mindcache 3.4.0 → 3.4.2

package/dist/{CloudAdapter-WvuWM4fD.d.mts → CloudAdapter-D2xxVv4E.d.mts}

@@ -8,17 +8,13 @@ import * as Y from 'yjs';
 type AccessLevel = 'user' | 'system';
 /**
  * Known system tags that control key behavior
- * - 'SystemPrompt': Include in system prompt
- * - 'LLMRead': LLM can read this key (visible to LLMs)
+ * - 'SystemPrompt': Include in system prompt (visible to LLM context)
+ * - 'LLMRead': LLM can read this key via tools
  * - 'LLMWrite': LLM can write to this key via tools
- * - 'protected': Cannot be deleted (replaces hardcoded)
+ * - 'protected': Cannot be deleted
  * - 'ApplyTemplate': Process value through template injection
- *
- * @deprecated 'prompt' - Use 'SystemPrompt' instead
- * @deprecated 'readonly' - Use absence of 'LLMWrite' instead (if LLMWrite not present, readonly=true)
- * @deprecated 'template' - Use 'ApplyTemplate' instead
  */
-type SystemTag = 'SystemPrompt' | 'LLMRead' | 'LLMWrite' | 'protected' | 'ApplyTemplate' | 'prompt' | 'readonly' | 'template';
+type SystemTag = 'SystemPrompt' | 'LLMRead' | 'LLMWrite' | 'protected' | 'ApplyTemplate';
 /**
  * Type of value stored in a MindCache key
  */
@@ -37,17 +33,11 @@ interface KeyAttributes {
     systemTags: SystemTag[];
     /** Z-index for ordering keys (lower values appear first) */
     zIndex: number;
-    /** @deprecated Use !systemTags.includes('LLMWrite') instead */
-    readonly: boolean;
-    /** @deprecated Use systemTags.includes('SystemPrompt') instead */
-    visible: boolean;
-    /** @deprecated Use systemTags.includes('protected') instead */
-    hardcoded: boolean;
-    /** @deprecated Use systemTags.includes('ApplyTemplate') instead */
-    template: boolean;
-    /** @deprecated Use contentTags instead */
-    tags?: string[];
 }
+/**
+ * Default attributes for new keys
+ */
+declare const DEFAULT_KEY_ATTRIBUTES: KeyAttributes;
 /**
  * A single entry in the MindCache store
  */
@@ -71,10 +61,6 @@ type Listener = (value: unknown) => void;
  * Called when any key changes (no parameters - use getAll() to get current state)
  */
 type GlobalListener = () => void;
-/**
- * Default attributes for new keys
- */
-declare const DEFAULT_KEY_ATTRIBUTES: KeyAttributes;
 /**
  * A single entry in the global history log
  */
@@ -95,6 +81,21 @@ interface HistoryOptions {
     /** Save full snapshot every N entries for fast restore (default: 10) */
     snapshotInterval?: number;
 }
+/**
+ * Helper functions for working with system tags
+ */
+declare const SystemTagHelpers: {
+    /** Check if key is writable by LLM */
+    isLLMWritable: (attrs: KeyAttributes) => boolean;
+    /** Check if key is readable by LLM (in context or via tools) */
+    isLLMReadable: (attrs: KeyAttributes) => boolean;
+    /** Check if key is included in system prompt */
+    isInSystemPrompt: (attrs: KeyAttributes) => boolean;
+    /** Check if key is protected from deletion */
+    isProtected: (attrs: KeyAttributes) => boolean;
+    /** Check if key uses template injection */
+    hasTemplateInjection: (attrs: KeyAttributes) => boolean;
+};
 
