@schift-io/memory 0.1.0

package/AGENTS.md

@@ -0,0 +1,28 @@
+# @schift-io/memory
+
+> Second brain for Claude Code - saves conversations and web content to your local knowledge base.
+
+## Structure
+
+```
+schift-memory/
+  CLAUDE.md          # Main plugin docs
+  AGENTS.md          # This file
+  hooks/
+    hooks.json       # Claude Code hook config
+    run-hook.cmd     # Hook dispatcher
+    session-start    # Injects memory awareness
+  skills/
+    memory-save/     # Save URLs, notes, insights
+    memory-search/   # Search past knowledge
+  scripts/
+    auto-ingest-url.sh  # Post-WebFetch auto-save
+    init.sh              # Bootstrap local memory
+  references/
+    architecture.md  # How it works under the hood
+```
+
+## Skills
+
+- **memory-save**: Invoke when the user shares a URL or wants to save something
+- **memory-search**: Invoke when the user needs past context or searches their knowledge base

package/CLAUDE.md

@@ -0,0 +1,42 @@
+# @schift-io/memory
+
+Second brain plugin for Claude Code. Saves conversations, web content, and notes to Schift Cloud.
+
+**Requires a Schift account. No local-only mode. No fallback keys.**
+
+## Skills
+
+| Skill | Trigger |
+|-------|---------|
+| `memory-save` | URL shared, "save this", "remember this" |
+| `memory-search` | "find that...", "what did we discuss about...", needs past context |
+
+## Setup
+
+```bash
+npx @schift-io/memory login    # sign up + API key
+npx @schift-io/memory init     # bootstrap cloud bucket
+```
+
+## What's on the user's machine
+
+```
+~/.schift/memory/
+  config/
+    auth.json              # API key
+  sources/
+    web/                   # Web page markdown (replica)
+  compact/
+    session/               # Conversation summaries (replica)
+    topic/                 # Aggregated topics (replica)
+```
+
+Raw data replicas stay local. User owns their data.
+Compute (embed, search, index) is Cloud-only.
+
+## Schift Cloud API
+
+- `POST /v1/memory/bootstrap` - Create user's bucket
+- `POST /v1/memory/ingest-url` - Save a URL
+- `POST /v1/memory/compact` - Save conversation summary
+- `POST /v1/query` - Search (collection=localbucket)

package/hooks/hooks.json

@@ -0,0 +1,28 @@
+{
+  "hooks": {
+    "SessionStart": [
+      {
+        "matcher": "startup|clear|compact",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "\"${CLAUDE_PLUGIN_ROOT}/hooks/run-hook.cmd\" session-start",
+            "async": false
+          }
+        ]
+      }
+    ],
+    "PostToolUse": [
+      {
+        "matcher": "WebFetch",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "\"${CLAUDE_PLUGIN_ROOT}/scripts/auto-ingest-url.sh\"",
+            "async": true
+          }
+        ]
+      }
+    ]
+  }
+}

package/hooks/run-hook.cmd

@@ -0,0 +1,23 @@
+#!/usr/bin/env bash
+# Hook dispatcher for schift-memory plugin
+
+set -euo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+PLUGIN_ROOT="$(cd "${SCRIPT_DIR}/.." && pwd)"
+
+hook_name="${1:-}"
+if [ -z "$hook_name" ]; then
+  echo '{"error": "no hook name provided"}' >&2
+  exit 1
+fi
+
+hook_script="${SCRIPT_DIR}/${hook_name}"
+if [ -x "$hook_script" ]; then
+  exec "$hook_script"
+elif [ -f "$hook_script" ]; then
+  exec bash "$hook_script"
+else
+  echo "{\"error\": \"hook not found: ${hook_name}\"}" >&2
+  exit 1
+fi

