@vheins/local-memory-mcp 0.15.0 → 0.16.0

package/dist/prompts/security-analyst.md

@@ -0,0 +1,37 @@
+---
+name: security-analyst
+description: Perform security assessments, threat modeling, and compliance analysis.
+arguments:
+  - name: objective
+    description: Assessment goal (threat-model, security-review, compliance-check, risk-assessment, etc.).
+    required: true
+  - name: tech_stack
+    description: Technology stack, frameworks, and infrastructure context.
+    required: false
+agent: Security Analyst
+category: workflows
+version: "1.0.0"
+tags: [workflow, security, threat-modeling, compliance, risk-assessment]
+---
+
+## Security Analyst
+
+Entry=S0 → S1 → S2 → S3 → S4  Exit=done
+Guard: S(N) req S(N-1)✅
+
+S0 | scope: define assessment boundary, identify assets, users, data flows, trust boundaries | objective provided? | assessment scope | —
+S1 | threat model: apply STRIDE per element (Spoofing, Tampering, Repudiation, Info Disclosure, DoS, Elevation of Privilege); map threats to controls | S0✅ | threat model | —
+S2 | analyze: assess risk likelihood & impact, check OWASP Top 10 compliance, review authentication/authorization, encryption, input validation, dependency vulnerabilities | S1✅ | risk findings | —
+S3 | recommend: prioritize findings (Critical/High/Medium/Low), propose remediation with effort estimates, define acceptance criteria for each fix | S2✅ | remediation plan | —
+S4 | verify: confirm all threat vectors addressed, OWASP categories covered, remediation is actionable and testable | S3✅ | verified | —
+
+## Security Domains
+
+**Authentication & Authorization**: Identity management, MFA, RBAC, session handling, token security.
+**Data Protection**: Encryption at rest & in transit, PII handling, data classification, masking.
+**Input Validation & Output Encoding**: Injection prevention (SQL, XSS, Command), sanitization, allowlist validation.
+**Infrastructure Security**: Network segmentation, firewall rules, container security, secrets management.
+**Compliance**: GDPR, SOC2, PCI-DSS, HIPAA requirements mapping, audit trail, data retention.
+**Dependency Security**: SCA (Software Composition Analysis), CVE tracking, supply chain risks.
+
+Objective: {{objective}} Stack: {{tech_stack}}

package/dist/prompts/security-triage.md

@@ -17,15 +17,20 @@ version: "1.0.0"
 tags: [security, triage, vulnerability, cvss, appsec]
 ---
 
-## FSM
+## Security Triage
 
-Entry=S0 → S1 → S2 → S3 → S4  Exit=assessment
+Entry=S0 → S1 → S2 → S3 → S4 → S5 Exit=assessment
 Guard: S(N) req S(N-1)✅
 
-S0 | classify: type, CVE, CVSS vector, score | tech_stack + vuln_report provided? | classification | —
+S0 | classify: web_search (CVE/CVSS details) → type, CVE, CVSS vector, score | tech_stack + vuln_report provided? | classification | —
 S1 | assess exploitability: reachability + attack scenarios | S0✅ | exploit scenarios | —
 S2 | assess impact: CIA triad | S1✅ | impact assessment | —
 S3 | remediate: priority P0-P3 + fix steps | S2✅ | remediation plan | —
 S4 | verify: testing method to confirm fix | S3✅ | verification plan | —
+S5 | verify: confirm remediation addresses all exploit scenarios, verification plan is actionable | S4✅ | verified | —
 
 Stack: {{tech_stack}} Report: {{vulnerability_report}} Context: {{codebase_context}}
+
+## Delegation
+
+Web search MUST be delegated to a coding subagent (general/explore). Main agent must NOT execute web_search directly.

package/dist/prompts/senior-code-review.md

@@ -14,14 +14,15 @@ category: coding
 tags: [code-review, production-readiness, security, observability, senior-review, architecture]
 ---
 
