
+This helper centralizes the elicitation logic so all 5 protected tools can share it without duplication.
+
+---
+
+## Steps
+
+### 1. Create `src/utils/elicitation.ts`
+
+```typescript
+import type { Server } from '@modelcontextprotocol/sdk/server/index.js';
+
+interface ElicitConfirmParams {
+  server?: Server;
+  message: string;
+}
+
+type ElicitConfirmResult =
+  | { type: 'confirmed' }
+  | { type: 'declined'; reason: string }
+  | { type: 'unsupported' };
+
+export async function elicitConfirmation(params: ElicitConfirmParams): Promise<ElicitConfirmResult> {
+  const { server, message } = params;
+  if (!server) return { type: 'unsupported' };
+
+  const caps = server.getClientCapabilities();
+  if (!caps?.elicitation) return { type: 'unsupported' };
+
+  const result = await server.elicitInput({
+    message,
+    requestedSchema: { type: 'object', properties: {} },
+  });
+
+  if (result.action === 'accept') return { type: 'confirmed' };
+  return { type: 'declined', reason: result.action };
+}
+```
+
+Key design decisions:
+- Returns `{ type: 'unsupported' }` when server is undefined or client lacks elicitation capability — callers fall back to token flow
+- Uses empty `requestedSchema` for confirmation-only (no data fields)
+- Maps both `decline` and `cancel` actions to `declined`
+
+---
+
+## Verification
+
+- [ ] File `src/utils/elicitation.ts` exists
+- [ ] Exports `elicitConfirmation` function and `ElicitConfirmResult` type
+- [ ] Returns `unsupported` when server is undefined
+- [ ] Returns `unsupported` when client lacks elicitation capability
+- [ ] Returns `confirmed` on accept
+- [ ] Returns `declined` on decline or cancel
+- [ ] `npm run typecheck` passes
+
+---
+
+**Next Task**: [Task 531: Update protected tool handler signatures](task-531-update-handler-signatures.md)

package/agent/tasks/milestone-24-mcp-elicitation-confirmation/task-531-update-handler-signatures.md

@@ -0,0 +1,62 @@
+# Task 531: Update Protected Tool Handler Signatures
+
+**Milestone**: [M24 - MCP Elicitation Confirmation Flow](../../milestones/milestone-24-mcp-elicitation-confirmation.md)
+**Design Reference**: None
+**Estimated Time**: 1 hour
+**Dependencies**: Task 530
+**Status**: Not Started
+
+---
+
+## Objective
+
+Add an optional `server?: Server` parameter to all 5 protected tool handler functions so they can issue elicitation requests.
+
+---
+
+## Context
+
+Currently, protected tool handlers have the signature `(args, userId, authContext?)`. To call `server.elicitInput()`, they need access to the `Server` instance. Adding `server` as an optional 4th parameter maintains backward compatibility.
+
+---
+
+## Steps
+
+### 1. Update handler signatures
+
+Add `server?: Server` as the 4th parameter to:
+
+| File | Function |
+|------|----------|
+| `src/tools/publish.ts` | `handlePublish` |
+| `src/tools/retract.ts` | `handleRetract` |
+| `src/tools/revise.ts` | `handleRevise` |
+| `src/tools/delete-memory.ts` | `handleDeleteMemory` |
+| `src/tools/request-set-trust-level.ts` | `handleRequestSetTrustLevel` |
+
+Add the import:
+```typescript
+import type { Server } from '@modelcontextprotocol/sdk/server/index.js';
+```
+
+Update each function signature, e.g.:
+```typescript
+export async function handlePublish(
+  args: PublishArgs,
+  userId: string,
+  authContext?: AuthContext,
+  server?: Server
+): Promise<string> {
+```
+
+---
+
+## Verification
+
+- [ ] All 5 handlers accept optional `server` parameter
+- [ ] `npm run typecheck` passes
+- [ ] No existing callers break (parameter is optional)
+
+---
+
+**Next Task**: [Task 532: Implement elicitation in protected tools](task-532-implement-elicitation-in-tools.md)

package/agent/tasks/milestone-24-mcp-elicitation-confirmation/task-532-implement-elicitation-in-tools.md

