engrams 0.1.0 → 0.2.1

package/dist/cli.js

@@ -45,12 +45,14 @@ var init_schema = __esm({
       hasPiiFlag: integer("has_pii_flag").notNull().default(0),
       entityType: text("entity_type"),
       entityName: text("entity_name"),
-      structuredData: text("structured_data")
+      structuredData: text("structured_data"),
+      updatedAt: text("updated_at")
     });
     memoryConnections = sqliteTable("memory_connections", {
       sourceMemoryId: text("source_memory_id").notNull().references(() => memories.id),
       targetMemoryId: text("target_memory_id").notNull().references(() => memories.id),
-      relationship: text("relationship").notNull()
+      relationship: text("relationship").notNull(),
+      updatedAt: text("updated_at")
     });
     memoryEvents = sqliteTable("memory_events", {
       id: text("id").primaryKey(),
@@ -239,6 +241,38 @@ function runMigrations(sqlite) {
     sqlite.exec(`CREATE INDEX IF NOT EXISTS idx_memories_entity_type ON memories(entity_type) WHERE deleted_at IS NULL`);
     sqlite.exec(`CREATE INDEX IF NOT EXISTS idx_memories_entity_name ON memories(entity_name) WHERE deleted_at IS NULL`);
   });
+  runMigration(sqlite, "add_updated_at", () => {
+    sqlite.exec(`ALTER TABLE memories ADD COLUMN updated_at TEXT`);
+    sqlite.exec(`UPDATE memories SET updated_at = COALESCE(confirmed_at, learned_at, datetime('now')) WHERE updated_at IS NULL`);
+    sqlite.exec(`ALTER TABLE memory_connections ADD COLUMN updated_at TEXT`);
+    sqlite.exec(`UPDATE memory_connections SET updated_at = datetime('now') WHERE updated_at IS NULL`);
+    sqlite.exec(`
+      CREATE TRIGGER IF NOT EXISTS memories_updated_at_insert
+      AFTER INSERT ON memories
+      BEGIN
+        UPDATE memories SET updated_at = datetime('now') WHERE id = NEW.id AND updated_at IS NULL;
+      END;
+    `);
+    sqlite.exec(`
+      CREATE TRIGGER IF NOT EXISTS memories_updated_at_update
+      AFTER UPDATE ON memories
+      WHEN NEW.updated_at IS OLD.updated_at OR NEW.updated_at IS NULL
+      BEGIN
+        UPDATE memories SET updated_at = datetime('now') WHERE id = NEW.id;
+      END;
+    `);
+    sqlite.exec(`
+      CREATE TRIGGER IF NOT EXISTS connections_updated_at_insert
+      AFTER INSERT ON memory_connections
+      BEGIN
+        UPDATE memory_connections SET updated_at = datetime('now')
+        WHERE source_memory_id = NEW.source_memory_id
+          AND target_memory_id = NEW.target_memory_id
+          AND relationship = NEW.relationship
+          AND updated_at IS NULL;
+      END;
+    `);
+  });
   runMigration(sqlite, "fts_add_entity_name", () => {
     sqlite.exec(`DROP TRIGGER IF EXISTS memory_fts_insert`);
     sqlite.exec(`DROP TRIGGER IF EXISTS memory_fts_delete`);
@@ -660,21 +694,24 @@ var init_pii = __esm({
   }
 });
 
+// ../core/dist/llm-utils.js
+function parseLLMJson(text2) {
+  const cleaned = text2.replace(/^```(?:json)?\s*\n?/i, "").replace(/\n?```\s*$/i, "").trim();
+  return JSON.parse(cleaned);
+}
+var init_llm_utils = __esm({
+  "../core/dist/llm-utils.js"() {
+    "use strict";
+  }
+});
+
 // ../core/dist/entity-extraction.js
-async function extractEntity(content, detail, existingEntityNames) {
-  const { default: Anthropic2 } = await import("@anthropic-ai/sdk");
-  const client = new Anthropic2();
+async function extractEntity(provider, content, detail, existingEntityNames) {
   const existingNamesHint = existingEntityNames && existingEntityNames.length > 0 ? `
 
 Existing entity names in the system (prefer matching these over creating new ones):
 ${existingEntityNames.slice(0, 50).map((n) => `- ${n}`).join("\n")}` : "";
-  const response = await client.messages.create({
-    model: "claude-sonnet-4-5-20250514",
-    max_tokens: 500,
-    messages: [
-      {
-        role: "user",
-        content: `Classify this memory and extract structured data.
+  const prompt = `Classify this memory and extract structured data.
 
 Memory: ${content}${detail ? `
 Detail: ${detail}` : ""}${existingNamesHint}
@@ -709,17 +746,528 @@ For structured_data, include relevant fields:
 - preference: category, strength (strong/mild/contextual)
 - event: what, when, who
 - goal: what, timeline, status (active/achieved/abandoned)
-- fact: category`
-      }
-    ]
-  });
-  const text2 = response.content[0].type === "text" ? response.content[0].text : "";
-  const cleaned = text2.replace(/^```(?:json)?\s*\n?/i, "").replace(/\n?```\s*$/i, "").trim();
-  return JSON.parse(cleaned);
+- fact: category`;
+  const text2 = await provider.complete(prompt, { maxTokens: 500, json: true });
+  return parseLLMJson(text2);
 }
 var init_entity_extraction = __esm({
   "../core/dist/entity-extraction.js"() {
     "use strict";
+    init_llm_utils();
+  }
+});
+
+// ../core/dist/crypto.js
+import { randomBytes, scryptSync, createCipheriv, createDecipheriv } from "crypto";
+function deriveKeys(passphrase, salt) {
+  const derived = scryptSync(passphrase, salt, KEY_LENGTH * 2, {
+    N: SCRYPT_N,
+    r: SCRYPT_R,
+    p: SCRYPT_P,
+    maxmem: 256 * 1024 * 1024
+    // 256 MB — N=131072,r=8 needs ~128 MB
+  });
+  return {
+    encryptionKey: derived.subarray(0, KEY_LENGTH),
+    hmacKey: derived.subarray(KEY_LENGTH)
+  };
+}
+function encrypt(plaintext, key) {
+  const iv = randomBytes(IV_LENGTH);
+  const cipher = createCipheriv(ALGORITHM, key, iv);
+  const encrypted = Buffer.concat([cipher.update(plaintext, "utf8"), cipher.final()]);
+  const authTag = cipher.getAuthTag();
+  return Buffer.concat([iv, encrypted, authTag]).toString("base64");
+}
+function decrypt(encoded, key) {
+  const data = Buffer.from(encoded, "base64");
+  const iv = data.subarray(0, IV_LENGTH);
+  const authTag = data.subarray(data.length - AUTH_TAG_LENGTH);
+  const ciphertext = data.subarray(IV_LENGTH, data.length - AUTH_TAG_LENGTH);
+  const decipher = createDecipheriv(ALGORITHM, key, iv);
+  decipher.setAuthTag(authTag);
+  return decipher.update(ciphertext) + decipher.final("utf8");
+}
+function encryptMemory(memory, key) {
+  return {
+    content: encrypt(memory.content, key),
+    detail: memory.detail ? encrypt(memory.detail, key) : null,
