prism-mcp-server 17.1.1 → 18.0.0

package/README.md

@@ -28,12 +28,12 @@ Ask "what did I decide about the auth flow last month?" and get the answer with
 ### 🧬 Cognitive routing
 Different memory types live in different stores: episodic (what happened), semantic (what's true), procedural (how to do X). The router picks where to store and where to retrieve.
 
-### 🔄 Proactive session drift detection *(new in v15)*
+### 🔄 Proactive session drift detection *(new in v15, HRR-powered in v17)*
 Your AI agent can now detect when it has drifted from your original goals — mid-session, automatically — and self-correct before you notice the problem.
 
 Three direct Prism calls:
 1. **`session_save_ledger`** — snapshot current state
-2. **`session_cognitive_route`** — compare current work against original goals, returns `on_track / minor_drift / major_drift`
+2. **`session_detect_drift`** — HRR-powered semantic comparison of current work vs original goals, returns `on_track / minor_drift / major_drift` with domain-specific signals (BCBA/Coding/AAC)
 3. **`session_compact_ledger`** — if drifted, compress and reload only what matters
 
 When major drift is detected, the alert routes to the **Synalux portal** so it's visible across sessions and devices — not just in the current conversation.
@@ -42,6 +42,19 @@ When major drift is detected, the alert routes to the **Synalux portal** so it's
 
 No scripts. No cron. No hooks. Three tool calls, Prism handles the rest.
 
+### 🛡 PHI Guard *(new in v17)*
+Automatic Protected Health Information detection and redaction in the memory pipeline. Every `session_save_ledger` and `session_save_handoff` call passes through the PHI guard before storage.
+
+**What it catches:** Names, DOBs, SSNs, MRNs, phone numbers, email addresses, and 18 HIPAA identifier categories. Redaction is deterministic (regex + pattern matching, no LLM) — zero false negatives on structured identifiers.
+
+**Fail-closed:** PHI detection errors log to stderr (never suppressed) and block the save. Metric: `phi_guard.detected` count per category is always emitted for audit compliance.
+
+### ⚡ Prompt-based skill routing *(new in v17)*
+114 agent skills auto-load based on prompt keywords. No manual skill selection needed — the MCP server scans the user's prompt and injects the relevant skill instructions into the session context before the AI responds.
+
+### 💰 Tier enforcement *(new in v17.1)*
+`prism_infer` now enforces subscription-tier gates: model ceiling, max tokens, daily limits, and cloud fallback are all gated by your plan. Free users get local-only inference up to 4b; paid tiers unlock higher models, more tokens, and cloud fallback. Flat-rate seat caps via `max_seats` per plan.
+
 ### 🛡 Local-first — security + speed
 Free tier runs entirely on your machine — SQLite, local embedding model, no API keys, no cloud. Paid tier adds cloud sync via Synalux portal.
 
@@ -155,7 +168,58 @@ Categories: abstention, adversarial traps, cascade, disambiguation, edge cases,
 **What it does NOT mean**: these scores measure routing precision on a 17-tool taxonomy, not general intelligence. Claude outperforms on everything outside this task. The value is **offline reliability at zero cost**, not replacing Claude. Code and clinical knowledge come from RAG via `knowledge_search`.
 
 ### 🔍 L3 Grounding Verifier
-When `prism_infer` receives an `evidence` payload, the grounding verifier automatically checks the model's response against the provided evidence before returning to the caller. Unverified or hallucinated claims are flagged. This is the third layer (L3) of the cascade — after tool routing (L1) and confidence gating (L2).
+
+Fail-closed fact-checking layer. When `prism_infer` receives an `evidence` payload, a separate verifier model (default: `prism-coder:4b`) checks every factual claim in the draft against the evidence before serving it. This is the third layer (L3) of the cascade — after tool routing (L1) and confidence gating (L2).
+
+**Three-tier pre-check:**
+
+| Tier | Condition | Action |
+|---|---|---|
+| **0 — Conversational** | Draft has no numbers, dates, names, codes, or $ amounts | Serve without verification |
+| **0a — No evidence** | Assertive draft + zero evidence snippets | Refuse (fail-closed) |
+| **2 — NLI** | Assertive draft + evidence provided | Verify each claim against evidence |
+
+**Per-claim verdicts:**
+- `ENTAILED` — claim matches evidence (including arithmetic identity: "3" ≈ "three")
+- `CONTRADICTED` — evidence states a different value for the same fact → **refuse**
+- `NEUTRAL` — claim not covered by evidence → **refuse** (fail-closed default)
+
+**Fail-closed guarantees:** HTTP errors, malformed JSON, timeouts → all treated as refusal. The caller gets the specific claim that failed and can retry with more evidence or fall back to cloud.
+
+**Usage with `prism_infer`:**
+```json
+{
+  "prompt": "What was the patient's last A1C?",
+  "evidence": [
+    { "source": "lab_2026-05-01", "content": "HbA1c: 6.8% (ref <7.0)" }
+  ]
+}
+```
+
+**Structured output:**
+```json
+{
+  "output": "The patient's last A1C was 6.8%.",
+  "verification": {
+    "action": "served",
+    "claims": [{ "text": "A1C was 6.8%", "verdict": "ENTAILED" }],
+    "verifierChain": [{ "model": "prism-coder:4b", "verdict": "ENTAILED", "latencyMs": 340 }]
+  }
+}
+```
+
+When a claim is contradicted or unsupported:
+```json
+{
+  "output": "⚠ Verification failed: claim 'A1C was 7.2%' is CONTRADICTED by evidence.",
+  "verification": {
+    "action": "refused_fabricated",
+    "refusalClaim": "A1C was 7.2%"
+  }
+}
+```
+
+The verifier model (`prism-coder:4b`) is intentionally different from the inference model — satisfying the independent-reviewer principle. Requires a paid plan (see [Plans](#plans)). Set `verify: false` to explicitly skip verification even when evidence is provided.
 