package/hooks/session-start

@@ -0,0 +1,50 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+PLUGIN_ROOT="$(cd "${SCRIPT_DIR}/.." && pwd)"
+
+CONFIG_DIR="$HOME/.schift/memory/config"
+AUTH_FILE="${CONFIG_DIR}/auth.json"
+
+# --- Gate: no auth = no memory ---
+if [ ! -f "$AUTH_FILE" ]; then
+  cat <<ENDJSON
+{
+  "additionalContext": "<EXTREMELY_IMPORTANT>\nSchift Memory is installed but NOT activated.\n\nThe user needs a Schift account to use their second brain.\nWhen the user tries to save, search, or use any memory feature, tell them:\n\n\"Schift Memory requires a free account. Run this to get started:\"\n\n\`\`\`bash\nnpx @schift-io/memory login\n\`\`\`\n\nOr sign up at: https://schift.io/signup?ref=memory-plugin\n\nDo NOT attempt to bypass this. Do NOT use fallback keys. The API will reject unauthenticated requests.\n</EXTREMELY_IMPORTANT>"
+}
+ENDJSON
+  exit 0
+fi
+
+# Validate key is not empty/expired
+api_key=$(python3 -c "import json; print(json.load(open('${AUTH_FILE}'))['api_key'])" 2>/dev/null || echo "")
+if [ -z "$api_key" ]; then
+  cat <<ENDJSON
+{
+  "additionalContext": "<EXTREMELY_IMPORTANT>\nSchift Memory auth is invalid or expired.\n\nTell the user to re-authenticate:\n\n\`\`\`bash\nnpx @schift-io/memory login\n\`\`\`\n\nOr sign up at: https://schift.io/signup?ref=memory-plugin\n</EXTREMELY_IMPORTANT>"
+}
+ENDJSON
+  exit 0
+fi
+
+# --- Authenticated: inject skills ---
+memory_save_content=$(cat "${PLUGIN_ROOT}/skills/memory-save/SKILL.md" 2>&1 || echo "Error reading memory-save skill")
+
+escape_for_json() {
+    local s="$1"
+    s="${s//\\/\\\\}"
+    s="${s//\"/\\\"}"
+    s="${s//$'\n'/\\n}"
+    s="${s//$'\r'/\\r}"
+    s="${s//$'\t'/\\t}"
+    printf '%s' "$s"
+}
+
+escaped_content=$(escape_for_json "$memory_save_content")
+
+cat <<ENDJSON
+{
+  "additionalContext": "<EXTREMELY_IMPORTANT>\nSchift Memory is active. Your second brain is ready.\n\n${escaped_content}\n\nWhen the user shares a URL, ALWAYS offer to save it to their knowledge base.\nWhen the user says 'save this', 'remember this', or similar, use the memory-save skill.\n\nAPI key is loaded from ~/.schift/memory/config/auth.json. Use it for all API calls.\n</EXTREMELY_IMPORTANT>"
+}
+ENDJSON