+    structured_data: memory.structured_data ? encrypt(memory.structured_data, key) : null
+  };
+}
+function decryptMemory(memory, key) {
+  return {
+    content: decrypt(memory.content, key),
+    detail: memory.detail ? decrypt(memory.detail, key) : null,
+    structured_data: memory.structured_data ? decrypt(memory.structured_data, key) : null
+  };
+}
+var ALGORITHM, IV_LENGTH, AUTH_TAG_LENGTH, SCRYPT_N, SCRYPT_R, SCRYPT_P, KEY_LENGTH;
+var init_crypto = __esm({
+  "../core/dist/crypto.js"() {
+    "use strict";
+    ALGORITHM = "aes-256-gcm";
+    IV_LENGTH = 12;
+    AUTH_TAG_LENGTH = 16;
+    SCRYPT_N = 131072;
+    SCRYPT_R = 8;
+    SCRYPT_P = 1;
+    KEY_LENGTH = 32;
+  }
+});
+
+// ../core/dist/credentials.js
+import { resolve as resolve3 } from "path";
+import { homedir as homedir3 } from "os";
+import { readFileSync, writeFileSync, existsSync, chmodSync as chmodSync2 } from "fs";
+function loadCredentials() {
+  if (!existsSync(CRED_PATH))
+    return null;
+  try {
+    return JSON.parse(readFileSync(CRED_PATH, "utf8"));
+  } catch {
+    return null;
+  }
+}
+function loadConfig() {
+  if (!existsSync(CONFIG_PATH))
+    return {};
+  try {
+    return JSON.parse(readFileSync(CONFIG_PATH, "utf8"));
+  } catch {
+    return {};
+  }
+}
+function saveConfig(config) {
+  writeFileSync(CONFIG_PATH, JSON.stringify(config, null, 2), "utf8");
+  try {
+    chmodSync2(CONFIG_PATH, 384);
+  } catch {
+  }
+}
+var ENGRAMS_DIR, CRED_PATH, CONFIG_PATH;
+var init_credentials = __esm({
+  "../core/dist/credentials.js"() {
+    "use strict";
+    ENGRAMS_DIR = resolve3(homedir3(), ".engrams");
+    CRED_PATH = resolve3(ENGRAMS_DIR, "credentials.json");
+    CONFIG_PATH = resolve3(ENGRAMS_DIR, "config.json");
+  }
+});
+
+// ../core/dist/sync.js
+import { createClient } from "@libsql/client";
+async function initRemoteSchema(client) {
+  await client.executeMultiple(`
+    CREATE TABLE IF NOT EXISTS memories (
+      id TEXT PRIMARY KEY,
+      content TEXT NOT NULL,
+      detail TEXT,
+      domain TEXT NOT NULL DEFAULT 'general',
+      source_agent_id TEXT NOT NULL,
+      source_agent_name TEXT NOT NULL,
+      cross_agent_id TEXT,
+      cross_agent_name TEXT,
+      source_type TEXT NOT NULL,
+      source_description TEXT,
+      confidence REAL NOT NULL DEFAULT 0.7,
+      confirmed_count INTEGER NOT NULL DEFAULT 0,
+      corrected_count INTEGER NOT NULL DEFAULT 0,
+      mistake_count INTEGER NOT NULL DEFAULT 0,
+      used_count INTEGER NOT NULL DEFAULT 0,
+      learned_at TEXT,
+      confirmed_at TEXT,
+      last_used_at TEXT,
+      deleted_at TEXT,
+      has_pii_flag INTEGER NOT NULL DEFAULT 0,
+      entity_type TEXT,
+      entity_name TEXT,
+      structured_data TEXT,
+      device_id TEXT,
+      updated_at TEXT NOT NULL DEFAULT (datetime('now'))
+    );
+
+    CREATE TABLE IF NOT EXISTS memory_connections (
+      source_memory_id TEXT NOT NULL,
+      target_memory_id TEXT NOT NULL,
+      relationship TEXT NOT NULL,
+      device_id TEXT,
+      updated_at TEXT NOT NULL DEFAULT (datetime('now'))
+    );
+
+    CREATE TABLE IF NOT EXISTS memory_events (
+      id TEXT PRIMARY KEY,
+      memory_id TEXT NOT NULL,
+      event_type TEXT NOT NULL,
+      agent_id TEXT,
+      agent_name TEXT,
+      old_value TEXT,
+      new_value TEXT,
+      timestamp TEXT NOT NULL,
+      device_id TEXT
+    );
+
+    CREATE TABLE IF NOT EXISTS sync_log (
+      id INTEGER PRIMARY KEY AUTOINCREMENT,
+      device_id TEXT NOT NULL,
+      synced_at TEXT NOT NULL DEFAULT (datetime('now')),
+      pushed INTEGER NOT NULL DEFAULT 0,
+      pulled INTEGER NOT NULL DEFAULT 0
+    );
+  `);
+}
+async function pushChanges(sqlite, client, config, deviceId) {
+  const lastSync = await getLastSyncTime(client, deviceId);
+  const changedMemories = sqlite.prepare(`
+    SELECT * FROM memories WHERE updated_at > ? OR (updated_at IS NULL AND learned_at > ?)
+  `).all(lastSync, lastSync);
+  let pushed = 0;
+  for (const mem of changedMemories) {
+    const encrypted = encryptMemory({
+      content: mem.content,
+      detail: mem.detail,
+      structured_data: mem.structured_data
+    }, config.keys.encryptionKey);
+    await client.execute({
+      sql: `INSERT OR REPLACE INTO memories
+        (id, content, detail, domain, source_agent_id, source_agent_name,
+         cross_agent_id, cross_agent_name, source_type, source_description,
+         confidence, confirmed_count, corrected_count, mistake_count, used_count,
+         learned_at, confirmed_at, last_used_at, deleted_at,
+         has_pii_flag, entity_type, entity_name, structured_data,
+         device_id, updated_at)
+        VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, datetime('now'))`,
+      args: [
+        mem.id,
+        encrypted.content,
+        encrypted.detail,
+        mem.domain,
+        mem.source_agent_id,
+        mem.source_agent_name,
+        mem.cross_agent_id ?? null,
+        mem.cross_agent_name ?? null,
+        mem.source_type,
+        mem.source_description ?? null,
+        mem.confidence,
+        mem.confirmed_count,
+        mem.corrected_count,
+        mem.mistake_count,
+        mem.used_count,
+        mem.learned_at ?? null,
+        mem.confirmed_at ?? null,
+        mem.last_used_at ?? null,
+        mem.deleted_at ?? null,
+        mem.has_pii_flag ?? 0,
+        mem.entity_type ?? null,
+        mem.entity_name ?? null,
+        encrypted.structured_data,
+        deviceId
+      ]
+    });
+    pushed++;
+  }
+  const changedConnections = sqlite.prepare(`
+    SELECT * FROM memory_connections WHERE updated_at > ? OR updated_at IS NULL
+  `).all(lastSync);
+  for (const conn of changedConnections) {
+    await client.execute({
+      sql: `INSERT OR REPLACE INTO memory_connections
+        (source_memory_id, target_memory_id, relationship, device_id, updated_at)
+        VALUES (?, ?, ?, ?, datetime('now'))`,
+      args: [
+        conn.source_memory_id,
+        conn.target_memory_id,
+        conn.relationship,
+        deviceId
+      ]
+    });
+  }
+  const changedEvents = sqlite.prepare(`
+    SELECT * FROM memory_events WHERE timestamp > ?