 ### 🧠 HRR Semantic Drift Detection (v17.0)
 Detects when long AI agent sessions drift from their original goal — using Holographic Reduced Representations for temporal trajectory encoding and anomaly detection.
@@ -366,6 +430,7 @@ Paid Synalux subscribers get a built-in analytics dashboard at `/app/memory-anal
 | `knowledge_search` | Semantic + keyword search over all memories |
 | `query_memory_natural` | Natural-language Q&A over your Mind Palace |
 | `extract_entities` | Pull people / projects / decisions from text |
+| `session_detect_drift` | HRR-powered semantic drift detection (BCBA/Coding/AAC) |
 | `session_synthesize_edges` | Auto-link related memories into a graph |
 
 (35+ tools total — full TypeScript signatures in `src/tools/`. Architecture overview in [`docs/ARCHITECTURE.md`](docs/ARCHITECTURE.md).)
@@ -675,7 +740,7 @@ prism register-models         # Alias dcostenco/prism-coder:* → prism-coder:*
 ## Testing
 
 ```bash
-npm test                           # 2,418 test cases across 81 files (vitest)
+npm test                           # 2,676 test cases across 89 files (vitest)
 npm test -- --coverage             # coverage report
 python3 tests/benchmarks/prism-routing-100/benchmark.py --models 1b7 14b 32b
 ```

package/dist/tools/ledgerHandlers.js

@@ -801,11 +801,15 @@ export async function sessionLoadContextHandler(args) {
                 const eff = computeEffectiveImportance(s.importance, s.last_accessed_at, s.created_at, Boolean(s.is_rollup));
                 impStr = ` [Imp: ${eff}]`;
             }
-            return `  [${s.session_date?.split("T")[0]}]${impStr} ${s.summary}`;
+            const dateStr = (s.session_date || s.created_at || s.date || "unknown").split("T")[0];
+            return `  [${dateStr}]${impStr} ${s.summary}`;
         }).join("\n") + `\n`;
     }
     if (d.session_history?.length) {
-        formattedContext += `\n📂 Session History (${d.session_history.length} entries):\n` + d.session_history.map((s) => `  [${s.session_date?.split("T")[0]}] ${s.summary}`).join("\n") + `\n`;
+        formattedContext += `\n📂 Session History (${d.session_history.length} entries):\n` + d.session_history.map((s) => {
+            const dateStr = (s.session_date || s.created_at || s.date || "unknown").split("T")[0];
+            return `  [${dateStr}] ${s.summary}`;
+        }).join("\n") + `\n`;
     }
     if (d.recent_validations?.length) {
         formattedContext += `\n🔬 Recent Validations:\n` + d.recent_validations.map((v) => {

package/dist/tools/prismInferHandler.js

@@ -91,12 +91,12 @@ export const PRISM_INFER_TOOL = {
                 type: "boolean",
                 description: "Enable the L3 grounding verifier. Default: true when `evidence` is provided, " +
                     "false otherwise. When enabled, the model's draft is checked by a different model " +
-                    "(prism-coder:1b7 by default) against the supplied `evidence`. Drafts with " +
+                    "(prism-coder:4b by default) against the supplied `evidence`. Drafts with " +
                     "NEUTRAL or CONTRADICTED claims are refused.",
             },
             verifier_model: {
                 type: "string",
-                description: "Override the verifier model. Default: prism-coder:1b7.",
+                description: "Override the verifier model. Default: prism-coder:4b.",
             },
             verifier_timeout_ms: {
                 type: "number",

package/package.json

@@ -1,8 +1,8 @@
 {
   "name": "prism-mcp-server",
-  "version": "17.1.1",
+  "version": "18.0.0",
   "mcpName": "io.github.dcostenco/prism-coder",
-  "description": "Prism Coder — Cognitive memory + tool-calling intelligence for AI agents. Mind Palace persistent memory (BFCL Gold Certified, 100% Tool-Call Accuracy, 114 Agent Skills, Zero-Search HDC/HRR retrieval, HRR Semantic Drift Detection across BCBA/Coding/AAC domains, HIPAA-hardened local-first storage, SLERP-optimized GRPO alignment) plus the prism-coder 1.7B–32B open-weights LLM fleet.",
+  "description": "Prism Coder — Cognitive memory + tool-calling intelligence for AI agents. Mind Palace persistent memory (BFCL Gold Certified, 100% Tool-Call Accuracy, 114 Agent Skills, PHI Guard, Tier Enforcement, Prompt-Based Skill Routing, Zero-Search HDC/HRR retrieval, HRR Semantic Drift Detection across BCBA/Coding/AAC domains, HIPAA-hardened local-first storage, SLERP-optimized GRPO alignment) plus the prism-coder 1.7B–32B open-weights LLM fleet.",
   "module": "index.ts",
   "type": "module",
   "main": "dist/server.js",