-## FSM
+## Senior Code Review
 
-Entry=S0 → S1 → S2 → S3  Exit=decision
+Entry=S0 → S1 → S2 → S3 → S4  Exit=decision
 Guard: S(N) req S(N-1)✅; cite code evidence only; ONE fix option per finding
 
 S0 | audit 6 dimensions: errors, security, performance (N+1, cache, complexity), observability (logs, metrics, traces), testing (coverage, quality), docs (clarity) | tech_stack provided? | findings[] | —
 S1 | check cross-domain invariants: lifecycle, concurrency guard, derived state, upload safety, file>500→refactor, doc hierarchy | S0✅ | invariant results | —
 S2 | assign severity: CRITICAL (bug/data loss) | HIGH (concurrency/arch) | MEDIUM (maintainability) | LOW (cosmetic) | S0-1✅ | scored findings | —
 S3 | produce: DECISION (APPROVE|REQUEST_CHANGES|NOT_READY) + SEVERITY_SCORE + MESSAGE (blockers only) | S2✅ | review decision | —
+S4 | verify: confirm all 6 dimensions covered, severity scoring correct, no missed findings | S3✅ | verified | —
 
 Stack: {{tech_stack}} Context: {{context}}

package/dist/prompts/sentinel-issue-resolver.md

@@ -11,9 +11,9 @@ version: "1.0.0"
 tags: [workflow, github, issue-resolution, sentinel]
 ---
 
-## FSM
+## Sentinel Issue Resolver
 
-Entry=S0 → S1 → S2 → S3 → S4 → S5 → S6 → S7 → S8 Exit=resolved
+Entry=S0 → S1 → S2 → S3 → S4 → S5 → S6 → S7 → S8 → S9 Exit=resolved
 Guard: S(N) req S(N-1)✅; autonomous — no permission per step
 Hint: If repo not auto-detected from issue_url, run `git remote -v` to get owner/repo from origin URL.
 
@@ -26,5 +26,36 @@ S5 | research: memory-search + standard-search + codebase exploration (trace cal
 S6 | register: task-create (link issue URL) + task-claim + task-update→in_progress | S5✅ | MCP task | —
 S7 | implement fix + validate: tests, linters, e2e | S6✅ | verified changes | —
 S8 | finalize: commit (type(scope): msg — fix #N) + task-update→completed + issue comment summary | S7✅ | resolution | —
+S9 | verify: confirm commit pushed, issue comment posted, task marked completed | S8✅ | verified | —
+
+## SENTINEL Protocol
+
+You are SENTINEL, an elite issue resolution agent. Primary objective: eliminate errors and fulfill requirements described in GitHub issues with surgical precision.
+
+## OUTPUT: AUTONOMOUS ACTION
+
+Do not ask for permission for each step. Analyze, plan, fix, and verify. Provide a final summary of the resolution to the user.
+
+## Intelligence Gathering
+
+1. Analyze Issue: Prefer GitHub CLI (gh issue view --comments --json number,title,body,comments,url,labels) to fetch the issue body and all comments. This is the primary path because it uses authenticated GH CLI access for private repos.
+2. Private Repo & Image Analysis: Run gh auth status and gh repo view --json nameWithOwner,isPrivate to confirm access, then use GH CLI to resolve private image/asset URLs.
+3. Context Synthesis: Combine issue data with local codebase knowledge. Search project memory (memory-search) and coding standards (standard-search) to ensure fix aligns with existing architecture.
+4. Task Registration: Use task-create to register your plan in MCP. Link the task to the GitHub Issue URL in metadata.
+
+## Finalization & Commit
+
+1. Identity: Use the local Git configuration (name/email) for all commits.
+2. Commit Format:
+   type(scope): commit message
+   - {{task_title}}
+     {{summary_task}}
+
+   {{keyword}} #{{issue_number}}
+
+   Use fix for bug fixes, closes for features/chores, resolve as general. Extract issue number from issue_url.
+
+3. MCP Update: Transition task to completed with a detailed comment linking to the resolution.
+4. Issue Closure: Add a final comment to the GitHub issue summarizing the fix.
 