+  `).all(lastSync);
+  for (const evt of changedEvents) {
+    await client.execute({
+      sql: `INSERT OR IGNORE INTO memory_events
+        (id, memory_id, event_type, agent_id, agent_name, old_value, new_value, timestamp, device_id)
+        VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)`,
+      args: [
+        evt.id,
+        evt.memory_id,
+        evt.event_type,
+        evt.agent_id ?? null,
+        evt.agent_name ?? null,
+        evt.old_value ?? null,
+        evt.new_value ?? null,
+        evt.timestamp,
+        deviceId
+      ]
+    });
+  }
+  return pushed + changedConnections.length + changedEvents.length;
+}
+async function pullChanges(sqlite, client, config, deviceId) {
+  const lastSync = await getLastSyncTime(client, deviceId);
+  const result = await client.execute({
+    sql: `SELECT * FROM memories WHERE device_id != ? AND updated_at > ?`,
+    args: [deviceId, lastSync]
+  });
+  let pulled = 0;
+  for (const row of result.rows) {
+    const decrypted = decryptMemory({
+      content: row.content,
+      detail: row.detail,
+      structured_data: row.structured_data
+    }, config.keys.encryptionKey);
+    const local = sqlite.prepare(`SELECT updated_at FROM memories WHERE id = ?`).get(row.id);
+    if (local && local.updated_at >= row.updated_at)
+      continue;
+    sqlite.prepare(`
+      INSERT OR REPLACE INTO memories
+        (id, content, detail, domain, source_agent_id, source_agent_name,
+         cross_agent_id, cross_agent_name, source_type, source_description,
+         confidence, confirmed_count, corrected_count, mistake_count, used_count,
+         learned_at, confirmed_at, last_used_at, deleted_at,
+         has_pii_flag, entity_type, entity_name, structured_data, updated_at)
+      VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+    `).run(row.id, decrypted.content, decrypted.detail, row.domain, row.source_agent_id, row.source_agent_name, row.cross_agent_id, row.cross_agent_name, row.source_type, row.source_description, row.confidence, row.confirmed_count, row.corrected_count, row.mistake_count, row.used_count, row.learned_at, row.confirmed_at, row.last_used_at, row.deleted_at, row.has_pii_flag, row.entity_type, row.entity_name, decrypted.structured_data, row.updated_at);
+    pulled++;
+  }
+  const connResult = await client.execute({
+    sql: `SELECT * FROM memory_connections WHERE device_id != ? AND updated_at > ?`,
+    args: [deviceId, lastSync]
+  });
+  for (const row of connResult.rows) {
+    sqlite.prepare(`
+      INSERT OR IGNORE INTO memory_connections (source_memory_id, target_memory_id, relationship, updated_at)
+      VALUES (?, ?, ?, ?)
+    `).run(row.source_memory_id, row.target_memory_id, row.relationship, row.updated_at);
+    pulled++;
+  }
+  const evtResult = await client.execute({
+    sql: `SELECT * FROM memory_events WHERE device_id != ? AND timestamp > ?`,
+    args: [deviceId, lastSync]
+  });
+  for (const row of evtResult.rows) {
+    sqlite.prepare(`
+      INSERT OR IGNORE INTO memory_events (id, memory_id, event_type, agent_id, agent_name, old_value, new_value, timestamp)
+      VALUES (?, ?, ?, ?, ?, ?, ?, ?)
+    `).run(row.id, row.memory_id, row.event_type, row.agent_id, row.agent_name, row.old_value, row.new_value, row.timestamp);
+    pulled++;
+  }
+  return pulled;
+}
+async function sync(sqlite, config, deviceId) {
+  const client = createClient({
+    url: config.tursoUrl,
+    authToken: config.tursoAuthToken
+  });
+  try {
+    await initRemoteSchema(client);
+    const pushed = await pushChanges(sqlite, client, config, deviceId);
+    const pulled = await pullChanges(sqlite, client, config, deviceId);
+    await client.execute({
+      sql: `INSERT INTO sync_log (device_id, pushed, pulled) VALUES (?, ?, ?)`,
+      args: [deviceId, pushed, pulled]
+    });
+    sqlite.prepare(`INSERT OR REPLACE INTO engrams_meta (key, value) VALUES ('last_modified', datetime('now'))`).run();
+    return { pushed, pulled, conflicts: 0 };
+  } finally {
+    client.close();
+  }
+}
+async function getLastSyncTime(client, deviceId) {
+  const result = await client.execute({
+    sql: `SELECT synced_at FROM sync_log WHERE device_id = ? ORDER BY synced_at DESC LIMIT 1`,
+    args: [deviceId]
+  });
+  return result.rows.length > 0 ? result.rows[0].synced_at : "1970-01-01T00:00:00Z";
+}
+var init_sync = __esm({
+  "../core/dist/sync.js"() {
+    "use strict";
+    init_crypto();
+  }
+});
+
+// ../core/dist/llm.js
+function createLLMProvider(config, task) {
+  const model = config.model || task && DEFAULT_TASK_MODELS[config.provider]?.[task] || DEFAULT_MODELS[config.provider] || "gpt-4o";
+  switch (config.provider) {
+    case "anthropic":
+      return new AnthropicProvider(config.apiKey, model);
+    case "openai":
+      return new OpenAICompatibleProvider(config.apiKey, model, config.baseUrl);
+    case "ollama":
+      return new OpenAICompatibleProvider(void 0, model, config.baseUrl || "http://localhost:11434/v1");
+    default:
+      throw new Error(`Unknown LLM provider: ${config.provider}`);
+  }
+}
+var DEFAULT_MODELS, DEFAULT_TASK_MODELS, AnthropicProvider, OpenAICompatibleProvider;
+var init_llm = __esm({
+  "../core/dist/llm.js"() {
+    "use strict";
+    DEFAULT_MODELS = {
+      anthropic: "claude-sonnet-4-5-20250514",
+      openai: "gpt-4o",
+      ollama: "llama3.2"
+    };
+    DEFAULT_TASK_MODELS = {
+      anthropic: {
+        extraction: "claude-haiku-4-5-20251001",
+        analysis: "claude-sonnet-4-5-20250514"
+      },
+      openai: {
+        extraction: "gpt-4o-mini",
+        analysis: "gpt-4o"
+      },
+      ollama: {
+        extraction: "llama3.2",
+        analysis: "llama3.2"
+      }
+    };
+    AnthropicProvider = class {
+      client = null;
+      apiKey;
+      model;
+      constructor(apiKey, model) {
+        this.apiKey = apiKey;
+        this.model = model;
+      }
+      async getClient() {
+        if (!this.client) {
+          const { default: Anthropic } = await import("@anthropic-ai/sdk");
+          this.client = new Anthropic({ apiKey: this.apiKey });
+        }
+        return this.client;
+      }
+      async complete(prompt, options) {
+        const client = await this.getClient();
+        const response = await client.messages.create({
+          model: this.model,
+          max_tokens: options?.maxTokens ?? 1024,
+          ...options?.system ? { system: options.system } : {},
+          messages: [{ role: "user", content: prompt }]
+        });
+        const text2 = response.content[0].type === "text" ? response.content[0].text : "";
+        return text2;
+      }
+    };
+    OpenAICompatibleProvider = class {
+      apiKey;
+      model;
+      baseUrl;
+      constructor(apiKey, model, baseUrl) {
+        this.apiKey = apiKey;
+        this.model = model;
+        this.baseUrl = baseUrl;
+      }
+      async complete(prompt, options) {
+        const url = `${this.baseUrl || "https://api.openai.com/v1"}/chat/completions`;
+        const body = {
+          model: this.model,
+          max_tokens: options?.maxTokens ?? 1024,
+          messages: [
+            ...options?.system ? [{ role: "system", content: options.system }] : [],
+            { role: "user", content: prompt }
+          ]
+        };
+        if (options?.json) {
+          body.response_format = { type: "json_object" };
+        }
+        const response = await fetch(url, {
+          method: "POST",
+          headers: {
+            "Content-Type": "application/json",
+            ...this.apiKey ? { Authorization: `Bearer ${this.apiKey}` } : {}
+          },
+          body: JSON.stringify(body)
+        });
+        if (!response.ok) {
+          const error = await response.text();
+          throw new Error(`LLM request failed (${response.status}): ${error}`);
+        }
+        const data = await response.json();
+        return data.choices[0]?.message?.content ?? "";
+      }
+    };
+  }
+});
+
+// ../core/dist/llm-config.js
+function resolveLLMProvider(task) {
+  const config = loadConfig();