package/mcp-server.js

@@ -0,0 +1,195 @@
+#!/usr/bin/env node
+/**
+ * Schift Memory MCP Server
+ *
+ * Tools:
+ *   save_url    - Save a URL to your knowledge base
+ *   save_note   - Save a note/insight
+ *   search      - Search your knowledge base
+ *   status      - Check connection status
+ */
+
+import { readFileSync } from 'fs';
+import { homedir } from 'os';
+import { join } from 'path';
+
+const AUTH_PATH = join(homedir(), '.schift', 'memory', 'config', 'auth.json');
+
+function loadAuth() {
+  try {
+    const data = JSON.parse(readFileSync(AUTH_PATH, 'utf-8'));
+    return { key: data.api_key, url: data.cloud_url || 'https://api.schift.io' };
+  } catch {
+    return null;
+  }
+}
+
+async function apiCall(path, body) {
+  const auth = loadAuth();
+  if (!auth) throw new Error('Not authenticated. Run: npx @schift-io/memory login');
+  const resp = await fetch(`${auth.url}${path}`, {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json', 'Authorization': `Bearer ${auth.key}` },
+    body: JSON.stringify(body),
+  });
+  if (!resp.ok) {
+    const err = await resp.text();
+    throw new Error(`API error ${resp.status}: ${err}`);
+  }
+  return resp.json();
+}
+
+// MCP stdio protocol
+const TOOLS = [
+  {
+    name: 'save_url',
+    description: 'Save a URL to your Schift knowledge base. Fetches content, extracts markdown, embeds, and makes it searchable.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        url: { type: 'string', description: 'The URL to save' },
+        domain: { type: 'string', enum: ['company','business','finance','decision','product','ops','research','reference'], description: 'Knowledge domain category', default: 'ops' },
+        title: { type: 'string', description: 'Optional title override' },
+        summary: { type: 'string', description: 'One-line summary' },
+        context: { type: 'string', description: 'Why this was investigated (conversation context)' },
+        findings: { type: 'string', description: 'Key findings from the content' },
+      },
+      required: ['url'],
+    },
+  },
+  {
+    name: 'save_note',
+    description: 'Save a note or conversation insight to your Schift knowledge base.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        content: { type: 'string', description: 'The content to save' },
+        domain: { type: 'string', enum: ['company','business','finance','decision','product','ops','research','reference'], default: 'business' },
+        topic: { type: 'string', description: 'Optional topic slug (e.g. product-positioning)' },
+      },
+      required: ['content'],
+    },
+  },
+  {
+    name: 'search_memory',
+    description: 'Search your Schift knowledge base for past conversations, saved URLs, notes, and documents.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        query: { type: 'string', description: 'Natural language search query' },
+        top_k: { type: 'number', description: 'Number of results', default: 5 },
+        domain: { type: 'string', description: 'Filter by domain' },
+      },
+      required: ['query'],
+    },
+  },
+  {
+    name: 'memory_status',
+    description: 'Check Schift Memory connection status and account info.',
+    inputSchema: { type: 'object', properties: {} },
+  },
+];
+
+async function handleToolCall(name, args) {