@@ -0,0 +1,113 @@
+# Task 532: Implement Elicitation in Protected Tools
+
+**Milestone**: [M24 - MCP Elicitation Confirmation Flow](../../milestones/milestone-24-mcp-elicitation-confirmation.md)
+**Design Reference**: None
+**Estimated Time**: 3-4 hours
+**Dependencies**: Task 530, Task 531
+**Status**: Not Started
+
+---
+
+## Objective
+
+Wire elicitation logic into all 5 protected tool handlers so they confirm with the user via elicitation when supported, and fall back to the token flow otherwise.
+
+---
+
+## Context
+
+Each protected tool currently:
+1. Calls a core service to create a confirmation token
+2. Returns the token to the agent
+3. Expects the agent to call `remember_confirm` or `remember_deny`
+
+With elicitation, the flow becomes:
+1. Call core service to create a confirmation token
+2. Call `elicitConfirmation()` to ask the user directly
+3. If confirmed → execute the operation (call confirm internally) → return result
+4. If declined → deny the token → return cancellation message
+5. If unsupported → return token in legacy format (current behavior)
+
+---
+
+## Steps
+
+### 1. Update `handlePublish` (src/tools/publish.ts)
+
+After getting the token from `space.publish()`, call `elicitConfirmation()`:
+
+```typescript
+import { elicitConfirmation } from '../utils/elicitation.js';
+
+// After getting result from space.publish():
+const confirmation = await elicitConfirmation({
+  server,
+  message: `Publish memory "${args.memory_id}" to ${[...(args.spaces || []), ...(args.groups || [])].join(', ')}?`,
+});
+
+if (confirmation.type === 'confirmed') {
+  const confirmResult = await space.confirm({ token: result.token });
+  return JSON.stringify({ success: true, ...confirmResult }, null, 2);
+}
+
+if (confirmation.type === 'declined') {
+  await space.deny({ token: result.token });
+  return JSON.stringify({ success: false, message: 'Publication cancelled by user.' }, null, 2);
+}
+
+// Fallback: return token for legacy confirm/deny flow
+return JSON.stringify({ success: true, token: result.token, ... }, null, 2);
+```
+
+### 2. Update `handleRetract` (src/tools/retract.ts)
+
+Same pattern. Message: `Retract memory "${args.memory_id}" from ${destinations}?`
+
+### 3. Update `handleRevise` (src/tools/revise.ts)
+
+Same pattern. Message: `Revise all published copies of memory "${args.memory_id}"?`
+
+### 4. Update `handleDeleteMemory` (src/tools/delete-memory.ts)
+
+This tool uses `tokenService.createRequest()` directly instead of a core space service.
+
+On confirmation, replicate the delete logic from `confirm.ts` (soft delete via Weaviate update).
+
+On decline, call `tokenService.denyRequest()` or simply let the token expire.
+
+Message: `Delete memory "${args.memory_id}"${args.reason ? ` (reason: ${args.reason})` : ''}?`
+
+### 5. Update `handleRequestSetTrustLevel` (src/tools/request-set-trust-level.ts)
+
+Uses `memory.requestSetTrustLevel()` which returns a token.
+
+On confirmation, call `memory.confirmSetTrustLevel(token)`.
+
+Message: `Change trust level for memory "${args.memory_id}" from ${current} to ${requested}?`
+
+---
+
+## Key Design Decisions
+
+| Decision | Choice | Rationale |
+|---|---|---|
+| Confirm execution path | Reuse core service confirm methods | Avoids duplicating business logic; the confirm handlers in core already handle all edge cases |
+| Deny on decline | Call deny/let expire | Clean token cleanup; prevents orphaned pending tokens |
+| Error handling | Wrap elicitation in try/catch, fall back to token flow on error | Resilient against elicitation failures |
+
+---
+
+## Verification
+
+- [ ] `handlePublish` uses elicitation when available, falls back when not
+- [ ] `handleRetract` uses elicitation when available, falls back when not
+- [ ] `handleRevise` uses elicitation when available, falls back when not
+- [ ] `handleDeleteMemory` uses elicitation when available, falls back when not
+- [ ] `handleRequestSetTrustLevel` uses elicitation when available, falls back when not
+- [ ] All tools still work with non-elicitation clients (token flow preserved)
+- [ ] `npm run typecheck` passes
+- [ ] `npm test` passes
+
+---
+
+**Next Task**: [Task 533: Wire server instance through entry points](task-533-wire-server-instance.md)

package/agent/tasks/milestone-24-mcp-elicitation-confirmation/task-533-wire-server-instance.md