+  if (config.llm?.provider) {
+    const apiKey = config.llm.apiKey || process.env.ENGRAMS_API_KEY || (config.llm.provider === "anthropic" ? process.env.ANTHROPIC_API_KEY : void 0) || (config.llm.provider === "openai" ? process.env.OPENAI_API_KEY : void 0);
+    const taskModel = task && config.llm.models?.[task];
+    return createLLMProvider({
+      provider: config.llm.provider,
+      model: taskModel || config.llm.model || void 0,
+      apiKey: apiKey || void 0,
+      baseUrl: config.llm.baseUrl
+    }, task);
+  }
+  const engramsProvider = process.env.ENGRAMS_LLM_PROVIDER;
+  if (engramsProvider) {
+    return createLLMProvider({
+      provider: engramsProvider,
+      model: process.env.ENGRAMS_LLM_MODEL || void 0,
+      apiKey: process.env.ENGRAMS_API_KEY,
+      baseUrl: process.env.ENGRAMS_LLM_BASE_URL
+    }, task);
+  }
+  if (process.env.ANTHROPIC_API_KEY) {
+    return createLLMProvider({
+      provider: "anthropic",
+      apiKey: process.env.ANTHROPIC_API_KEY
+    }, task);
+  }
+  if (process.env.OPENAI_API_KEY) {
+    return createLLMProvider({
+      provider: "openai",
+      apiKey: process.env.OPENAI_API_KEY
+    }, task);
+  }
+  return null;
+}
+var init_llm_config = __esm({
+  "../core/dist/llm-config.js"() {
+    "use strict";
+    init_credentials();
+    init_llm();
+  }
+});
+
+// ../core/dist/llm-validation.js
+function validateExtraction(result) {
+  const warnings = [];
+  if (!result || typeof result !== "object") {
+    return { valid: false, error: "LLM did not return a valid object", warnings, qualityScore: 0 };
+  }
+  const r = result;
+  if (!r.entity_type || !VALID_ENTITY_TYPES.includes(r.entity_type)) {
+    return {
+      valid: false,
+      error: `Invalid entity_type "${r.entity_type}". Model may not be capable enough for extraction. Recommended: claude-haiku-4-5, gpt-4o-mini, or better.`,
+      warnings,
+      qualityScore: 0
+    };
+  }
+  if (r.entity_name && typeof r.entity_name === "string" && r.entity_name.length > 100) {
+    warnings.push("entity_name is unusually long \u2014 model may have used full content instead of a canonical name");
+  }
+  if (r.suggested_connections && !Array.isArray(r.suggested_connections)) {
+    warnings.push("suggested_connections is not an array \u2014 ignoring");
+  }
+  const score = 1 - warnings.length * 0.1 - (r.entity_name ? 0 : 0.1);
+  return { valid: true, warnings, qualityScore: Math.max(0, score) };
+}
+var VALID_ENTITY_TYPES;
+var init_llm_validation = __esm({
+  "../core/dist/llm-validation.js"() {
+    "use strict";
+    init_embeddings();
+    VALID_ENTITY_TYPES = ["person", "organization", "place", "project", "preference", "event", "goal", "fact"];
   }
 });
 
@@ -738,6 +1286,13 @@ var init_dist = __esm({
     init_db();
     init_pii();
     init_entity_extraction();
+    init_crypto();
+    init_credentials();
+    init_sync();
+    init_llm();
+    init_llm_utils();
+    init_llm_config();
+    init_llm_validation();
   }
 });
 
@@ -747,10 +1302,10 @@ __export(http_exports, {
   startHttpApi: () => startHttpApi
 });
 import { createServer } from "http";
-import { randomBytes } from "crypto";
+import { randomBytes as randomBytes2 } from "crypto";
 import { eq, and, isNull } from "drizzle-orm";
 function generateId() {
-  return randomBytes(16).toString("hex");
+  return randomBytes2(16).toString("hex");
 }
 function now() {
   return (/* @__PURE__ */ new Date()).toISOString();
@@ -760,12 +1315,12 @@ function json(res, data, status = 200) {
   res.end(JSON.stringify(data));
 }
 function parseBody(req) {
-  return new Promise((resolve3, reject) => {
+  return new Promise((resolve4, reject) => {
     let body = "";
     req.on("data", (chunk) => body += chunk);
     req.on("end", () => {
       try {
-        resolve3(body ? JSON.parse(body) : {});
+        resolve4(body ? JSON.parse(body) : {});
       } catch {
         reject(new Error("Invalid JSON"));
       }
@@ -936,10 +1491,9 @@ import { McpServer, ResourceTemplate } from "@modelcontextprotocol/sdk/server/mc
 import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
 import { z } from "zod";
 import { eq as eq2, and as and2, isNull as isNull2 } from "drizzle-orm";
-import { randomBytes as randomBytes2 } from "crypto";
-import Anthropic from "@anthropic-ai/sdk";
+import { randomBytes as randomBytes3 } from "crypto";
 function generateId2() {
-  return randomBytes2(16).toString("hex");
+  return randomBytes3(16).toString("hex");
 }
 function now2() {
   return (/* @__PURE__ */ new Date()).toISOString();
@@ -964,6 +1518,8 @@ async function startServer() {
       lastDecayRun = now3;
     }
   }
+  let extractionProvider = resolveLLMProvider("extraction");
+  let analysisProvider = resolveLLMProvider("analysis");
   if (vecAvailable) {
     backfillEmbeddings(sqlite).then((count) => {
       if (count > 0) process.stderr.write(`[engrams] Backfilled embeddings for ${count} memories
@@ -1259,9 +1815,9 @@ Organize memories by life domain: general, work, health, finance, relationships,
           }
         }
       }
-      const VALID_ENTITY_TYPES = ["person", "organization", "place", "project", "preference", "event", "goal", "fact"];
-      if (params.entityType && !VALID_ENTITY_TYPES.includes(params.entityType)) {
-        return textResult({ error: `Invalid entity_type: "${params.entityType}". Must be one of: ${VALID_ENTITY_TYPES.join(", ")}` });
+      const VALID_ENTITY_TYPES2 = ["person", "organization", "place", "project", "preference", "event", "goal", "fact"];
+      if (params.entityType && !VALID_ENTITY_TYPES2.includes(params.entityType)) {
+        return textResult({ error: `Invalid entity_type: "${params.entityType}". Must be one of: ${VALID_ENTITY_TYPES2.join(", ")}` });
       }
       const id = generateId2();
       const confidence = getInitialConfidence(params.sourceType);
@@ -1304,15 +1860,22 @@ Organize memories by life domain: general, work, health, finance, relationships,
         newValue: JSON.stringify({ content: params.content, domain: params.domain ?? "general" }),
         timestamp
       }).run();
-      if (!params.entityType && process.env.ANTHROPIC_API_KEY) {
+      if (!params.entityType && extractionProvider) {
         (async () => {
           try {
             const existingNames = sqlite.prepare(`SELECT DISTINCT entity_name FROM memories WHERE entity_name IS NOT NULL AND deleted_at IS NULL`).all();
             const extraction = await extractEntity(
+              extractionProvider,
               params.content,
               params.detail ?? null,
               existingNames.map((r) => r.entity_name)
             );
+            const validation = validateExtraction(extraction);
+            if (!validation.valid) {
+              process.stderr.write(`[engrams] Entity extraction failed validation: ${validation.error}
+`);
+              return;
+            }
             const current = sqlite.prepare(`SELECT entity_type FROM memories WHERE id = ? AND deleted_at IS NULL`).get(id);
             if (!current || current.entity_type) return;
             sqlite.transaction(() => {
@@ -1341,16 +1904,9 @@ Organize memories by life domain: general, work, health, finance, relationships,
       const fullText = params.content + (params.detail ? " " + params.detail : "");
       const sentences = fullText.split(/(?<=[.!?])\s+/).filter((s) => s.length > 10);
       let splitSuggestion = null;
-      if (sentences.length >= 3 && process.env.ANTHROPIC_API_KEY) {
+      if (sentences.length >= 3 && extractionProvider) {
         try {
-          const client = new Anthropic({ apiKey: process.env.ANTHROPIC_API_KEY });
-          const resp = await client.messages.create({
-            model: "claude-haiku-4-5-20251001",
-            max_tokens: 512,
-            messages: [
-              {
-                role: "user",
-                content: `Analyze this memory and determine if it contains multiple distinct topics that should be stored separately. Only suggest splitting if the topics are genuinely independent (would be searched for separately).