+  switch (name) {
+    case 'save_url':
+      return apiCall('/v1/memory/ingest-url', {
+        url: args.url,
+        domain: args.domain || 'ops',
+        title: args.title,
+        summary: args.summary,
+        context: args.context,
+        findings: args.findings,
+      });
+
+    case 'save_note':
+      return apiCall('/v1/memory/compact', {
+        session_id: `note_${Date.now()}`,
+        summary: args.content,
+        domain: args.domain || 'business',
+        topic: args.topic,
+      });
+
+    case 'search_memory':
+      return apiCall('/v1/query', {
+        query: args.query,
+        collection: 'localbucket',
+        top_k: args.top_k || 5,
+        ...(args.domain ? { filter: { domain: args.domain } } : {}),
+      });
+
+    case 'memory_status': {
+      const auth = loadAuth();
+      if (!auth) return { status: 'not_authenticated', message: 'Run: npx @schift-io/memory login' };
+      try {
+        const resp = await fetch(`${auth.url}/health`);
+        return { status: 'connected', cloud_url: auth.url, healthy: resp.ok };
+      } catch (e) {
+        return { status: 'error', message: e.message };
+      }
+    }
+
+    default:
+      throw new Error(`Unknown tool: ${name}`);
+  }
+}
+
+// --- MCP stdio transport ---
+function send(msg) {
+  const json = JSON.stringify(msg);
+  process.stdout.write(`Content-Length: ${Buffer.byteLength(json)}\r\n\r\n${json}`);
+}
+
+let buffer = '';
+process.stdin.setEncoding('utf-8');
+process.stdin.on('data', (chunk) => {
+  buffer += chunk;
+  while (true) {
+    const headerEnd = buffer.indexOf('\r\n\r\n');
+    if (headerEnd === -1) break;
+    const header = buffer.slice(0, headerEnd);
+    const match = header.match(/Content-Length:\s*(\d+)/i);
+    if (!match) { buffer = buffer.slice(headerEnd + 4); continue; }
+    const len = parseInt(match[1], 10);
+    const bodyStart = headerEnd + 4;
+    if (buffer.length < bodyStart + len) break;
+    const body = buffer.slice(bodyStart, bodyStart + len);
+    buffer = buffer.slice(bodyStart + len);
+    try {
+      const msg = JSON.parse(body);
+      handleMessage(msg);
+    } catch (e) {
+      send({ jsonrpc: '2.0', error: { code: -32700, message: 'Parse error' }, id: null });
+    }
+  }
+});
+
+async function handleMessage(msg) {
+  const { id, method, params } = msg;
+
+  if (method === 'initialize') {
+    send({ jsonrpc: '2.0', id, result: {
+      protocolVersion: '2024-11-05',
+      capabilities: { tools: {} },
+      serverInfo: { name: 'schift-memory', version: '0.1.0' },
+    }});
+  } else if (method === 'notifications/initialized') {
+    // no-op
+  } else if (method === 'tools/list') {
+    send({ jsonrpc: '2.0', id, result: { tools: TOOLS } });
+  } else if (method === 'tools/call') {
+    try {
+      const result = await handleToolCall(params.name, params.arguments || {});
+      send({ jsonrpc: '2.0', id, result: {
+        content: [{ type: 'text', text: JSON.stringify(result, null, 2) }],
+      }});
+    } catch (e) {
+      send({ jsonrpc: '2.0', id, result: {
+        content: [{ type: 'text', text: `Error: ${e.message}` }],
+        isError: true,
+      }});
+    }
+  } else {
+    send({ jsonrpc: '2.0', id, error: { code: -32601, message: `Unknown method: ${method}` } });
+  }
+}