 /**
  * Cloud configuration options for MindCache constructor
@@ -143,7 +144,6 @@ declare class MindCache {
     private listeners;
     private globalListeners;
     readonly version = "3.3.2";
-    private _isRemoteUpdate;
     private normalizeSystemTags;
     private _cloudAdapter;
     private _connectionState;
@@ -219,7 +219,6 @@ declare class MindCache {
     get isOnline(): boolean;
     waitForSync(): Promise<void>;
     disconnect(): void;
-    isRemoteUpdate(): boolean;
     serialize(): STM;
     deserialize(data: STM): void;
     private encodeFileToBase64;
@@ -247,6 +246,16 @@ declare class MindCache {
      */
     set_attributes(key: string, attributes: Partial<KeyAttributes>): void;
     set_value(key: string, value: any, attributes?: Partial<KeyAttributes>): void;
+    /**
+     * LLM-safe method to write a value to a key.
+     * This method:
+     * - Only updates the value, never modifies attributes/systemTags
+     * - Checks LLMWrite permission before writing
+     * - Returns false if key doesn't exist or lacks LLMWrite permission
+     *
+     * Used by create_vercel_ai_tools() to prevent LLMs from escalating privileges.
+     */
+    llm_set_key(key: string, value: any): boolean;
     delete_key(key: string): void;
     clear(): void;
     /**
@@ -429,6 +438,14 @@ declare class MindCache {
     /**
      * Generate Vercel AI SDK compatible tools for writable keys.
      * For document type keys, generates additional tools: append_, insert_, edit_
+     *
+     * Security: All tools use llm_set_key internally which:
+     * - Only modifies VALUES, never attributes/systemTags
+     * - Prevents LLMs from escalating privileges
+     */
+    create_vercel_ai_tools(): Record<string, any>;
+    /**
+     * @deprecated Use create_vercel_ai_tools() instead
      */
     get_aisdk_tools(): Record<string, any>;
     /**
@@ -532,4 +549,4 @@ declare class CloudAdapter {
     private scheduleReconnect;
 }
 
-export { type AccessLevel as A, CloudAdapter as C, DEFAULT_KEY_ATTRIBUTES as D, type GlobalListener as G, type HistoryEntry as H, type KeyAttributes as K, type Listener as L, MindCache as M, type Operation as O, type SystemTag as S, type MindCacheOptions as a, type KeyType as b, type STM as c, type STMEntry as d, type HistoryOptions as e, type MindCacheCloudOptions as f, type MindCacheIndexedDBOptions as g, type CloudConfig as h, type ConnectionState as i, type CloudAdapterEvents as j, type SetOperation as k, type DeleteOperation as l, type ClearOperation as m };
+export { type AccessLevel as A, CloudAdapter as C, DEFAULT_KEY_ATTRIBUTES as D, type GlobalListener as G, type HistoryEntry as H, type KeyAttributes as K, type Listener as L, MindCache as M, type Operation as O, type SystemTag as S, type MindCacheOptions as a, type KeyType as b, type STM as c, type STMEntry as d, type HistoryOptions as e, type MindCacheCloudOptions as f, type MindCacheIndexedDBOptions as g, SystemTagHelpers as h, type CloudConfig as i, type ConnectionState as j, type CloudAdapterEvents as k, type SetOperation as l, type DeleteOperation as m, type ClearOperation as n };