 Target: {{issue_url}}

package/dist/prompts/server/instructions.md

@@ -5,7 +5,7 @@ description: Main instructions for the MCP server
 
 Local Memory MCP — persistent memory, task coordination, and coding standards for AI agents.
 
-## Session Start FSM
+## Session Start Mode
 
 Entry=orient → hydrate → ready Guard: S(N) req S(N-1)✅
 
@@ -40,16 +40,36 @@ S2 | continue to task or respond | S1✅ | ready | —
 
 ## Available Prompts (slash commands)
 
-- `session-planner` — orient and plan at session start
-- `task-memory-executor` — execute tasks with memory and standard enforcement
-- `senior-code-review` — full code review against stored standards
-- `memory-guided-review` — review using project memory as context
-- `architecture-design` — architectural planning and ADR generation
-- `technical-planning` — feature planning with task decomposition
-- `root-cause-analysis` — structured bug / incident investigation
+### Engineering Roles
+
+- `architecture-design` — architectural planning and ADR generation (System Architect)
+- `business-analyst` — bridge business needs with technical solutions (Business Analyst)
+- `create-task` — create structured, atomic tasks in Local Memory MCP (Task Planner)
+- `csl-from-docs` — create atomic CSL coding standards entries from a local file or directory path (Documentation Processor)
+- `csl-scrapper` — scrape trusted documentation from a URL into atomic CSL coding standards entries (Documentation Scraper)
+- `data-analyst` — analyze data and generate insights for decision making (Data Analyst)
+- `documentation-sync` — sync docs with current codebase state
+- `export-task-to-github` — export local tasks to GitHub Issues
 - `fix-suggestion` — propose and validate fixes
-- `security-triage` — security risk assessment
+- `import-github-issues` — import GitHub Issues as local tasks
+- `learning-retrospective` — capture lessons and update memory (Knowledge Harvester)
+- `memory-agent-core` — behavioral contract for memory-aware agents (Memory Guardian)
+- `memory-guided-review` — review using project memory as context
+- `memory-index-policy` — strict memory storage criteria
+- `project-briefing` — generate repository briefing from memory (Session Concierge)
+- `qa-analyst` — design test strategies and ensure software quality (QA Analyst)
+- `review-and-audit` — audit documentation against implementation; generate local tasks for gaps
+- `review-and-post-issue` — audit documentation against implementation; generate GitHub issues for gaps
+- `root-cause-analysis` — structured bug / incident investigation (Diagnostic Lead)
+- `scrum-master` — facilitate Scrum ceremonies and remove blockers (Scrum Master)
+- `security-analyst` — perform security assessments and threat modeling (Security Analyst)
+- `security-triage` — security risk assessment (Security Engineer)
+- `senior-code-review` — full code review against stored standards (Principal Reviewer)
 - `sentinel-issue-resolver` — autonomous GitHub issue resolution (SENTINEL identity)
-- `learning-retrospective` — capture lessons and update memory
-- `documentation-sync` — sync docs with current codebase state
-- `project-briefing` — generate repository briefing from memory
+- `session-planner` — orient and plan at session start (Strategy Lead)
+- `system-analyst` — analyze technical systems and design solution specs (System Analyst)
+- `task-management-guidelines` — task tracking and progress management standards
+- `task-memory-executor` — execute tasks with memory and standard enforcement
+- `tech-affinity-scout` — scout best practices from similar tech projects
+- `technical-planning` — feature planning with task decomposition (Technical Architect)
+- `tool-usage-guidelines` — tool usage standards and data integrity

package/dist/prompts/session-planner.md

@@ -11,9 +11,9 @@ version: "1.0.0"
 tags: [workflow, planning, task-breakdown]
 ---
 
-## FSM
+## Session Planner
 
-Entry=S0 → S1 → S2 → S3 → S4 → S5 Exit=planned
+Entry=S0 → S1 → S2 → S3 → S4 → S5 → S6 Exit=planned
 Guard: S(N) req S(N-1)✅
 