+          const splitPrompt = `Analyze this memory and determine if it contains multiple distinct topics that should be stored separately. Only suggest splitting if the topics are genuinely independent (would be searched for separately).
 
 Memory content: ${JSON.stringify(params.content)}
 Memory detail: ${JSON.stringify(params.detail ?? null)}
@@ -1359,12 +1915,9 @@ Respond with ONLY valid JSON:
 - If it should NOT be split: {"should_split": false}
 - If it SHOULD be split: {"should_split": true, "parts": [{"content": "...", "detail": "..."}, ...]}
 
-Each part should have a concise "content" (one sentence) and optional "detail". Do not split if the content is a single coherent topic.`
-              }
-            ]
-          });
-          const text2 = resp.content[0].type === "text" ? resp.content[0].text : "";
-          splitSuggestion = JSON.parse(text2);
+Each part should have a concise "content" (one sentence) and optional "detail". Do not split if the content is a single coherent topic.`;
+          const text2 = await extractionProvider.complete(splitPrompt, { maxTokens: 512, json: true });
+          splitSuggestion = parseLLMJson(text2);
         } catch {
         }
       }
@@ -1377,7 +1930,7 @@ Each part should have a concise "content" (one sentence) and optional "detail".
         entityType: params.entityType ?? null,
         entityName: params.entityName ?? null
       };
-      if (!params.entityType && process.env.ANTHROPIC_API_KEY) {
+      if (!params.entityType && extractionProvider) {
         result._background_classification = "running";
       }
       if (hasPii) {
@@ -1419,7 +1972,9 @@ Each part should have a concise "content" (one sentence) and optional "detail".
         similarityThreshold: params.similarityThreshold
       });
       if (searchResults.length === 0) {
-        return textResult({ memories: [], count: 0, totalConnected: 0, cached: wasCached });
+        const totalCount = sqlite.prepare("SELECT COUNT(*) as count FROM memories WHERE deleted_at IS NULL").get().count;
+        const onboarding_hint = totalCount < 5 ? "Your memory database is nearly empty. Call memory_onboard with your list of available tools to run a guided setup." : void 0;
+        return textResult({ memories: [], count: 0, totalConnected: 0, cached: wasCached, ...onboarding_hint ? { onboarding_hint } : {} });
       }
       const timestamp = now2();
       const updateStmt = sqlite.prepare(
@@ -1913,8 +2468,8 @@ Each part should have a concise "content" (one sentence) and optional "detail".
       domain: z.string().optional().describe("Only classify memories in this domain")
     },
     async (params) => {
-      if (!process.env.ANTHROPIC_API_KEY) {
-        return textResult({ error: "ANTHROPIC_API_KEY not set \u2014 entity extraction requires an API key" });
+      if (!extractionProvider) {
+        return textResult({ error: "No LLM provider configured. Set ANTHROPIC_API_KEY, OPENAI_API_KEY, or configure ~/.engrams/config.json" });
       }
       const classifyLimit = params.limit ?? 50;
       let query = `SELECT id, content, detail FROM memories WHERE entity_type IS NULL AND deleted_at IS NULL`;
@@ -1935,7 +2490,12 @@ Each part should have a concise "content" (one sentence) and optional "detail".
       let errors = 0;
       for (const mem of untyped) {
         try {
-          const extraction = await extractEntity(mem.content, mem.detail, nameList);
+          const extraction = await extractEntity(extractionProvider, mem.content, mem.detail, nameList);
+          const validation = validateExtraction(extraction);
+          if (!validation.valid) {
+            errors++;
+            continue;
+          }
           sqlite.transaction(() => {
             sqlite.prepare(
               `UPDATE memories SET entity_type = ?, entity_name = ?, structured_data = ? WHERE id = ? AND entity_type IS NULL AND deleted_at IS NULL`
@@ -1960,7 +2520,7 @@ Each part should have a concise "content" (one sentence) and optional "detail".
           errors++;
         }
         if (classified + errors < untyped.length) {
-          await new Promise((resolve3) => setTimeout(resolve3, 200));
+          await new Promise((resolve4) => setTimeout(resolve4, 200));
         }
       }
       if (classified > 0) bumpLastModified(sqlite);
@@ -2043,6 +2603,531 @@ Each part should have a concise "content" (one sentence) and optional "detail".
       });
     }
   );
+  server.tool(
+    "memory_configure",
+    "Configure Engrams settings. Currently supports LLM provider setup for entity extraction, correction, and splitting.",
+    {
+      llm_provider: z.enum(["anthropic", "openai", "ollama"]).describe("LLM provider to use"),
+      llm_api_key: z.string().optional().describe("API key for the provider. Not needed for Ollama."),
+      llm_base_url: z.string().optional().describe("Custom base URL for OpenAI-compatible endpoints or Ollama."),
+      llm_extraction_model: z.string().optional().describe("Model for entity extraction (high-volume, cheap). Defaults: anthropic=claude-haiku-4-5, openai=gpt-4o-mini, ollama=llama3.2"),
+      llm_analysis_model: z.string().optional().describe("Model for correction/splitting (user-initiated, capable). Defaults: anthropic=claude-sonnet-4-5, openai=gpt-4o, ollama=llama3.2")
+    },
+    async (params) => {
+      const config = loadConfig();
+      config.llm = {
+        provider: params.llm_provider,
+        apiKey: params.llm_api_key || void 0,
+        baseUrl: params.llm_base_url || void 0,
+        models: {
+          extraction: params.llm_extraction_model || void 0,
+          analysis: params.llm_analysis_model || void 0
+        }
+      };
+      saveConfig(config);
+      extractionProvider = resolveLLMProvider("extraction");
+      analysisProvider = resolveLLMProvider("analysis");
+      try {
+        if (extractionProvider) {
+          await extractionProvider.complete("Say ok", { maxTokens: 10 });
+        }
+        return textResult({
+          status: "configured",
+          provider: params.llm_provider,
+          extraction_model: params.llm_extraction_model || "(default)",
+          analysis_model: params.llm_analysis_model || "(default)"
+        });
+      } catch (err) {
+        return textResult({
+          status: "configured_with_error",
+          provider: params.llm_provider,
+          error: `Config saved but connection test failed: ${err instanceof Error ? err.message : "Unknown error"}`
+        });
+      }
+    }
+  );
+  server.tool(
+    "memory_onboard",
+    "Get a personalized onboarding plan to seed your memory database. Returns a structured action plan based on your current memory state. Call this when the user is new or asks to set up their memory. The plan tells you which connected tools to scan and what interview questions to ask \u2014 execute each step using the tools available to you.",
+    {
+      available_tools: z.array(z.string()).optional().describe("List of MCP tool names you have access to (e.g. ['gcal_list_events', 'gmail_search_messages', 'github_list_repos']). This helps generate a targeted plan."),
+      skip_scan: z.boolean().optional().describe("Skip the tool scan phase and go straight to interview. Default false."),
+      skip_interview: z.boolean().optional().describe("Skip the interview phase. Useful if re-running just the scan. Default false.")