package/dist/{CloudAdapter-WvuWM4fD.d.ts → CloudAdapter-D2xxVv4E.d.ts}

@@ -8,17 +8,13 @@ import * as Y from 'yjs';
 type AccessLevel = 'user' | 'system';
 /**
  * Known system tags that control key behavior
- * - 'SystemPrompt': Include in system prompt
- * - 'LLMRead': LLM can read this key (visible to LLMs)
+ * - 'SystemPrompt': Include in system prompt (visible to LLM context)
+ * - 'LLMRead': LLM can read this key via tools
  * - 'LLMWrite': LLM can write to this key via tools
- * - 'protected': Cannot be deleted (replaces hardcoded)
+ * - 'protected': Cannot be deleted
  * - 'ApplyTemplate': Process value through template injection
- *
- * @deprecated 'prompt' - Use 'SystemPrompt' instead
- * @deprecated 'readonly' - Use absence of 'LLMWrite' instead (if LLMWrite not present, readonly=true)
- * @deprecated 'template' - Use 'ApplyTemplate' instead
  */
-type SystemTag = 'SystemPrompt' | 'LLMRead' | 'LLMWrite' | 'protected' | 'ApplyTemplate' | 'prompt' | 'readonly' | 'template';
+type SystemTag = 'SystemPrompt' | 'LLMRead' | 'LLMWrite' | 'protected' | 'ApplyTemplate';
 /**
  * Type of value stored in a MindCache key
  */
@@ -37,17 +33,11 @@ interface KeyAttributes {
     systemTags: SystemTag[];
     /** Z-index for ordering keys (lower values appear first) */
     zIndex: number;
-    /** @deprecated Use !systemTags.includes('LLMWrite') instead */
-    readonly: boolean;
-    /** @deprecated Use systemTags.includes('SystemPrompt') instead */
-    visible: boolean;
-    /** @deprecated Use systemTags.includes('protected') instead */
-    hardcoded: boolean;
-    /** @deprecated Use systemTags.includes('ApplyTemplate') instead */
-    template: boolean;
-    /** @deprecated Use contentTags instead */
-    tags?: string[];
 }
+/**
+ * Default attributes for new keys
+ */
+declare const DEFAULT_KEY_ATTRIBUTES: KeyAttributes;
 /**
  * A single entry in the MindCache store
  */
@@ -71,10 +61,6 @@ type Listener = (value: unknown) => void;
  * Called when any key changes (no parameters - use getAll() to get current state)
  */
 type GlobalListener = () => void;
-/**
- * Default attributes for new keys
- */
-declare const DEFAULT_KEY_ATTRIBUTES: KeyAttributes;
 /**
  * A single entry in the global history log
  */
@@ -95,6 +81,21 @@ interface HistoryOptions {
     /** Save full snapshot every N entries for fast restore (default: 10) */
     snapshotInterval?: number;
 }
+/**
+ * Helper functions for working with system tags
+ */
+declare const SystemTagHelpers: {
+    /** Check if key is writable by LLM */
+    isLLMWritable: (attrs: KeyAttributes) => boolean;
+    /** Check if key is readable by LLM (in context or via tools) */
+    isLLMReadable: (attrs: KeyAttributes) => boolean;
+    /** Check if key is included in system prompt */
+    isInSystemPrompt: (attrs: KeyAttributes) => boolean;
+    /** Check if key is protected from deletion */
+    isProtected: (attrs: KeyAttributes) => boolean;
+    /** Check if key uses template injection */
+    hasTemplateInjection: (attrs: KeyAttributes) => boolean;
+};
 
 /**
  * Cloud configuration options for MindCache constructor
@@ -143,7 +144,6 @@ declare class MindCache {
     private listeners;
     private globalListeners;
     readonly version = "3.3.2";
-    private _isRemoteUpdate;
     private normalizeSystemTags;
     private _cloudAdapter;
     private _connectionState;
@@ -219,7 +219,6 @@ declare class MindCache {
     get isOnline(): boolean;
     waitForSync(): Promise<void>;
     disconnect(): void;
-    isRemoteUpdate(): boolean;
     serialize(): STM;
     deserialize(data: STM): void;
     private encodeFileToBase64;
@@ -247,6 +246,16 @@ declare class MindCache {
      */
     set_attributes(key: string, attributes: Partial<KeyAttributes>): void;
     set_value(key: string, value: any, attributes?: Partial<KeyAttributes>): void;
+    /**
+     * LLM-safe method to write a value to a key.
+     * This method:
+     * - Only updates the value, never modifies attributes/systemTags
+     * - Checks LLMWrite permission before writing
+     * - Returns false if key doesn't exist or lacks LLMWrite permission
+     *
+     * Used by create_vercel_ai_tools() to prevent LLMs from escalating privileges.
+     */
+    llm_set_key(key: string, value: any): boolean;
     delete_key(key: string): void;
     clear(): void;
     /**
@@ -429,6 +438,14 @@ declare class MindCache {
     /**
      * Generate Vercel AI SDK compatible tools for writable keys.
      * For document type keys, generates additional tools: append_, insert_, edit_
+     *
+     * Security: All tools use llm_set_key internally which:
+     * - Only modifies VALUES, never attributes/systemTags
+     * - Prevents LLMs from escalating privileges
+     */
+    create_vercel_ai_tools(): Record<string, any>;
+    /**
+     * @deprecated Use create_vercel_ai_tools() instead
      */
     get_aisdk_tools(): Record<string, any>;
     /**
@@ -532,4 +549,4 @@ declare class CloudAdapter {
     private scheduleReconnect;
 }
 