@@ -0,0 +1,62 @@
+# Task 533: Wire Server Instance Through Entry Points
+
+**Milestone**: [M24 - MCP Elicitation Confirmation Flow](../../milestones/milestone-24-mcp-elicitation-confirmation.md)
+**Design Reference**: None
+**Estimated Time**: 1-2 hours
+**Dependencies**: Task 531
+**Status**: Not Started
+
+---
+
+## Objective
+
+Pass the `Server` instance to protected tool handlers in both `server.ts` and `server-factory.ts` so they can issue elicitation requests.
+
+---
+
+## Context
+
+The `CallToolRequestSchema` handler has access to the `server` instance (it's in the closure of `registerHandlers()`). The handler just needs to pass it as the 4th argument to the 5 protected tool handlers.
+
+---
+
+## Steps
+
+### 1. Update `server.ts` — `registerHandlers()`
+
+In the switch statement, pass `server` to the 5 protected tool calls:
+
+```typescript
+case 'remember_publish':
+  result = await handlePublish(args as any, userId, authContext, server);
+  break;
+case 'remember_retract':
+  result = await handleRetract(args as any, userId, authContext, server);
+  break;
+case 'remember_revise':
+  result = await handleRevise(args as any, userId, authContext, server);
+  break;
+case 'remember_delete_memory':
+  result = await handleDeleteMemory(args as any, userId, authContext, server);
+  break;
+case 'remember_request_set_trust_level':
+  result = await handleRequestSetTrustLevel(args as any, userId, authContext, server);
+  break;
+```
+
+### 2. Update `server-factory.ts` — `registerHandlers()`
+
+Same changes as `server.ts`. The `server` parameter is already passed to `registerHandlers()`.
+
+---
+
+## Verification
+
+- [ ] `server.ts` passes server to all 5 protected handlers
+- [ ] `server-factory.ts` passes server to all 5 protected handlers
+- [ ] `npm run typecheck` passes
+- [ ] `npm run build` succeeds
+
+---
+
+**Next Task**: [Task 534: Verification and cleanup](task-534-verification-cleanup.md)

package/agent/tasks/milestone-24-mcp-elicitation-confirmation/task-534-verification-cleanup.md

@@ -0,0 +1,60 @@
+# Task 534: Verification and Cleanup
+
+**Milestone**: [M24 - MCP Elicitation Confirmation Flow](../../milestones/milestone-24-mcp-elicitation-confirmation.md)
+**Design Reference**: None
+**Estimated Time**: 1-2 hours
+**Dependencies**: Task 532, Task 533
+**Status**: Not Started
+
+---
+
+## Objective
+
+Verify the full build pipeline, run tests, and update tool descriptions to reflect that elicitation is used when available.
+
+---
+
+## Steps
+
+### 1. Build and Typecheck
+
+```bash
+npm run typecheck
+npm run build
+```
+
+### 2. Run Tests
+
+```bash
+npm test
+```
+
+Fix any failures.
+
+### 3. Update Tool Descriptions
+
+Update the `description` field in tool definitions for the 5 protected tools to mention that elicitation is used when available:
+
+- Remove/simplify the "CRITICAL SAFETY" warnings about separate messages (no longer needed when elicitation is active)
+- Add note: "Uses MCP elicitation for direct user confirmation when supported. Falls back to token+confirm/deny flow for clients without elicitation."
+
+### 4. Update `confirm`/`deny` tool descriptions
+
+Add context that these tools are used as fallback:
+
+- "Used when the client does not support MCP elicitation. When elicitation is supported, confirmation happens inline during the original tool call."
+
+---
+
+## Verification
+
+- [ ] `npm run typecheck` passes
+- [ ] `npm run build` succeeds
+- [ ] `npm test` passes
+- [ ] Tool descriptions updated for publish, retract, revise, delete-memory, request-set-trust-level
+- [ ] Confirm/deny tool descriptions updated with fallback context
+- [ ] No lint errors
+
+---
+
+**Related Design Docs**: None

package/dist/server-factory.js

@@ -1341,6 +1341,27 @@ async function handleSearchMemory(args, userId, authContext) {
   }
 }
 