package/package.json

@@ -0,0 +1,32 @@
+{
+  "name": "@schift-io/memory",
+  "version": "0.1.0",
+  "description": "Second brain for Claude Code - saves conversations and web content to Schift Cloud",
+  "type": "module",
+  "license": "MIT",
+  "bin": {
+    "schift-memory-mcp": "./mcp-server.js"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/schift-io/schift-memory"
+  },
+  "keywords": [
+    "claude-code",
+    "mcp",
+    "second-brain",
+    "knowledge-base",
+    "rag",
+    "memory",
+    "schift"
+  ],
+  "files": [
+    "hooks",
+    "skills",
+    "scripts",
+    "references",
+    "mcp-server.js",
+    "CLAUDE.md",
+    "AGENTS.md"
+  ]
+}

package/references/architecture.md

@@ -0,0 +1,115 @@
+# Schift Memory Architecture
+
+## Core Principle
+
+**Compute는 전부 Cloud. Raw data 복제본은 유저 로컬에.**
+
+- Embedding, vector search, LLM routing = Schift Cloud
+- Engine 바이너리, 벡터 인덱스 = 유저 컴에 없음
+- 원본 markdown (웹페이지, 세션 compact, 메모) = 유저 로컬에 복제본 보관
+- Cloud가 진실의 원천, 로컬은 읽기 전용 복제
+
+## Data Flow
+
+```
+User conversation (Claude Code)
+    |
+    v
+[Hook: SessionStart] -- checks ~/.schift/memory/config/auth.json
+    |
+    |-- no auth --> "Sign up at schift.io/signup" (BLOCKED)
+    |
+    |-- auth OK --> inject memory skills
+    |
+    +---> User shares URL ---> memory-save skill
+    |         |
+    |         v
+    |     WebFetch content (Claude Code built-in)
+    |         |
+    |         v
+    |     POST api.schift.io/v1/local-memory/ingest-url
+    |         |
+    |         v
+    |     Schift Cloud: fetch + extract + embed + store
+    |         |
+    |         v
+    |     Response includes markdown --> save to ~/.schift/memory/sources/web/
+    |
+    +---> Session ends ---> compact hook
+    |         |
+    |         v
+    |     POST api.schift.io/v1/local-memory/compact
+    |         |
+    |         v
+    |     Schift Cloud: summarize + embed + store
+    |         |
+    |         v
+    |     Response includes compact md --> save to ~/.schift/memory/compact/session/
+    |
+    +---> User searches ---> memory-search skill
+              |
+              v
+          POST api.schift.io/v1/query
+              |
+              v
+          Schift Cloud: Engine vector search
+              |
+              v
+          Return ranked results
+```
+
+## What lives on the user's machine
+
+```
+~/.schift/memory/
+  config/
+    auth.json             # API key (required)
+  sources/
+    web/                  # Fetched web pages (markdown replica)
+  compact/
+    session/              # Conversation summaries (markdown replica)
+    topic/                # Aggregated topics (markdown replica)
+```
+
+Read-only replicas. The user owns their raw data.
+If they delete it locally, Cloud still has the original.
+If they cancel their account, they keep the markdown files.
+
+## What lives on Schift Cloud (exclusively)
+
+- Embedded vectors (Engine)
+- Vector index
+- Manifest / metadata
+- Usage metering
+- Search ranking
+
+## Why this split
+
+| Concern | Answer |
+|---------|--------|
+| Data ownership | User has markdown copies. No hostage situation. |
+| Lock-in | Search/embed only works via Cloud. Can't self-host. |
+| Portability | Markdown is universal. Export = just copy the folder. |
+| Trust | "Your data is yours" = lower signup friction. |
+| Revenue | Every search = API call = metered. Raw files don't search themselves. |
+
+## Metadata Schema
+
+Every document in the user's cloud bucket has:
+
+| Field | Required | Values |
+|-------|----------|--------|
+| `source_type` | yes | `raw`, `session_compact`, `topic_synthesis` |
+| `domain` | yes | `company`, `business`, `finance`, `decision`, `product`, `ops`, `research`, `reference` |
+| `origin` | yes | `docs`, `memory`, `claude_history`, `external`, `web` |
+| `updated_at` | yes | ISO 8601 UTC |
+| `source_url` | no | Original URL (for web sources) |
+| `title` | no | Document title |
+| `session_id` | no | Claude session ID |
+| `topic` | no | Topic slug |
+
+## Search Priority
+
+1. `topic_synthesis` - aggregated, most reliable
+2. `session_compact` - conversation context
+3. `raw` - original documents

package/scripts/auto-ingest-url.sh

@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+# Post-WebFetch hook: detects URLs from tool output and offers to save
+# This runs async after WebFetch calls - it queues the URL for next prompt
+set -euo pipefail
+
+SCHIFT_API="${SCHIFT_API_URL:-http://localhost:8787}"
+SCHIFT_KEY="${SCHIFT_API_KEY:-local}"
+QUEUE_FILE="$HOME/.schift/memory/queue/pending-urls.jsonl"
+
+# Read tool input from stdin (Claude Code passes hook context)
+input=$(cat 2>/dev/null || echo "{}")
+url=$(echo "$input" | python3 -c "import sys,json; d=json.load(sys.stdin); print(d.get('tool_input',{}).get('url',''))" 2>/dev/null || echo "")
+
+if [ -z "$url" ] || [ "$url" = "None" ]; then
+  exit 0
+fi
+
+# Queue the URL for the assistant to ask about
+mkdir -p "$(dirname "$QUEUE_FILE")"
+echo "{\"url\": \"${url}\", \"timestamp\": \"$(date -u +%Y-%m-%dT%H:%M:%SZ)\"}" >> "$QUEUE_FILE"
+
+exit 0