-export { type AccessLevel as A, CloudAdapter as C, DEFAULT_KEY_ATTRIBUTES as D, type GlobalListener as G, type HistoryEntry as H, type KeyAttributes as K, type Listener as L, MindCache as M, type Operation as O, type SystemTag as S, type MindCacheOptions as a, type KeyType as b, type STM as c, type STMEntry as d, type HistoryOptions as e, type MindCacheCloudOptions as f, type MindCacheIndexedDBOptions as g, type CloudConfig as h, type ConnectionState as i, type CloudAdapterEvents as j, type SetOperation as k, type DeleteOperation as l, type ClearOperation as m };
+export { type AccessLevel as A, CloudAdapter as C, DEFAULT_KEY_ATTRIBUTES as D, type GlobalListener as G, type HistoryEntry as H, type KeyAttributes as K, type Listener as L, MindCache as M, type Operation as O, type SystemTag as S, type MindCacheOptions as a, type KeyType as b, type STM as c, type STMEntry as d, type HistoryOptions as e, type MindCacheCloudOptions as f, type MindCacheIndexedDBOptions as g, SystemTagHelpers as h, type CloudConfig as i, type ConnectionState as j, type CloudAdapterEvents as k, type SetOperation as l, type DeleteOperation as m, type ClearOperation as n };

package/dist/cloud/index.d.mts

@@ -1,5 +1,5 @@
-import { M as MindCache, h as CloudConfig, C as CloudAdapter } from '../CloudAdapter-WvuWM4fD.mjs';
-export { m as ClearOperation, j as CloudAdapterEvents, i as ConnectionState, l as DeleteOperation, O as Operation, k as SetOperation } from '../CloudAdapter-WvuWM4fD.mjs';
+import { M as MindCache, i as CloudConfig, C as CloudAdapter } from '../CloudAdapter-D2xxVv4E.mjs';
+export { n as ClearOperation, k as CloudAdapterEvents, j as ConnectionState, m as DeleteOperation, O as Operation, l as SetOperation } from '../CloudAdapter-D2xxVv4E.mjs';
 import 'yjs';
 
 /**

package/dist/cloud/index.d.ts

@@ -1,5 +1,5 @@
-import { M as MindCache, h as CloudConfig, C as CloudAdapter } from '../CloudAdapter-WvuWM4fD.js';
-export { m as ClearOperation, j as CloudAdapterEvents, i as ConnectionState, l as DeleteOperation, O as Operation, k as SetOperation } from '../CloudAdapter-WvuWM4fD.js';
+import { M as MindCache, i as CloudConfig, C as CloudAdapter } from '../CloudAdapter-D2xxVv4E.js';
+export { n as ClearOperation, k as CloudAdapterEvents, j as ConnectionState, m as DeleteOperation, O as Operation, l as SetOperation } from '../CloudAdapter-D2xxVv4E.js';
 import 'yjs';
 