+// src/utils/elicitation.ts
+async function elicitConfirmation(params) {
+  const { server, message } = params;
+  if (!server)
+    return { type: "unsupported" };
+  const caps = server.getClientCapabilities();
+  if (!caps?.elicitation)
+    return { type: "unsupported" };
+  try {
+    const result = await server.elicitInput({
+      message,
+      requestedSchema: { type: "object", properties: {} }
+    });
+    if (result.action === "accept")
+      return { type: "confirmed" };
+    return { type: "declined", reason: result.action };
+  } catch {
+    return { type: "unsupported" };
+  }
+}
+
 // src/tools/delete-memory.ts
 var deleteMemoryTool = {
   name: "remember_delete_memory",
@@ -1371,7 +1392,7 @@ Examples:
     required: ["memory_id"]
   }
 };
-async function handleDeleteMemory(args, userId, authContext) {
+async function handleDeleteMemory(args, userId, authContext, server) {
   const debug = createDebugLogger({ tool: "remember_delete_memory", userId, operation: "delete memory" });
   try {
     debug.info("Tool invoked");
@@ -1385,6 +1406,44 @@ async function handleDeleteMemory(args, userId, authContext) {
         reason: args.reason || null
       }
     );
+    const confirmation = await elicitConfirmation({
+      server,
+      message: `Delete memory "${args.memory_id}"${args.reason ? ` (reason: ${args.reason})` : ""}?`
+    });
+    if (confirmation.type === "confirmed") {
+      const confirmed = await tokenService2.confirmRequest(userId, token);
+      if (!confirmed) {
+        return JSON.stringify(
+          { success: false, error: "Token already consumed", message: "The confirmation token has already been used." },
+          null,
+          2
+        );
+      }
+      const { memory_id, reason } = confirmed.payload;
+      const client2 = getWeaviateClient();
+      const collectionName = getMemoryCollectionName(userId);
+      const collection = client2.collections.get(collectionName);
+      await collection.data.update({
+        id: memory_id,
+        properties: {
+          deleted_at: (/* @__PURE__ */ new Date()).toISOString(),
+          deleted_by: userId,
+          deletion_reason: reason || null
+        }
+      });
+      return JSON.stringify(
+        { success: true, memory_id, message: "Memory deleted successfully" },
+        null,
+        2
+      );
+    }
+    if (confirmation.type === "declined") {
+      return JSON.stringify(
+        { success: false, message: "Deletion cancelled by user." },
+        null,
+        2
+      );
+    }
     const expiresAt = new Date(Date.now() + 5 * 60 * 1e3);
     return JSON.stringify(
       {
@@ -2533,7 +2592,7 @@ Publication Destinations:
     required: ["memory_id"]
   }
 };
-async function handlePublish(args, userId, authContext) {
+async function handlePublish(args, userId, authContext, server) {
   const debug = createDebugLogger({
     tool: "remember_publish",
     userId,
@@ -2549,6 +2608,34 @@ async function handlePublish(args, userId, authContext) {
       groups: args.groups,
       additional_tags: args.additional_tags
     });
+    const destinations = [...args.spaces || [], ...args.groups || []].join(", ");
+    const confirmation = await elicitConfirmation({
+      server,
+      message: `Publish memory "${args.memory_id}" to ${destinations || "default space"}?`
+    });
+    if (confirmation.type === "confirmed") {
+      const confirmResult = await space.confirm({ token: result.token });
+      return JSON.stringify(
+        {
+          success: confirmResult.success,
+          composite_id: confirmResult.composite_id,
+          published_to: confirmResult.published_to,
+          failed: confirmResult.failed?.length ? confirmResult.failed : void 0,
+          space_ids: confirmResult.space_ids,
+          group_ids: confirmResult.group_ids
+        },
+        null,
+        2
+      );
+    }
+    if (confirmation.type === "declined") {
+      await space.deny({ token: result.token });
+      return JSON.stringify(
+        { success: false, message: "Publication cancelled by user." },
+        null,
+        2
+      );
+    }
     return JSON.stringify(
       {
         success: true,