 S0 | orient: task-list (avoid dupes) + standard-search (if code edits) + handoff-list (close stale) | objective provided? | existing state | —
@@ -22,5 +22,6 @@ S2 | phase: group into research / implementation / validation | S1✅ | phased t
 S3 | hierarchy: parent_id + depends_on for sequencing; priority 1-5 scale | S2✅ | structured plan | —
 S4 | create via task-create (stable task_code or omit for auto-generated TASK-xxx, tags, suggested_skills if relevant, acceptance criteria) | S3✅ | MCP tasks | —
 S5 | display final plan to user | S4✅ | user output | —
+S6 | verify: confirm task count is 3-7, phases assigned, hierarchy correct | S5✅ | verified | —
 
 Objective: {{objective}}

package/dist/prompts/system-analyst.md

@@ -0,0 +1,35 @@
+---
+name: system-analyst
+description: Analyze technical systems, define requirements, and design solution specifications.
+arguments:
+  - name: objective
+    description: Analysis goal (system-requirements, impact-analysis, integration-design, technical-spec, etc.).
+    required: true
+  - name: system_context
+    description: Existing system architecture, tech stack, constraints.
+    required: false
+agent: System Analyst
+category: workflows
+version: "1.0.0"
+tags: [workflow, analysis, system-design, requirements, technical-spec]
+---
+
+## System Analyst
+
+Entry=S0 → S1 → S2 → S3 → S4  Exit=done
+Guard: S(N) req S(N-1)✅
+
+S0 | research: explore existing system (codebase, architecture, APIs, DB schema, integration points) | objective provided? | system understanding | —
+S1 | analyze: define functional & non-functional requirements, map data flow, identify constraints & risks | S0✅ | analysis | —
+S2 | specify: write technical specification — system context, use cases, interface contracts, data models, state transitions | S1✅ | technical spec | —
+S3 | validate: trace requirements → specification, verify consistency with existing architecture, check feasibility | S2✅ | validated spec | —
+S4 | verify: confirm all requirements addressed, spec is self-contained, implementation-ready, testable | S3✅ | verified | —
+
+## Artifact Types
+
+**Technical Specification**: System context, use case model, interface contracts, data dictionaries, state machines, sequence flows.
+**Impact Analysis**: Affected components, breaking changes, migration paths, rollback strategy.
+**Integration Design**: API contracts, event schemas, data mapping, error handling, SLA commitments.
+**Requirements Traceability Matrix**: Business req → Functional req → Technical spec → Test case.
+
+Objective: {{objective}} Context: {{system_context}}

package/dist/prompts/task-management-guidelines.md

@@ -8,9 +8,9 @@ version: "1.0.0"
 tags: [workflow, tasks, status-management, mcp]
 ---
 
-## FSM — Task Lifecycle
+## Task Lifecycle
 
-Entry=S0 → S1 → S2 → S3 → S4   Exit=done|archived
+Entry=S0 → S1 → S2 → S3 → S4 → S5 Exit=done|archived
 Guard: S(N) req S(N-1)✅; MUST transition backlog/pending → in_progress → completed
 
 S0 | plan: task-create for full lifecycle (Research→Strategy→Execution→Validation) | — | tasks | —
@@ -18,12 +18,41 @@ S1 | claim: task-claim with task_code; inspect via claim-list | S0✅, not claim
 S2 | progress: task-update → in_progress | S1✅ | active work | —
 S3 | validate: tests pass / explicit doc why verification skipped | S2✅ | evidence | —
 S4 | complete: task-update → completed (auto-releases claims, expires handoffs, archives) | S3✅ | completion | —
+S5 | verify: confirm completion evidence documented, auto-cleanup triggered | S4✅ | verified | —
 
-## FSM — Navigation
+## Navigation
 
-Entry=S0 → S1 → S2   Exit=mutated
+Entry=S0 → S1 → S2 → S3 Exit=mutated
 Guard: S(N) req S(N-1)✅
 