 /**

package/dist/cloud/index.js

@@ -73,7 +73,7 @@ var init_IndexedDBAdapter = __esm({
         await this.initDB();
         await this.load();
         const listener = () => {
-          if (this.mindcache && !this.mindcache.isRemoteUpdate()) {
+          if (this.mindcache) {
             this.scheduleSave();
           }
         };
@@ -453,15 +453,9 @@ var init_CloudAdapter = __esm({
 var DEFAULT_KEY_ATTRIBUTES = {
   type: "text",
   contentTags: [],
-  systemTags: ["SystemPrompt", "LLMWrite"],
-  // visible in system prompt and writable by LLM by default
-  zIndex: 0,
-  // Legacy - derived from systemTags
-  readonly: false,
-  visible: true,
-  hardcoded: false,
-  template: false,
-  tags: []
+  systemTags: [],
+  // Keys are private by default - explicitly add SystemPrompt/LLMRead/LLMWrite to enable LLM access
+  zIndex: 0
 };
 
 // src/core/MindCache.ts
@@ -477,38 +471,16 @@ var MindCache = class {
   version = "3.3.2";
   // Internal flag to prevent sync loops when receiving remote updates
   // (Less critical with Yjs but kept for API compat)
-  _isRemoteUpdate = false;
   normalizeSystemTags(tags) {
     const normalized = [];
-    let hasSystemPrompt = false;
-    let hasLLMRead = false;
-    let hasLLMWrite = false;
-    let hasReadonly = false;
+    const seen = /* @__PURE__ */ new Set();
     for (const tag of tags) {
-      if (tag === "SystemPrompt" || tag === "prompt") {
-        hasSystemPrompt = true;
-      } else if (tag === "LLMRead") {
-        hasLLMRead = true;
-      } else if (tag === "LLMWrite") {
-        hasLLMWrite = true;
-      } else if (tag === "readonly") {
-        hasReadonly = true;
-      } else if (tag === "protected") {
-        normalized.push(tag);
-      } else if (tag === "ApplyTemplate" || tag === "template") {
-        normalized.push("ApplyTemplate");
-      }
-    }
-    if (hasSystemPrompt) {
-      normalized.push("SystemPrompt");
-    }
-    if (hasLLMRead) {
-      normalized.push("LLMRead");
-    }
-    if (hasReadonly) {
-      normalized.push("readonly");
-    } else if (hasLLMWrite) {
-      normalized.push("LLMWrite");
+      if (["SystemPrompt", "LLMRead", "LLMWrite", "protected", "ApplyTemplate"].includes(tag)) {
+        if (!seen.has(tag)) {
+          seen.add(tag);
+          normalized.push(tag);
+        }
+      }
     }
     return normalized;
   }
@@ -899,10 +871,6 @@ var MindCache = class {
       this._idbProvider = null;
     }
   }
-  // Legacy bridge
-  isRemoteUpdate() {
-    return false;
-  }
   // Serialize state
   serialize() {
     const json = {};
@@ -939,16 +907,10 @@ var MindCache = class {
         const attrs = entry.attributes || {};
         const normalizedAttrs = {
           type: attrs.type || "text",
+          contentType: attrs.contentType,
           contentTags: attrs.contentTags || [],
-          systemTags: attrs.systemTags || this.normalizeSystemTags(attrs.visible !== false ? ["prompt"] : []),
-          zIndex: attrs.zIndex ?? 0,
-          // Legacy fields
-          readonly: attrs.readonly ?? false,
-          visible: attrs.visible ?? true,
-          hardcoded: attrs.hardcoded ?? false,
-          template: attrs.template ?? false,
-          tags: attrs.tags || [],
-          contentType: attrs.contentType
+          systemTags: this.normalizeSystemTags(attrs.systemTags || []),
+          zIndex: attrs.zIndex ?? 0
         };
         entryMap.set("attributes", normalizedAttrs);
       }
@@ -1053,7 +1015,7 @@ var MindCache = class {
     if (_processingStack && _processingStack.has(key)) {
       return `{{${key}}}`;
     }
-    if (attributes?.systemTags?.includes("ApplyTemplate") || attributes?.systemTags?.includes("template") || attributes?.template) {
+    if (attributes?.systemTags?.includes("ApplyTemplate")) {