@@ -2611,7 +2698,7 @@ Orphaned memories are preserved for historical reference but become unsearchable
     required: ["memory_id"]
   }
 };
-async function handleRetract(args, userId, authContext) {
+async function handleRetract(args, userId, authContext, server) {
   const debug = createDebugLogger({
     tool: "remember_retract",
     userId,
@@ -2626,6 +2713,35 @@ async function handleRetract(args, userId, authContext) {
       spaces: args.spaces,
       groups: args.groups
     });
+    const destinations = [...args.spaces || [], ...args.groups || []].join(", ");
+    const confirmation = await elicitConfirmation({
+      server,
+      message: `Retract memory "${args.memory_id}" from ${destinations || "all destinations"}?`
+    });
+    if (confirmation.type === "confirmed") {
+      const confirmResult = await space.confirm({ token: result.token });
+      return JSON.stringify(
+        {
+          success: confirmResult.success,
+          composite_id: confirmResult.composite_id,
+          retracted_from: confirmResult.retracted_from,
+          failed: confirmResult.failed?.length ? confirmResult.failed : void 0,
+          space_ids: confirmResult.space_ids,
+          group_ids: confirmResult.group_ids,
+          is_orphaned: confirmResult.space_ids?.length === 0 && confirmResult.group_ids?.length === 0
+        },
+        null,
+        2
+      );
+    }
+    if (confirmation.type === "declined") {
+      await space.deny({ token: result.token });
+      return JSON.stringify(
+        { success: false, message: "Retraction cancelled by user." },
+        null,
+        2
+      );
+    }
     return JSON.stringify(
       {
         success: true,
@@ -2684,7 +2800,7 @@ Requirements:
     required: ["memory_id"]
   }
 };
-async function handleRevise(args, userId, authContext) {
+async function handleRevise(args, userId, authContext, server) {
   const debug = createDebugLogger({
     tool: "remember_revise",
     userId,
@@ -2697,6 +2813,37 @@ async function handleRevise(args, userId, authContext) {
     const result = await space.revise({
       memory_id: args.memory_id
     });
+    const confirmation = await elicitConfirmation({
+      server,
+      message: `Revise all published copies of memory "${args.memory_id}"?`
+    });
+    if (confirmation.type === "confirmed") {
+      const confirmResult = await space.confirm({ token: result.token });
+      const results = confirmResult.results || [];
+      const successCount = results.filter((r) => r.status === "success").length;
+      const failedCount = results.filter((r) => r.status === "failed").length;
+      const skippedCount = results.filter((r) => r.status === "skipped").length;
+      return JSON.stringify(
+        {
+          success: confirmResult.success,
+          composite_id: confirmResult.composite_id,
+          revised_at: confirmResult.revised_at,
+          summary: { total: results.length, success: successCount, failed: failedCount, skipped: skippedCount },
+          results,
+          ...failedCount > 0 ? { warnings: [`Failed to revise ${failedCount} of ${results.length} location(s)`] } : {}
+        },
+        null,
+        2
+      );
+    }
+    if (confirmation.type === "declined") {
+      await space.deny({ token: result.token });
+      return JSON.stringify(
+        { success: false, message: "Revision cancelled by user." },
+        null,
+        2
+      );
+    }
     return JSON.stringify(
       {
         success: true,
@@ -3706,7 +3853,7 @@ This is the ONLY way to change a memory's trust level. Trust cannot be set durin
     required: ["memory_id", "trust_level"]
   }
 };
-async function handleRequestSetTrustLevel(args, userId, authContext) {
+async function handleRequestSetTrustLevel(args, userId, authContext, server) {
   const debug = createDebugLogger({
     tool: "remember_request_set_trust_level",
     userId,
@@ -3733,6 +3880,29 @@ async function handleRequestSetTrustLevel(args, userId, authContext) {
       4: "RESTRICTED",
       5: "SECRET"
     };
+    const currentName = TRUST_NAMES[result.current_trust_level] || "UNKNOWN";
+    const requestedName = TRUST_NAMES[result.requested_trust_level] || "UNKNOWN";
+    const confirmation = await elicitConfirmation({