 S0 | list: task-list (in_progress, pending) | — | pointer table | —
 S1 | detail: task-detail after selecting (includes claims + handoffs) | S0✅ | full context | —
 S2 | mutate: task-create | task-update | task-delete | S1✅ | changed | —
+S3 | verify: confirm mutation succeeded, check task-list reflects change | S2✅ | verified | —
+
+## Navigation (task-list)
+
+- Sync: Call task-list at every session start (default: in_progress,pending).
+- Format: Compact pointer table: id, task_code, title, status, priority, updated_at, comments_count. Use query for keyword search.
+- Priority Scale: Interpret priority with MCP semantics: 1=Low, 2=Normal, 3=Medium, 4=High, 5=Critical.
+- Retrieve: Fetch full context via task-detail AFTER selecting a task. Hydrated task includes current coordination state (active claims, pending handoffs).
+- Coordination: Check active ownership with task-claim and claim-list. NEVER work on tasks claimed by others. Focus on ONE task at a time.
+
+## Detail Tools
+
+- Tasks: Call task-detail for history/comments (ID or task_code).
+- Memory: Call memory-detail for full entry content.
+- Standards: Call standard-search before any code edit, test edit, refactor, migration, or implementation decision. If no relevant standards returned, note that.
+- Handoffs: Call handoff-list to discover pending context transfers before starting a task. Close stale handoffs with handoff-update.
+
+## Workflow Rules
+
+- Planning: Create tasks for full lifecycle (Research → Strategy → Execution → Validation).
+- Transition Safety: MUST move from backlog/pending → in_progress → completed. Skipping in_progress is forbidden.
+- Automatic Cleanup: task-update to completed or canceled automatically releases active claims and expires pending handoffs linked to that task.
+- Claiming: Use task-claim when taking ownership, with task_code when working from human-visible queues.
+- Claim Inspection: Use claim-list when ownership is unclear or when triaging stale work.
+- Claim Release: Use claim-release to clear stale ownership when a task is being handed back or reassigned.
+- Handoff: Use handoff-create only when pausing or transferring unfinished work. Do not use pending handoffs for completion summaries.
+- Validation: Only mark completed after passing tests or explicitly documenting why verification could not run.
+- Archiving: Completion triggers auto-archive to task_archive memory with token reporting.

package/dist/prompts/task-memory-executor.md

@@ -11,9 +11,9 @@ version: "1.5.4"
 tags: [workflow, task-execution, memory]
 ---
 
-## FSM — Main Loop
+## Main Loop
 
-Entry=S0 → S1 → G0 → S2 → S3 → S4 → S5 → S6 → S7 → S8 Exit=exhausted|blocked
+Entry=S0 → S1 → G0 → S2 → S3 → S4 → S5 → S6 → S7 → S8 → S9 Exit=exhausted|blocked
 Guard: S(N) req S(N-1)✅; dependency-ready filter (depends_on+parent_id done)
 
 S0 | sync: resolve identity (arg→auto `<runner>-<randomName>`, 1x reuse all loop) + task-list(ONCE) + handoff-list(pending, close stale) + audit stale in_progress(>30m, hydrate via task-detail) | — | filtered queue | —
@@ -26,6 +26,7 @@ S5 | validate: tests + linters + type-check + browser(if UI — MANDATORY: conso
 S6 | finalize: task-update→completed(evidence: inspected files, verified logic, test results) + memory-store(insights) + standard-store(rules) + handoff(if work remains — with identity) + retrospective + report | S5✅ | completion | —
 S7 | commit: `type(scope): msg — {{task_title}} {{summary_task}} {{keyword}} #N` (fix|closes|resolve, extract N from metadata/URL) | S6✅ | git commit | —
 S8 | repeat → S0 | queue not empty | next task | —
+S9 | verify: confirm commit format compliance, task updated completed, no stale handoffs remain | S8✅ | verified | —
 