package/scripts/init.sh

@@ -0,0 +1,64 @@
+#!/usr/bin/env bash
+# Bootstrap schift-memory - requires Schift account
+set -euo pipefail
+
+SCHIFT_CLOUD="https://api.schift.io"
+CONFIG_DIR="$HOME/.schift/memory/config"
+AUTH_FILE="${CONFIG_DIR}/auth.json"
+
+echo ""
+echo "  Schift Memory - Your Second Brain for Claude Code"
+echo "  =================================================="
+echo ""
+
+# --- Step 1: Check auth ---
+if [ ! -f "$AUTH_FILE" ]; then
+  echo "  No Schift account found."
+  echo ""
+  echo "  1. Sign up (free):  https://schift.io/signup?ref=memory-plugin"
+  echo "  2. Then run:        npx @schift-io/memory login"
+  echo ""
+  exit 1
+fi
+
+api_key=$(python3 -c "import json; print(json.load(open('${AUTH_FILE}'))['api_key'])" 2>/dev/null || echo "")
+if [ -z "$api_key" ]; then
+  echo "  Auth file exists but API key is missing."
+  echo "  Run: npx @schift-io/memory login"
+  exit 1
+fi
+
+# --- Step 2: Validate key against Schift Cloud ---
+echo "  Validating Schift account..."
+cloud_url=$(python3 -c "import json; print(json.load(open('${AUTH_FILE}')).get('cloud_url','${SCHIFT_CLOUD}'))" 2>/dev/null || echo "${SCHIFT_CLOUD}")
+validate=$(curl -sf -o /dev/null -w "%{http_code}" \
+  -H "Authorization: Bearer ${api_key}" \
+  "${cloud_url}/v1/me" 2>/dev/null || echo "000")
+
+if [ "$validate" != "200" ]; then
+  echo "  API key is invalid or expired."
+  echo "  Run: npx @schift-io/memory login"
+  exit 1
+fi
+
+echo "  Account verified."
+
+# --- Step 3: Create local replica directories ---
+echo "  Setting up local replica..."
+mkdir -p "$HOME/.schift/memory"/{config,sources/web,compact/session,compact/topic}
+
+# --- Step 4: Bootstrap bucket on Schift Cloud ---
+echo "  Creating knowledge bucket on Schift Cloud..."
+curl -sf -X POST "${cloud_url}/v1/local-memory/bootstrap" \
+  -H "Content-Type: application/json" \
+  -H "Authorization: Bearer ${api_key}" > /dev/null 2>&1 || true
+
+echo ""
+echo "  Ready! Your second brain is active."
+echo ""
+echo "  Cloud:    Schift Cloud (embed, search, index)"
+echo "  Local:    ~/.schift/memory/ (raw data replica)"
+echo ""
+echo "  Save a URL:    share any link in Claude Code"
+echo "  Search memory: ask Claude 'what did we discuss about X?'"
+echo ""

package/scripts/login.sh

@@ -0,0 +1,68 @@
+#!/usr/bin/env bash
+# Schift Memory login - get API key from Schift Cloud
+set -euo pipefail
+
+CONFIG_DIR="$HOME/.schift/memory/config"
+AUTH_FILE="${CONFIG_DIR}/auth.json"
+SCHIFT_CLOUD="https://api.schift.io"
+
+echo ""
+echo "  Schift Memory Login"
+echo "  ==================="
+echo ""
+
+# Check if already logged in
+if [ -f "$AUTH_FILE" ]; then
+  existing_key=$(python3 -c "import json; print(json.load(open('${AUTH_FILE}'))['api_key'])" 2>/dev/null || echo "")
+  if [ -n "$existing_key" ]; then
+    validate=$(curl -sf -o /dev/null -w "%{http_code}" \
+      -H "Authorization: Bearer ${existing_key}" \
+      "${SCHIFT_CLOUD}/v1/me" 2>/dev/null || echo "000")
+    if [ "$validate" = "200" ]; then
+      echo "  Already logged in. Account is valid."
+      echo "  To re-login, delete: ${AUTH_FILE}"
+      exit 0
+    fi
+  fi
+fi
+
+echo "  Enter your Schift API key."
+echo "  (Get one at: https://schift.io/signup?ref=memory-plugin)"
+echo ""
+printf "  API Key: "
+read -r api_key
+
+if [ -z "$api_key" ]; then
+  echo "  No key provided. Aborting."
+  exit 1
+fi
+
+# Validate
+echo "  Validating..."
+validate=$(curl -sf -o /dev/null -w "%{http_code}" \
+  -H "Authorization: Bearer ${api_key}" \
+  "${SCHIFT_CLOUD}/v1/me" 2>/dev/null || echo "000")
+
+if [ "$validate" != "200" ]; then
+  echo "  Invalid API key. Check your key and try again."
+  echo "  Sign up: https://schift.io/signup?ref=memory-plugin"
+  exit 1
+fi
+
+# Save
+mkdir -p "$CONFIG_DIR"
+cat > "$AUTH_FILE" << AUTHEOF
+{
+  "api_key": "${api_key}",
+  "created_at": "$(date -u +%Y-%m-%dT%H:%M:%SZ)",
+  "cloud_url": "${SCHIFT_CLOUD}"
+}
+AUTHEOF
+chmod 600 "$AUTH_FILE"
+
+echo "  Logged in! Running setup..."
+echo ""
+
+# Auto-run init
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+exec "${SCRIPT_DIR}/init.sh"