+      server,
+      message: `Change trust level for memory "${args.memory_id}" from ${currentName} (${result.current_trust_level}) to ${requestedName} (${result.requested_trust_level})?`
+    });
+    if (confirmation.type === "confirmed") {
+      const confirmResult = await memory.confirmSetTrustLevel(result.token);
+      return JSON.stringify({
+        success: true,
+        memory_id: confirmResult.memory_id,
+        previous_trust_level: confirmResult.previous_trust_level,
+        new_trust_level: confirmResult.new_trust_level,
+        updated_at: confirmResult.updated_at,
+        message: `Trust level changed from ${TRUST_NAMES[confirmResult.previous_trust_level] || confirmResult.previous_trust_level} to ${TRUST_NAMES[confirmResult.new_trust_level] || confirmResult.new_trust_level}`
+      }, null, 2);
+    }
+    if (confirmation.type === "declined") {
+      return JSON.stringify({
+        success: false,
+        message: "Trust level change cancelled by user."
+      }, null, 2);
+    }
     return JSON.stringify({
       token: result.token,
       request_id: result.request_id,
@@ -3740,10 +3910,10 @@ async function handleRequestSetTrustLevel(args, userId, authContext) {
       memory_id: result.memory_id,
       current_trust_level: result.current_trust_level,
       requested_trust_level: result.requested_trust_level,
-      current_trust_name: TRUST_NAMES[result.current_trust_level] || "UNKNOWN",
-      requested_trust_name: TRUST_NAMES[result.requested_trust_level] || "UNKNOWN",
+      current_trust_name: currentName,
+      requested_trust_name: requestedName,
       expires_at: result.expires_at,
-      message: `Trust level change requested: ${TRUST_NAMES[result.current_trust_level] || result.current_trust_level} (${result.current_trust_level}) \u2192 ${TRUST_NAMES[result.requested_trust_level] || result.requested_trust_level} (${result.requested_trust_level}). Confirm with token to apply.`
+      message: `Trust level change requested: ${currentName} (${result.current_trust_level}) \u2192 ${requestedName} (${result.requested_trust_level}). Confirm with token to apply.`
     }, null, 2);
   } catch (error) {
     debug.error("Tool failed", { error: error instanceof Error ? error.message : String(error) });
@@ -5319,7 +5489,7 @@ function registerHandlers(server, userId, accessToken, internalContext) {
           result = await handleSearchMemory(args, userId, authContext);
           break;
         case "remember_delete_memory":
-          result = await handleDeleteMemory(args, userId, authContext);
+          result = await handleDeleteMemory(args, userId, authContext, server);
           break;
         case "remember_update_memory":
           result = await handleUpdateMemory(args, userId, authContext);
@@ -5349,13 +5519,13 @@ function registerHandlers(server, userId, accessToken, internalContext) {
           result = await handleGetPreferences(args, userId, authContext);
           break;
         case "remember_publish":
-          result = await handlePublish(args, userId, authContext);
+          result = await handlePublish(args, userId, authContext, server);
           break;
         case "remember_retract":
-          result = await handleRetract(args, userId, authContext);
+          result = await handleRetract(args, userId, authContext, server);
           break;
         case "remember_revise":
-          result = await handleRevise(args, userId, authContext);
+          result = await handleRevise(args, userId, authContext, server);
           break;
         case "remember_confirm":
           result = await handleConfirm(args, userId, authContext);
@@ -5376,7 +5546,7 @@ function registerHandlers(server, userId, accessToken, internalContext) {
           result = await handleGhostConfig(args, userId, authContext);
           break;
         case "remember_request_set_trust_level":
-          result = await handleRequestSetTrustLevel(args, userId, authContext);
+          result = await handleRequestSetTrustLevel(args, userId, authContext, server);
           break;
         case "remember_search_by":
           result = await handleSearchBy(args, userId, authContext);