       if (typeof value === "string") {
         const stack = _processingStack || /* @__PURE__ */ new Set();
         stack.add(key);
@@ -1067,13 +1029,8 @@ var MindCache = class {
       return {
         type: "text",
         contentTags: [],
-        systemTags: ["prompt", "readonly", "protected"],
-        zIndex: 999999,
-        readonly: true,
-        visible: true,
-        hardcoded: true,
-        template: false,
-        tags: []
+        systemTags: ["SystemPrompt", "protected"],
+        zIndex: 999999
       };
     }
     const entryMap = this.rootMap.get(key);
@@ -1098,6 +1055,14 @@ var MindCache = class {
         mergedAttrs.systemTags = this.normalizeSystemTags(mergedAttrs.systemTags);
       }
       entryMap.set("attributes", mergedAttrs);
+      const currentValue = entryMap.get("value");
+      if (mergedAttrs.type === "document" && !(currentValue instanceof Y__namespace.Text)) {
+        const strValue = typeof currentValue === "string" ? currentValue : String(currentValue ?? "");
+        entryMap.set("value", new Y__namespace.Text(strValue));
+        this.getUndoManager(key);
+      } else if (mergedAttrs.type !== "document" && currentValue instanceof Y__namespace.Text) {
+        entryMap.set("value", currentValue.toString());
+      }
     });
   }
   set_value(key, value, attributes) {
@@ -1108,10 +1073,15 @@ var MindCache = class {
     if (existingEntry) {
       const existingAttrs = existingEntry.get("attributes");
       if (existingAttrs?.type === "document") {
-        if (typeof value === "string") {
-          this._replaceDocumentText(key, value);
+        if (!attributes?.type || attributes.type === "document") {
+          if (typeof value === "string") {
+            this._replaceDocumentText(key, value);
+          }
+          if (attributes) {
+            this.set_attributes(key, attributes);
+          }
+          return;
         }
-        return;
       }
     }
     if (!existingEntry && attributes?.type === "document") {
@@ -1127,26 +1097,55 @@ var MindCache = class {
     this.getUndoManager(key);
     this.doc.transact(() => {
       const oldAttributes = isNewEntry ? {
-        ...DEFAULT_KEY_ATTRIBUTES,
-        contentTags: [],
-        systemTags: ["SystemPrompt", "LLMWrite"],
-        tags: [],
-        zIndex: 0
+        ...DEFAULT_KEY_ATTRIBUTES
       } : entryMap.get("attributes");
       const finalAttributes = attributes ? { ...oldAttributes, ...attributes } : oldAttributes;
       let normalizedAttributes = { ...finalAttributes };
       if (finalAttributes.systemTags) {
         normalizedAttributes.systemTags = this.normalizeSystemTags(finalAttributes.systemTags);
       }
-      if (finalAttributes.template) {
-        if (!normalizedAttributes.systemTags.includes("template")) {
-          normalizedAttributes.systemTags.push("template");
-        }
+      let valueToSet = value;
+      if (normalizedAttributes.type === "document" && !(valueToSet instanceof Y__namespace.Text)) {
+        valueToSet = new Y__namespace.Text(typeof value === "string" ? value : String(value ?? ""));
+      } else if (normalizedAttributes.type !== "document" && valueToSet instanceof Y__namespace.Text) {
+        valueToSet = valueToSet.toString();
       }
-      entryMap.set("value", value);
+      entryMap.set("value", valueToSet);
       entryMap.set("attributes", normalizedAttributes);
     });
   }
+  /**
+   * LLM-safe method to write a value to a key.
+   * This method:
+   * - Only updates the value, never modifies attributes/systemTags
+   * - Checks LLMWrite permission before writing
+   * - Returns false if key doesn't exist or lacks LLMWrite permission
+   *
+   * Used by create_vercel_ai_tools() to prevent LLMs from escalating privileges.