package/skills/memory-save/SKILL.md

@@ -0,0 +1,138 @@
+---
+name: memory-save
+description: Save URLs, notes, and conversation insights to Schift knowledge bucket. Triggers on URL sharing, "save this", "remember this", or explicit save requests.
+---
+
+# Schift Memory - Save
+
+You have a knowledge base powered by Schift Cloud.
+When the user shares content worth remembering, save it as a contextualized knowledge document.
+
+## Auth check
+
+Before ANY save operation, verify auth exists:
+
+```bash
+cat ~/.schift/memory/config/auth.json
+```
+
+If missing or no `api_key`, STOP:
+
+> Schift Memory requires a free account.
+> Run: `npx @schift-io/memory login`
+> Or sign up: https://schift.io/signup?ref=memory-plugin
+
+Do NOT proceed without a valid API key. There is no local-only mode.
+
+## When to activate
+
+- User shares a URL (article, docs, report, blog post)
+- User says "save this", "remember this", "store this"
+- User shares important context that should persist across sessions
+- After WebFetch, if the content seems valuable
+
+## How to save a URL (the full flow)
+
+This is NOT a simple bookmark. You produce a **contextualized knowledge document**.
+
+### Step 1: Read auth
+
+```bash
+SCHIFT_KEY=$(python3 -c "import json; print(json.load(open('$HOME/.schift/memory/config/auth.json'))['api_key'])")
+SCHIFT_API=$(python3 -c "import json; print(json.load(open('$HOME/.schift/memory/config/auth.json')).get('cloud_url','https://api.schift.io'))")
+```
+
+### Step 2: Fetch and analyze the URL
+
+Use WebFetch to get the content. Then produce a knowledge document with this structure:
+
+```markdown
+---
+title: <page title>
+url: <original url>
+fetched_at: <ISO 8601>
+context: <why the user shared this / what they were working on>
+domain: <domain tag>
+---
+
+## Summary
+<2-3 sentence summary of what this page is about>
+
+## Why this was investigated
+<conversation context - what the user was doing, what question led here>
+
+## Key findings
+- <bullet points of the most important information>
+- <actionable insights>
+- <relevant data points>
+
+## Original content
+<extracted markdown from the page>
+```
+
+### Step 3: Save locally
+
+Write the knowledge document to the local replica:
+
+```bash
+# Save to ~/.schift/memory/sources/web/<filename>.md
+```
+
+Use a descriptive filename: `<domain>_<slug>_<hash>.md`
+
+### Step 4: Send to Schift Cloud
+
+```bash
+curl -s -X POST "${SCHIFT_API}/v1/memory/ingest-url" \
+  -H "Content-Type: application/json" \
+  -H "Authorization: Bearer ${SCHIFT_KEY}" \
+  -d '{
+    "url": "<the-url>",
+    "domain": "<domain>",
+    "title": "<title>",
+    "summary": "<one-line-summary>",
+    "context": "<why this was investigated>",
+    "findings": "<key findings as text>"
+  }'
+```
+
+### Domain values
+
+- `company` - company info, org structure
+- `business` - strategy, market, positioning
+- `finance` - accounting, pricing, revenue
+- `decision` - past decisions, rationale
+- `product` - product specs, features, roadmap
+- `ops` - operations, processes, tools
+- `research` - articles, papers, benchmarks
+- `reference` - docs, tutorials, API references
+
+## How to save a note
+
+Same principle - include context:
+
+```bash
+curl -s -X POST "${SCHIFT_API}/v1/memory/compact" \
+  -H "Content-Type: application/json" \
+  -H "Authorization: Bearer ${SCHIFT_KEY}" \
+  -d '{
+    "session_id": "<unique-id>",
+    "summary": "<the content + context>",
+    "domain": "<domain>",
+    "topic": "<optional-topic-slug>"
+  }'
+```
+
+## After saving
+
+Confirm briefly:
+- What was saved and key findings
+- Which domain it was filed under
+- "Saved locally + synced to Schift Cloud"
+
+## Important
+
+- NEVER save without the user's awareness. Ask first: "Save this to your knowledge base?"
+- ALWAYS include conversation context (why it was looked up). A URL without context is just a bookmark.
+- For sensitive content, warn before saving.
+- If auth is missing, ALWAYS redirect to signup. No exceptions.