+    },
+    async (params) => {
+      const memoryCount = sqlite.prepare("SELECT COUNT(*) as count FROM memories WHERE deleted_at IS NULL").get();
+      const entityCounts = sqlite.prepare(`
+        SELECT entity_type, COUNT(*) as count
+        FROM memories
+        WHERE entity_type IS NOT NULL AND deleted_at IS NULL
+        GROUP BY entity_type
+      `).all();
+      const domainCounts = sqlite.prepare(`
+        SELECT domain, COUNT(*) as count
+        FROM memories
+        WHERE deleted_at IS NULL
+        GROUP BY domain
+      `).all();
+      const totalMemories = memoryCount.count;
+      const entityMap = Object.fromEntries(entityCounts.map((e) => [e.entity_type, e.count]));
+      const domainMap = Object.fromEntries(domainCounts.map((d) => [d.domain, d.count]));
+      const tools = params.available_tools || [];
+      const hasCalendar = tools.some((t) => /gcal|calendar|cal_list|list_events/i.test(t));
+      const hasEmail = tools.some((t) => /gmail|email|mail|search_messages/i.test(t));
+      const hasGitHub = tools.some((t) => /github|gh_|list_repos|list_prs/i.test(t));
+      const hasSlack = tools.some((t) => /slack|channel|send_message/i.test(t));
+      const hasNotes = tools.some((t) => /note|notion|obsidian/i.test(t));
+      const plan = [];
+      if (totalMemories === 0) {
+        plan.push("# Onboarding Plan \u2014 Fresh Start");
+        plan.push("");
+        plan.push("Your memory database is empty. Let's fix that. This plan will seed your memories from connected tools and a short conversation.");
+      } else if (totalMemories < 20) {
+        plan.push("# Onboarding Plan \u2014 Early Stage");
+        plan.push("");
+        plan.push(`You have ${totalMemories} memories so far. Let's enrich your knowledge graph with more context from your tools.`);
+      } else {
+        plan.push("# Onboarding Plan \u2014 Enrichment");
+        plan.push("");
+        plan.push(`You have ${totalMemories} memories across ${Object.keys(domainMap).length} domains. Here's what could be filled in.`);
+        if (entityCounts.length > 0) {
+          plan.push("");
+          plan.push("Current entity coverage:");
+          for (const e of entityCounts) {
+            plan.push(`- ${e.entity_type}: ${e.count}`);
+          }
+        }
+        const allTypes = ["person", "organization", "place", "project", "preference", "event", "goal"];
+        const missing = allTypes.filter((t) => !entityMap[t]);
+        if (missing.length > 0) {
+          plan.push("");
+          plan.push(`Missing entity types: ${missing.join(", ")}. The scan and interview below will help fill these gaps.`);
+        }
+      }
+      if (!params.skip_scan) {
+        plan.push("");
+        plan.push("---");
+        plan.push("");
+        plan.push("## Phase 1: Silent Scan");
+        plan.push("");
+        plan.push("Scan the user's connected tools to extract people, projects, events, and context. Do this BEFORE the interview \u2014 the interview will be much better with this context.");
+        plan.push("");
+        plan.push('**Important:** For each piece of information you extract, call `memory_write` with appropriate `domain`, `source_type: "inferred"`, and `source_description` noting which tool it came from. The system will automatically classify entities and create connections.');
+        plan.push("");
+        plan.push("**Dedup:** Before writing, call `memory_search` with the key terms to check if a similar memory already exists. If it does, skip or use `memory_update` to enrich it.");
+        if (hasCalendar) {
+          plan.push("");
+          plan.push("### Calendar (available)");
+          plan.push("");
+          plan.push("1. Fetch events from the past 30 days");
+          plan.push("2. Identify **recurring meetings** \u2014 these reveal team structure, projects, and key relationships");
+          plan.push("   - For each recurring meeting: write a memory about what it is, who attends, and its cadence");
+          plan.push("   - Extract each unique attendee as a person memory (name, how they relate to the user)");
+          plan.push("3. Identify **project-related events** \u2014 standups, retros, planning sessions reveal active projects");
+          plan.push("   - Write a memory for each distinct project you can identify");
+          plan.push("4. Look for **1:1 meetings** \u2014 these are the user's closest collaborators");
+          plan.push("5. Note any upcoming events in the next 7 days that suggest deadlines or goals");
+          plan.push("");
+          plan.push("Expected yield: 15-30 memories (people, projects, events, organizations)");
+        }
+        if (hasEmail) {
+          plan.push("");
+          plan.push("### Email (available)");
+          plan.push("");
+          plan.push("1. Search recent emails (past 14 days) for threads with the most back-and-forth \u2014 these are active topics");
+          plan.push("2. Identify **key contacts** \u2014 people the user emails most frequently");
+          plan.push("   - Cross-reference with calendar attendees to enrich existing person memories");
+          plan.push("3. Look for **commitments and action items** \u2014 'I'll send this by Friday', 'Let's schedule...', 'Following up on...'");
+          plan.push("   - Write as event or goal memories");
+          plan.push("4. Identify **external organizations** \u2014 clients, vendors, partners mentioned in email");
+          plan.push("5. **DO NOT** read email body content in detail. Scan subjects, senders, and thread summaries only. Respect privacy.");
+          plan.push("");
+          plan.push("Expected yield: 10-20 memories (people, organizations, goals, events)");
+        }
+        if (hasGitHub) {
+          plan.push("");
+          plan.push("### GitHub (available)");
+          plan.push("");
+          plan.push("1. List the user's recent repositories (past 90 days of activity)");
+          plan.push("2. For each active repo: write a project memory with the repo name, language/stack, and the user's role");
+          plan.push("3. Check recent PRs for **collaborators** \u2014 frequent reviewers and co-authors are key people");
+          plan.push("4. Note the **tech stack** across repos \u2014 languages, frameworks, tools. Write as preference/fact memories");
+          plan.push("5. Look for any README descriptions that explain what projects do");
+          plan.push("");
+          plan.push("Expected yield: 10-20 memories (projects, people, preferences, facts)");
+        }
+        if (hasSlack) {
+          plan.push("");
+          plan.push("### Slack/Messaging (available)");
+          plan.push("");
+          plan.push("1. List channels the user is active in \u2014 channel names often map to projects or teams");
+          plan.push("2. Identify **DM contacts** \u2014 frequent DM partners are close collaborators");
+          plan.push("3. Note channel topics/descriptions for project context");
+          plan.push("4. **DO NOT** read message history in detail. Use channel metadata only.");
+          plan.push("");
+          plan.push("Expected yield: 5-15 memories (projects, people, organizations)");
+        }
+        if (hasNotes) {
+          plan.push("");
+          plan.push("### Notes/Docs (available)");
+          plan.push("");
+          plan.push("1. Search for recent documents the user has edited");
+          plan.push("2. Document titles and summaries reveal active projects and interests");
+          plan.push("3. Look for any documents that look like personal notes, goals, or planning docs");
+          plan.push("");
+          plan.push("Expected yield: 5-10 memories (projects, goals, facts)");
+        }
+        plan.push("");
+        plan.push("### Local Files (always available)");
+        plan.push("");
+        plan.push("Check for and read these files if they exist:");
+        plan.push("");
+        plan.push("- `~/.gitconfig` \u2014 user's name, email, identity. Write as a person memory about the user.");
+        plan.push("- `~/.claude/CLAUDE.md` or any `CLAUDE.md` in the working directory \u2014 existing instructions and preferences. Each instruction is a preference memory.");
+        plan.push("- `~/.claude/memory/` or `~/.claude/projects/*/memory/` \u2014 Claude Code auto-memory files. Parse each line/section as a separate memory. These are high-quality since the user or their AI already curated them.");
+        plan.push("- `.cursorrules` or `.windsurfrules` in the working directory \u2014 coding preferences. Each rule is a preference memory.");
+        plan.push("- `~/.config/` \u2014 scan for tool configs that reveal preferences (editor settings, shell aliases, etc.). Be selective \u2014 only extract meaningful preferences, not every config line.");