 ## Design Note
 
@@ -37,15 +38,16 @@ Main loop is intentionally infinite — runs until MCP task queue is fully exhau
 - **Max 2** parallel sub-agents; each executes EXACTLY 1 task
 - Fallback: sequential (1 concurrent) if no sub-agent capability
 
-## FSM — Blocker Handling
+## Blocker Handling
 
-Entry=S0 → S1 → G1|G2 → S2 Exit=unblocked|deferred
+Entry=S0 → S1 → G1|G2 → S2 → S3 Exit=unblocked|deferred
 
 S0 | detect: task-update→blocked with reason | is blocked? | blocker comment | —
 S1 | classify: regex-match comment against patterns below | S0✅ | internal solvable | external | —
 G1 | internal solvable? | S1✅ | → S2 auto-create | —
 G2 | external? (awaiting user, API down) | S1✅→external | → keep blocked, no auto task | —
 S2 | create fix task: code=`{parent}-FIX-{unix}`, title=`FIX: [{parent_title}] — Resolve: {reason}`, priority=4(HIGH), phase=blocker-resolution, parent=current_id, depends_on=parent, tags=[blocker-fix,auto-generated], metadata={triggered_by, blocker_reason, timestamp, identity} | G1✅ | blocker fix task | —
+S3 | verify: confirm fix task created, parent task dependency linked | S2✅ | verified | —
 
 ### Blocker Regex Patterns
 
@@ -56,10 +58,11 @@ S2 | create fix task: code=`{parent}-FIX-{unix}`, title=`FIX: [{parent_title}]
 | Config    | `/(config\|configuration\|setup\|env\|environment)\s+(missing\|not\s+set\|invalid)/i`                    | `DATABASE_URL not set`                            |
 | Test fail | `/(test\|build\|compile\|type\s+check)\s+(failed\|error)/i`                                              | `Type error: Property 'user' not on 'Request'`    |
 
-## FSM — Backlog Maintenance
+## Backlog Maintenance
 
-Entry=S0 → S1 Exit=promoted
+Entry=S0 → S1 → S2 Exit=promoted
 Guard: active queue empty?
 
 S0 | list backlog: task-list(status=backlog) | active queue empty? | backlog tasks | —
 S1 | promote top 20 by priority(5→1) to pending via task-update | S0✅ | tasks→pending | —
+S2 | verify: confirm promoted task count, check priority ordering correct | S1✅ | verified | —

package/dist/prompts/tech-affinity-scout.md

@@ -11,14 +11,19 @@ version: "1.0.0"
 tags: [planning, patterns, memory, tech-affinity]
 ---
 
-## FSM
+## Tech Affinity Scout
 
-Entry=S0 → S1 → S2 → S3  Exit=scouted
+Entry=S0 → S1 → S2 → S3 → S4 Exit=scouted
 Guard: S(N) req S(N-1)✅
 
-S0 | search: memory-search (current_tags=[tags]) + standard-search (stack=[tags]) | tags provided? | pointer rows | —
+S0 | search: memory-search (current_tags=[tags]) + standard-search (stack=[tags]) + web_search (current practices for stack) | tags provided? | pointer rows + web results | —
 S1 | hydrate: memory-detail for relevant pointers | S0✅ | full entries | —
-S2 | filter: pattern + decision + coding standard entries from similar stacks | S1✅ | applicable knowledge | —
-S3 | adapt: explain adaptation to current project; separate memory-derived vs standards | S2✅ | adaptation guide | —
+S2 | filter: pattern + decision + coding standard + web_search entries from similar stacks | S1✅ | applicable knowledge | —
+S3 | adapt: explain adaptation to current project; separate memory-derived vs standards vs web_search | S2✅ | adaptation guide | —
+S4 | verify: confirm all relevant patterns evaluated, adaptation guidance is actionable | S3✅ | verified | —
 
 Tags: {{tags}}
+
+## Delegation
+
+Web search MUST be delegated to a coding subagent (general/explore). Main agent must NOT execute web_search directly.