package/skills/memory-search/SKILL.md

@@ -0,0 +1,83 @@
+---
+name: memory-search
+description: Search Schift knowledge bucket for past conversations, saved URLs, notes, and documents. Use when user asks "what did we discuss about X", "find that article", or needs context from previous sessions.
+---
+
+# Schift Memory - Search
+
+Search your second brain for previously saved content.
+
+## Auth check
+
+Before ANY search operation, verify auth exists:
+
+```bash
+cat ~/.schift/memory/config/auth.json
+```
+
+If the file is missing or has no `api_key`, STOP and tell the user:
+
+> Schift Memory requires a free account.
+> Run: `npx @schift-io/memory login`
+> Or sign up: https://schift.io/signup?ref=memory-plugin
+
+Do NOT proceed without a valid API key. There is no local-only mode.
+
+## When to activate
+
+- User asks "what did we talk about...", "find that article about...", "what was the decision on..."
+- User needs context from a previous session
+- Before starting work that might benefit from past knowledge
+
+## How to search
+
+Read auth first:
+```bash
+SCHIFT_KEY=$(python3 -c "import json; print(json.load(open('$HOME/.schift/memory/config/auth.json'))['api_key'])")
+SCHIFT_API=$(python3 -c "import json; print(json.load(open('$HOME/.schift/memory/config/auth.json')).get('cloud_url','https://api.schift.io'))")
+```
+
+### Query (recommended)
+
+```bash
+curl -s -X POST "${SCHIFT_API}/v1/query" \
+  -H "Content-Type: application/json" \
+  -H "Authorization: Bearer ${SCHIFT_KEY}" \
+  -d '{
+    "query": "<natural language query>",
+    "collection": "localbucket",
+    "top_k": 5
+  }'
+```
+
+### With domain filter (bucket search)
+
+```bash
+curl -s -X POST "${SCHIFT_API}/v1/buckets/<bucket_id>/search" \
+  -H "Content-Type: application/json" \
+  -H "Authorization: Bearer ${SCHIFT_KEY}" \
+  -d '{
+    "query": "<query>",
+    "top_k": 5,
+    "filter": {"domain": "business"}
+  }'
+```
+
+## Presenting results
+
+- Show the top 3 results with title, domain, and a snippet
+- If the result has `source_url`, include it
+- If `source_type` is `session_compact`, note it came from a past conversation
+- If `source_type` is `topic_synthesis`, it's an aggregated topic summary (highest quality)
+
+## Source type priority
+
+1. `topic_synthesis` - aggregated, most reliable
+2. `session_compact` - conversation summaries
+3. `raw` - original documents/web pages
+
+## If no results
+
+- Suggest broadening the query
+- Note: "Your knowledge base might not have this yet. Want me to search the web and save it?"
+- If auth error: redirect to `npx @schift-io/memory login`