+   */
+  llm_set_key(key, value) {
+    if (key === "$date" || key === "$time" || key === "$version") {
+      return false;
+    }
+    const entryMap = this.rootMap.get(key);
+    if (!entryMap) {
+      return false;
+    }
+    const attributes = entryMap.get("attributes");
+    if (!attributes?.systemTags?.includes("LLMWrite")) {
+      return false;
+    }
+    if (attributes.type === "document") {
+      if (typeof value === "string") {
+        this._replaceDocumentText(key, value);
+      }
+      return true;
+    }
+    this.doc.transact(() => {
+      entryMap.set("value", value);
+    });
+    return true;
+  }
   delete_key(key) {
     if (key === "$date" || key === "$time") {
       return;
@@ -1591,15 +1590,13 @@ var MindCache = class {
       }
       const attributes = entryMap.get("attributes");
       const value = entryMap.get("value");
-      if (attributes?.hardcoded) {
+      if (attributes?.systemTags?.includes("protected")) {
         return;
       }
       lines.push(`### ${key}`);
       const entryType = attributes?.type || "text";
       lines.push(`- **Type**: \`${entryType}\``);
-      lines.push(`- **Readonly**: \`${attributes?.readonly ?? false}\``);
-      lines.push(`- **Visible**: \`${attributes?.visible ?? true}\``);
-      lines.push(`- **Template**: \`${attributes?.template ?? false}\``);
+      lines.push(`- **System Tags**: \`${attributes?.systemTags?.join(", ") || "none"}\``);
       lines.push(`- **Z-Index**: \`${attributes?.zIndex ?? 0}\``);
       if (attributes?.contentTags && attributes.contentTags.length > 0) {
         lines.push(`- **Tags**: \`${attributes.contentTags.join("`, `")}\``);
@@ -1685,16 +1682,11 @@ var MindCache = class {
         }
         continue;
       }
-      if (line.startsWith("- **Readonly**:")) {
-        currentAttributes.readonly = line.includes("`true`");
-        continue;
-      }
-      if (line.startsWith("- **Visible**:")) {
-        currentAttributes.visible = line.includes("`true`");
-        continue;
-      }
-      if (line.startsWith("- **Template**:")) {
-        currentAttributes.template = line.includes("`true`");
+      if (line.startsWith("- **System Tags**:")) {
+        const tagsStr = line.match(/`([^`]+)`/)?.[1] || "";
+        if (tagsStr !== "none") {
+          currentAttributes.systemTags = tagsStr.split(", ").filter((t) => t);
+        }
         continue;
       }
       if (line.startsWith("- **Z-Index**:")) {
@@ -1705,7 +1697,6 @@ var MindCache = class {
       if (line.startsWith("- **Tags**:")) {
         const tags = line.match(/`([^`]+)`/g)?.map((t) => t.slice(1, -1)) || [];
         currentAttributes.contentTags = tags;
-        currentAttributes.tags = tags;
         continue;
       }
       if (line.startsWith("- **Content Type**:")) {
@@ -1961,8 +1952,12 @@ var MindCache = class {
   /**
    * Generate Vercel AI SDK compatible tools for writable keys.
    * For document type keys, generates additional tools: append_, insert_, edit_
+   *
+   * Security: All tools use llm_set_key internally which:
+   * - Only modifies VALUES, never attributes/systemTags
+   * - Prevents LLMs from escalating privileges
    */
-  get_aisdk_tools() {
+  create_vercel_ai_tools() {
     const tools = {};
     for (const [key, val] of this.rootMap) {
       if (key.startsWith("$")) {
@@ -1970,7 +1965,7 @@ var MindCache = class {
       }
       const entryMap = val;
       const attributes = entryMap.get("attributes");
-      const isWritable = !attributes?.readonly && (attributes?.systemTags?.includes("LLMWrite") || !attributes?.systemTags);
+      const isWritable = attributes?.systemTags?.includes("LLMWrite");
       if (!isWritable) {
         continue;
       }
@@ -1986,15 +1981,18 @@ var MindCache = class {