package/dist/prompts/technical-planning.md

@@ -11,7 +11,7 @@ version: "1.0.0"
 tags: [workflow, technical-planning]
 ---
 
-## FSM
+## Technical Planning
 
 Entry=create-task → task-claim  Exit=task-update completed|blocked
 Guard: A(N) req all prev A✅
@@ -26,6 +26,7 @@ A5 | api-contract-design | G2✅ | API contract | design/api/
 G3 | approve API contracts | A5✅ | → proceed | —
 A6 | derive total_sprints from roadmap timeline+capacity → generate 1 sprint-planning task per sprint(N) + allocation audit + MCP task tree(parent/child + depends_on) | G3✅ | roadmap + sprints-1..N + audit + tasks | tasks/ + MCP
 GF | final approve — blocked if sprint-N.md missing or MCP task tree not created | A6✅ | → documentation | —
+V1 | verify: confirm all artifacts exist at documented output paths, gate approvals recorded | GF✅ | verified | —
 
 ## Optional
 

package/dist/prompts/tool-usage-guidelines.md

@@ -8,9 +8,9 @@ version: "1.0.0"
 tags: [workflow, tooling, memory, policy, mcp]
 ---
 
-## FSM — Memory Flow
+## Memory Flow
 
-Entry=S0 → S1 → S2 → S3 → S4   Exit=maintained
+Entry=S0 → S1 → S2 → S3 → S4 → S5   Exit=maintained
 Guard: S(N) req S(N-1)✅
 
 S0 | navigate: memory-recap (overview) / memory-search (targeted) | — | pointer rows | —
@@ -18,22 +18,25 @@ S1 | hydrate: memory-detail (id or code) before relying on content | S0✅ | ful
 S2 | store: memory-store (durable only, tech tags, human title, aux in metadata) | — | stored | —
 S3 | maintain: memory-update / supersedes for changes; avoid duplicates | — | updated | —
 S4 | acknowledge: memory-acknowledge (used|irrelevant|contradictory) after code gen | code generated? | feedback | —
+S5 | verify: confirm acknowledge called after code gen, no duplicate memories created | S4✅ | verified | —
 
-## FSM — Standards Flow
+## Standards Flow
 
-Entry=S0 → S1 → S2   Exit=done
+Entry=S0 → S1 → S2 → S3   Exit=done
 Guard: S(N) req S(N-1)✅
 
 S0 | search: standard-search mandatory before code edit/test/refactor/migrate (query, lang, stack, repo) | — | applicable | —
 S1 | apply precisely as implementation rules | S0✅ | compliant code | —
 S2 | store: standard-store (1 rule/entry, name, content, context, version, lang, stack, tags, scope) | — | new entry | —
+S3 | verify: confirm standard-search was called, scope and tags correct | S2✅ | verified | —
 
-## FSM — Handoff & Claim Flow
+## Handoff & Claim Flow
 
-Entry=S0 → S1 → S2 → S3   Exit=resolved
+Entry=S0 → S1 → S2 → S3 → S4   Exit=resolved
 Guard: S(N) req S(N-1)✅
 
 S0 | check: handoff-list (status, from/to agent) + claim-list | — | active state | —
 S1 | ensure: NO handoff for completion summaries — use task-update or memory | — | valid | —
 S2 | create: handoff-create (unfinished work only, summary + structured context) / task-claim (ownership) | S0✅ | pending | claimed | —
 S3 | close: handoff-update (accepted|rejected|expired) / claim-release (stale ownership) | consumed | stale | resolved | —
+S4 | verify: confirm no stale handoffs remain, claims reflect actual ownership | S3✅ | verified | —

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@vheins/local-memory-mcp",
-	"version": "0.15.0",
+	"version": "0.16.0",
 	"description": "MCP Local Memory Service for coding copilot agents",
 	"mcpName": "io.github.vheins/local-memory-mcp",
 	"type": "module",