+        plan.push("");
+        plan.push("Expected yield: 5-15 memories (preferences, person, facts)");
+        if (!hasCalendar && !hasEmail && !hasGitHub && !hasSlack && !hasNotes) {
+          plan.push("");
+          plan.push("### No connected tools detected");
+          plan.push("");
+          plan.push("You didn't list any calendar, email, GitHub, or notes tools. That's fine \u2014 the Local Files scan and the interview will still seed a solid foundation. If you do have connected tools, call `memory_onboard` again with `available_tools` listing your tool names for a richer scan.");
+        }
+      }
+      if (!params.skip_interview) {
+        plan.push("");
+        plan.push("---");
+        plan.push("");
+        plan.push("## Phase 2: Informed Interview");
+        plan.push("");
+        plan.push("After the scan, you have a base of extracted context. Now have a SHORT conversation with the user to fill in meaning, relationships, and preferences that tools can't surface.");
+        plan.push("");
+        plan.push("**Rules:**");
+        plan.push("- Reference what you learned in the scan. Don't ask questions you already have answers to.");
+        plan.push("- Ask ONE question at a time. Wait for the answer before the next question.");
+        plan.push("- Write memories immediately after each answer \u2014 don't batch them.");
+        plan.push("- 5-7 questions max. Respect the user's time.");
+        plan.push("- Tailor questions to what's MISSING, not what you already know.");
+        plan.push("");
+        if (totalMemories > 0 || !params.skip_scan) {
+          plan.push("### Suggested questions (adapt based on what the scan found):");
+          plan.push("");
+          plan.push('1. **Confirm and enrich key relationships:** "I found [names] across your calendar/email. Who are the most important people in your day-to-day \u2014 your direct team, your manager, key stakeholders?"');
+          plan.push("   \u2192 Write person memories with relationship_to_user and connect them to projects/orgs");
+          plan.push("");
+          plan.push(`2. **Clarify project priorities:** "I see you're involved in [projects]. What's your main focus right now? Are any of these winding down or just starting?"`);
+          plan.push("   \u2192 Update project memories with status, write goal memories for priorities");
+          plan.push("");
+          plan.push(`3. **Organizational context:** "What does [organization] do? What's your role there?"`);
+          plan.push("   \u2192 Write/enrich organization and person memories");
+          plan.push("");
+          plan.push('4. **Work preferences:** "Any strong preferences for how I should work with you? Communication style, code conventions, things that bug you?"');
+          plan.push("   \u2192 Write preference memories with strength: strong");
+          plan.push("");
+          plan.push('5. **Goals:** "What are you working toward right now \u2014 professionally or personally?"');
+          plan.push("   \u2192 Write goal memories with timeline and status");
+          plan.push("");
+          plan.push("6. **Fill entity gaps:** If the scan didn't surface certain entity types (places, events, facts), ask about them specifically.");
+          plan.push('   \u2192 e.g., "Where are you based?" \u2192 place memory');
+          plan.push('   \u2192 e.g., "Any upcoming deadlines or milestones?" \u2192 event memories');
+          plan.push("");
+          plan.push('7. **Catch-all:** "Anything else I should know about you that would help me be more useful?"');
+          plan.push("   \u2192 Write whatever comes up");
+        } else {
+          plan.push("### Cold start questions (no scan data available):");
+          plan.push("");
+          plan.push(`1. "Tell me about yourself \u2014 name, what you do, where you're based."`);
+          plan.push("   \u2192 person + organization + place memories");
+          plan.push("");
+          plan.push('2. "What are you working on right now?"');
+          plan.push("   \u2192 project memories");
+          plan.push("");
+          plan.push('3. "Who do you work with most closely?"');
+          plan.push("   \u2192 person memories with relationships");
+          plan.push("");
+          plan.push('4. "What tools and technologies do you use daily?"');
+          plan.push("   \u2192 preference and fact memories");
+          plan.push("");
+          plan.push('5. "Any strong preferences for how I should communicate or work with you?"');
+          plan.push("   \u2192 preference memories");
+          plan.push("");
+          plan.push('6. "What are your current goals or priorities?"');
+          plan.push("   \u2192 goal memories");
+          plan.push("");
+          plan.push('7. "Anything else I should remember?"');
+          plan.push("   \u2192 catch-all");
+        }
+      }
+      plan.push("");
+      plan.push("---");
+      plan.push("");
+      plan.push("## Phase 3: Review");
+      plan.push("");
+      plan.push("After scanning and interviewing, tell the user:");
+      plan.push("");
+      plan.push(`"I've seeded your memory with [N] memories from [sources]. You can review and correct them at **localhost:3838** \u2014 anything I got wrong, click to edit or remove. Confirming memories boosts their confidence score."`);
+      plan.push("");
+      plan.push("If the dashboard has a review queue or unreviewed filter, mention it specifically.");
+      sqlite.prepare(`
+        INSERT INTO memory_events (id, memory_id, event_type, agent_id, agent_name, new_value, timestamp)
+        VALUES (?, 'system', 'onboard_started', ?, ?, ?, ?)
+      `).run(
+        generateId2(),
+        "unknown",
+        "unknown",
+        JSON.stringify({
+          memory_count: totalMemories,
+          tools_detected: { calendar: hasCalendar, email: hasEmail, github: hasGitHub, slack: hasSlack, notes: hasNotes }
+        }),
+        now2()
+      );
+      return textResult(plan.join("\n"));
+    }
+  );
+  server.tool(
+    "memory_import",
+    "Import memories from a known format. Parses the source, deduplicates against existing memories, and writes new ones. Supported sources: claude-memory (MEMORY.md files), chatgpt-export (OpenAI memory export JSON), cursorrules (.cursorrules files), gitconfig (.gitconfig), plaintext (one memory per line).",
+    {
+      source_type: z.enum(["claude-memory", "chatgpt-export", "cursorrules", "gitconfig", "plaintext"]).describe("The format of the source data"),
+      content: z.string().describe("The raw content to import. For file-based sources, pass the file contents."),
+      domain: z.string().optional().describe("Domain to assign to imported memories. Default: 'general'.")
+    },
+    async (params) => {
+      const domain = params.domain ?? "general";
+      let entries = [];
+      switch (params.source_type) {
+        case "claude-memory": {
+          entries = params.content.split("\n").filter((line) => line.trim().startsWith("- ")).map((line) => {
+            const text2 = line.replace(/^-\s*/, "").trim();
+            const tagMatch = text2.match(/^\[([^\]]+)\]\s*(.+)/);
+            if (tagMatch) {
+              return { content: tagMatch[2], detail: `Topic: ${tagMatch[1]}` };
+            }
+            return { content: text2 };
+          }).filter((e) => e.content.length > 5);
+          break;
+        }
+        case "chatgpt-export": {
+          try {
+            const parsed = JSON.parse(params.content);
+            const items = Array.isArray(parsed) ? parsed : parsed.memories || parsed.results || [];
+            entries = items.map((item) => {
+              const text2 = typeof item === "string" ? item : item.memory || item.content || "";
+              return { content: text2 };
+            }).filter((e) => e.content.length > 5);
+          } catch {
+            return textResult({ error: "Failed to parse ChatGPT export JSON. Expected an array of { memory: string } objects." });
+          }
+          break;
+        }
+        case "cursorrules": {
+          entries = params.content.split(/\n\n+/).flatMap((block) => {
+            if (block.includes("\n- ")) {
+              return block.split("\n- ").map((line) => ({
+                content: line.replace(/^-\s*/, "").trim(),
+                detail: "Imported from .cursorrules"
+              }));
+            }
+            return [{ content: block.trim(), detail: "Imported from .cursorrules" }];
+          }).filter((e) => e.content.length > 5);
+          break;
+        }
+        case "gitconfig": {