           required: ["value"]
         },
         execute: async ({ value }) => {
-          if (isDocument) {
-            this._replaceDocumentText(key, value);
-          } else {
-            this.set_value(key, value);
+          const success = this.llm_set_key(key, value);
+          if (success) {
+            return {
+              result: `Successfully wrote "${value}" to ${key}`,
+              key,
+              value
+            };
           }
           return {
-            result: `Successfully wrote "${value}" to ${key}`,
+            result: `Failed to write to ${key} - permission denied or key not found`,
             key,
-            value
+            error: true
           };
         }
       };
@@ -2009,6 +2007,9 @@ var MindCache = class {
             required: ["text"]
           },
           execute: async ({ text }) => {
+            if (!attributes?.systemTags?.includes("LLMWrite")) {
+              return { result: `Permission denied for ${key}`, key, error: true };
+            }
             const yText = this.get_document(key);
             if (yText) {
               yText.insert(yText.length, text);
@@ -2032,6 +2033,9 @@ var MindCache = class {
             required: ["index", "text"]
           },
           execute: async ({ index, text }) => {
+            if (!attributes?.systemTags?.includes("LLMWrite")) {
+              return { result: `Permission denied for ${key}`, key, error: true };
+            }
             this.insert_text(key, index, text);
             return {
               result: `Successfully inserted text at position ${index} in ${key}`,
@@ -2052,6 +2056,9 @@ var MindCache = class {
             required: ["find", "replace"]
           },
           execute: async ({ find, replace }) => {
+            if (!attributes?.systemTags?.includes("LLMWrite")) {
+              return { result: `Permission denied for ${key}`, key, error: true };
+            }
             const yText = this.get_document(key);
             if (yText) {
               const text = yText.toString();
@@ -2076,6 +2083,12 @@ var MindCache = class {
     }
     return tools;
   }
+  /**
+   * @deprecated Use create_vercel_ai_tools() instead
+   */
+  get_aisdk_tools() {
+    return this.create_vercel_ai_tools();
+  }
   /**
    * Generate a system prompt containing all visible STM keys and their values.
    * Indicates which tools can be used to modify writable keys.
@@ -2088,13 +2101,13 @@ var MindCache = class {
       }
       const entryMap = val;
       const attributes = entryMap.get("attributes");
-      const isVisible = attributes?.visible !== false && (attributes?.systemTags?.includes("prompt") || attributes?.systemTags?.includes("SystemPrompt") || !attributes?.systemTags);
+      const isVisible = attributes?.systemTags?.includes("SystemPrompt") || attributes?.systemTags?.includes("LLMRead");
       if (!isVisible) {
         continue;
       }
       const value = this.get_value(key);
       const displayValue = typeof value === "object" ? JSON.stringify(value) : value;
-      const isWritable = !attributes?.readonly && (attributes?.systemTags?.includes("LLMWrite") || !attributes?.systemTags);
+      const isWritable = attributes?.systemTags?.includes("LLMWrite");
       const isDocument = attributes?.type === "document";
       const sanitizedKey = this.sanitizeKeyForTool(key);
       if (isWritable) {
@@ -2135,7 +2148,7 @@ var MindCache = class {
       return null;
     }
     const attributes = entryMap.get("attributes");
-    const isWritable = !attributes?.readonly && (attributes?.systemTags?.includes("LLMWrite") || !attributes?.systemTags);
+    const isWritable = attributes?.systemTags?.includes("LLMWrite");
     if (!isWritable) {
       return null;
     }