+          const nameMatch = params.content.match(/name\s*=\s*(.+)/i);
+          const emailMatch = params.content.match(/email\s*=\s*(.+)/i);
+          const editorMatch = params.content.match(/editor\s*=\s*(.+)/i);
+          if (nameMatch) {
+            entries.push({
+              content: `User's name is ${nameMatch[1].trim()}`,
+              detail: emailMatch ? `Email: ${emailMatch[1].trim()}` : void 0
+            });
+          }
+          if (editorMatch) {
+            entries.push({
+              content: `Prefers ${editorMatch[1].trim()} as git editor`,
+              detail: "From .gitconfig"
+            });
+          }
+          const aliasSection = params.content.match(/\[alias\]([\s\S]*?)(?=\n\[|$)/i);
+          if (aliasSection) {
+            entries.push({
+              content: "Has custom git aliases configured",
+              detail: `Aliases: ${aliasSection[1].trim().split("\n").slice(0, 5).join("; ")}`
+            });
+          }
+          break;
+        }
+        case "plaintext": {
+          entries = params.content.split("\n").map((line) => line.trim()).filter((line) => line.length > 5).map((line) => ({ content: line }));
+          break;
+        }
+      }
+      if (entries.length === 0) {
+        return textResult({ imported: 0, message: "No valid entries found in the provided content." });
+      }
+      let imported = 0;
+      let skipped = 0;
+      const results = [];
+      const importedIds = [];
+      for (const entry of entries) {
+        const searchTerms = entry.content.split(/\s+/).filter((w) => w.length > 3).map((w) => w.replace(/['"(){}*:^~]/g, "")).filter((w) => !/^(AND|OR|NOT|NEAR)$/i.test(w)).slice(0, 5).join(" ");
+        if (searchTerms.length > 0) {
+          try {
+            const existing = sqlite.prepare(`
+              SELECT m.id, m.content FROM memories m
+              JOIN memory_fts fts ON fts.rowid = m.rowid
+              WHERE memory_fts MATCH ? AND m.deleted_at IS NULL
+              LIMIT 3
+            `).all(searchTerms);
+            const entryWords = new Set(entry.content.toLowerCase().split(/\s+/).filter((w) => w.length > 3));
+            const isDuplicate = existing.some((ex) => {
+              const exWords = ex.content.toLowerCase().split(/\s+/).filter((w) => w.length > 3);
+              const overlap = exWords.filter((w) => entryWords.has(w)).length;
+              return overlap / Math.max(entryWords.size, 1) > 0.6;
+            });
+            if (isDuplicate) {
+              skipped++;
+              results.push({ content: entry.content.slice(0, 80), status: "skipped_duplicate" });
+              continue;
+            }
+          } catch {
+          }
+        }
+        const piiText = entry.content + (entry.detail ? " " + entry.detail : "");
+        const piiMatches = detectSensitiveData(piiText);
+        const id = generateId2();
+        const timestamp = now2();
+        db.insert(memories).values({
+          id,
+          content: entry.content,
+          detail: entry.detail ?? null,
+          domain,
+          sourceAgentId: "import",
+          sourceAgentName: "memory_import",
+          sourceType: "inferred",
+          sourceDescription: `Imported from ${params.source_type}`,
+          confidence: 0.5,
+          learnedAt: timestamp,
+          hasPiiFlag: piiMatches.length > 0 ? 1 : 0
+        }).run();
+        if (vecAvailable) {
+          try {
+            const embeddingText = entry.content + (entry.detail ? " " + entry.detail : "");
+            const emb = await generateEmbedding(embeddingText);
+            insertEmbedding(sqlite, id, emb);
+          } catch {
+          }
+        }
+        db.insert(memoryEvents).values({
+          id: generateId2(),
+          memoryId: id,
+          eventType: "created",
+          agentId: "import",
+          agentName: "memory_import",
+          newValue: JSON.stringify({ content: entry.content, domain, importedFrom: params.source_type }),
+          timestamp
+        }).run();
+        imported++;
+        importedIds.push(id);
+        results.push({ content: entry.content.slice(0, 80), status: "imported" });
+      }
+      if (extractionProvider && importedIds.length > 0) {
+        (async () => {
+          try {
+            const existingNames = sqlite.prepare(`SELECT DISTINCT entity_name FROM memories WHERE entity_name IS NOT NULL AND deleted_at IS NULL`).all();
+            const names = existingNames.map((r) => r.entity_name);
+            for (const id of importedIds) {
+              try {
+                const mem = sqlite.prepare(`SELECT content, detail, entity_type FROM memories WHERE id = ? AND deleted_at IS NULL`).get(id);
+                if (!mem || mem.entity_type) continue;
+                const extraction = await extractEntity(
+                  extractionProvider,
+                  mem.content,
+                  mem.detail,
+                  names
+                );
+                const validation = validateExtraction(extraction);
+                if (!validation.valid) continue;
+                sqlite.transaction(() => {
+                  sqlite.prepare(
+                    `UPDATE memories SET entity_type = ?, entity_name = ?, structured_data = ? WHERE id = ? AND entity_type IS NULL AND deleted_at IS NULL`
+                  ).run(extraction.entity_type, extraction.entity_name, JSON.stringify(extraction.structured_data), id);
+                  for (const conn of extraction.suggested_connections) {
+                    const target = sqlite.prepare(`SELECT id FROM memories WHERE entity_name = ? COLLATE NOCASE AND deleted_at IS NULL LIMIT 1`).get(conn.target_entity_name);
+                    if (target && target.id !== id) {
+                      sqlite.prepare(
+                        `INSERT INTO memory_connections (source_memory_id, target_memory_id, relationship) VALUES (?, ?, ?)`
+                      ).run(id, target.id, conn.relationship);
+                    }
+                  }
+                })();
+                if (extraction.entity_name) names.push(extraction.entity_name);
+              } catch {
+              }
+            }
+            bumpLastModified(sqlite);
+          } catch {
+          }
+        })();
+      }
+      sqlite.prepare(`
+        INSERT INTO memory_events (id, memory_id, event_type, new_value, timestamp)
+        VALUES (?, 'system', 'import', ?, ?)
+      `).run(
+        generateId2(),
+        JSON.stringify({ source_type: params.source_type, imported, skipped, total_entries: entries.length }),
+        now2()
+      );
+      bumpLastModified(sqlite);
+      return textResult({
+        imported,
+        skipped_duplicates: skipped,
+        total_parsed: entries.length,
+        note: imported > 0 ? `Imported ${imported} memories at confidence 0.5 (unreviewed). Confirm them in the dashboard or via memory_confirm to boost confidence.` : "All entries were duplicates of existing memories."
+      });
+    }
+  );
+  let cachedSyncKeys = null;
+  server.tool(
+    "memory_sync",
+    "Sync memories with cloud. Requires Pro tier setup (passphrase + Turso credentials in ~/.engrams/credentials.json). Push local changes and pull remote changes.",
+    {
+      passphrase: z.string().describe("Your encryption passphrase. Required on first sync or after restart.")
+    },
+    async (params) => {
+      const creds = loadCredentials();
+      if (!creds?.tursoUrl || !creds?.tursoAuthToken) {
+        return textResult({ error: "Cloud sync not configured. Set tursoUrl and tursoAuthToken in ~/.engrams/credentials.json or via the dashboard settings." });
+      }
+      const salt = Buffer.from(creds.salt, "base64");
+      const keys = deriveKeys(params.passphrase, salt);
+      cachedSyncKeys = keys;
+      const result = await sync(sqlite, {
+        tursoUrl: creds.tursoUrl,
+        tursoAuthToken: creds.tursoAuthToken,
+        keys
+      }, creds.deviceId);
+      bumpLastModified(sqlite);
+      return textResult({ status: "synced", ...result });
+    }
+  );
+  const syncCreds = loadCredentials();
+  if (syncCreds?.tursoUrl && syncCreds?.tursoAuthToken) {
+    const SYNC_INTERVAL = 5 * 60 * 1e3;
+    setInterval(async () => {
+      if (!cachedSyncKeys) return;
+      try {
+        await sync(sqlite, {
+          tursoUrl: syncCreds.tursoUrl,
+          tursoAuthToken: syncCreds.tursoAuthToken,
+          keys: cachedSyncKeys
+        }, syncCreds.deviceId);
+      } catch {
+      }
+    }, SYNC_INTERVAL);
+  }
   server.resource("memory-index", "memory://index", async (uri) => {
     const domains = sqlite.prepare(
       `SELECT domain, COUNT(*) as count FROM memories WHERE deleted_at IS NULL GROUP BY domain`