prism-mcp-server 7.4.0 → 7.6.0

package/README.md

@@ -8,6 +8,8 @@
 [![TypeScript](https://img.shields.io/badge/TypeScript-5.0+-3178C6?logo=typescript&logoColor=white)](https://www.typescriptlang.org/)
 [![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg)](CONTRIBUTING.md)
 
+![Prism Mind Palace Dashboard](docs/mind-palace-dashboard.png)
+
 **Your AI agent forgets everything between sessions. Prism fixes that.**
 
 One command. Persistent memory. Local-first by default. Optional cloud power-ups.
@@ -21,20 +23,21 @@ Works with **Claude Desktop · Claude Code · Cursor · Windsurf · Cline · Gem
 ## 📖 Table of Contents
 
 - [Why Prism?](#why-prism)
-- [Quick Start](#-quick-start)
-- [The Magic Moment](#-the-magic-moment)
-- [Setup Guides](#-setup-guides)
-- [Universal Import](#-universal-import-bring-your-history)
-- [What Makes Prism Different](#-what-makes-prism-different)
-- [Use Cases](#-use-cases)
-- [What's New](#-whats-new)
-- [How Prism Compares](#-how-prism-compares)
-- [Tool Reference](#-tool-reference)
+- [Quick Start](#quick-start)
+- [The Magic Moment](#the-magic-moment)
+- [Setup Guides](#setup-guides)
+- [Universal Import: Bring Your History](#universal-import-bring-your-history)
+- [What Makes Prism Different](#what-makes-prism-different)
+- [Data Privacy & Egress](#data-privacy--egress)
+- [Use Cases](#use-cases)
+- [What's New](#whats-new)
+- [How Prism Compares](#how-prism-compares)
+- [Tool Reference](#tool-reference)
 - [Environment Variables](#environment-variables)
 - [Architecture](#architecture)
-- [Scientific Foundation](#-scientific-foundation)
-- [Product Roadmap](#-product-roadmap)
-- [Troubleshooting FAQ](#-troubleshooting-faq)
+- [Scientific Foundation](#scientific-foundation)
+- [Milestones & Roadmap](#milestones--roadmap)
+- [Troubleshooting FAQ](#troubleshooting-faq)
 
 ---
 
@@ -46,12 +49,23 @@ Every time you start a new conversation with an AI coding assistant, it starts f
 
 > 📌 **Terminology:** Throughout this doc, **"Prism"** refers to the MCP server and storage engine. **"Mind Palace"** refers to the visual dashboard UI at `localhost:3000` — your window into the agent's brain. They work together; the dashboard is optional.
 
-**Starting in v7.0**, Prism doesn't just *store* memories — it **ranks them like a human brain.** The ACT-R activation model (from cognitive science) means memories that were accessed recently and frequently surface first, while stale context fades naturally. Combine that with candidate-scoped spreading activation and you get retrieval quality that no flat vector search can match.
+Prism has two pillars:
+
+1. **🧠 Persistent Memory** — Memories are ranked like a human brain: recently and frequently accessed context surfaces first, while stale context fades naturally. The result is retrieval quality that no flat vector search can match. *(See [Scientific Foundation](#-scientific-foundation) for the ACT-R math.)*
+
+2. **🏭 Autonomous Execution (Dark Factory)** — When you're ready, Prism can run coding tasks end-to-end with a fail-closed pipeline where an adversarial evaluator catches bugs the generator missed — before you ever see the PR. *(See [Dark Factory](#-dark-factory--adversarial-autonomous-pipelines).)*
 
 ---
 
 ## 🚀 Quick Start
 
+### Prerequisites
+
+- **Node.js v18+** (v20 LTS recommended; v23.x has [known `npx` quirk](#common-installation-pitfalls))
+- Any MCP-compatible client (Claude Desktop, Cursor, Windsurf, Cline, etc.)
+- No API keys required for core features (see [Capability Matrix](#capability-matrix))
+
+### Install
 
 Add to your MCP client config (`claude_desktop_config.json`, `.cursor/mcp.json`, etc.):
 
@@ -70,6 +84,10 @@ Add to your MCP client config (`claude_desktop_config.json`, `.cursor/mcp.json`,
 
 **That's it.** Restart your client. All tools are available. The **Mind Palace Dashboard** (the visual UI for your agent's brain) starts automatically at `http://localhost:3000`. You don't need to keep a tab open — the dashboard runs in the background and the MCP tools work with or without it.
 
+> 🔮 **Pro Tip:** Once installed, open **`http://localhost:3000`** in your browser to view the Mind Palace Dashboard — a beautiful, real-time UI of your agent's brain. Explore the Knowledge Graph, Intent Health gauges, and Session Ledger.
+
+> 🔄 **Updating Prism:** `npx -y` caches the package locally. To force an update to the latest version, restart your MCP client — `npx -y` will fetch the newest release automatically. If you're stuck on a stale version, run `npx clear-npx-cache` (or `npm cache clean --force`) before restarting.
+
 <details>
 <summary>Port 3000 already in use? (Next.js / Vite / etc.)</summary>
 
@@ -109,6 +127,8 @@ Then open `http://localhost:3001` instead.
 
 > 🔑 The core Mind Palace works **100% offline** with zero API keys. Cloud keys unlock intelligence features. See [Environment Variables](#environment-variables).
 
+> 💰 **API Cost Note:** `GOOGLE_API_KEY` (Gemini) has a generous free tier that covers most individual use. `BRAVE_API_KEY` offers 2,000 free searches/month. `FIRECRAWL_API_KEY` has a free plan with 500 credits. For typical solo development, expect **$0/month** on the free tiers. Only high-volume teams or heavy autonomous pipeline usage will incur meaningful costs.
+
 ---
 
 ## ✨ The Magic Moment
@@ -300,6 +320,32 @@ Then add to your MCP config:
 
 </details>
 
+<details>
+<summary><strong>Cloud Deployment (Render)</strong></summary>
+
+Prism can be deployed natively to cloud platforms like [Render](https://render.com) so your agent's memory is always online and accessible across different machines or teams.
+
+1. Fork this repository.
+2. In the Render Dashboard, create a new **Web Service** pointing to your repository.
+3. In the setup wizard, select **Docker** as the Runtime.
+4. Set the Dockerfile path to `Dockerfile.smithery`.
+5. Connect your local MCP client to your new cloud endpoint using the `sse` transport:
+
+```json
+{
+  "mcpServers": {
+    "prism-mcp-cloud": {
+      "command": "npx",
+      "args": ["-y", "supergateway", "--url", "https://your-prism-app.onrender.com/sse"]
+    }
+  }
+}
+```
+
+> **Note:** The `Dockerfile.smithery` uses an optimized multi-stage build that compiles Typescript safely in a development environment before booting the server in a stripped-down production image. No NPM publishing required!
+
+</details>
+
 ### Common Installation Pitfalls
 
 > **❌ Don't use `npm install -g`:**
@@ -321,9 +367,15 @@ Then add to your MCP config:
 > **❓ Seeing warnings about missing API keys on startup?**
 > That's expected and not an error. `BRAVE_API_KEY` / `GOOGLE_API_KEY` warnings are informational only — core session memory works with zero keys. See [Environment Variables](#environment-variables) for what each key unlocks.
 
+> 💡 **Do agents auto-load Prism?** Agents using Cursor, Windsurf, or other MCP clients will see the `session_load_context` tool automatically, but may not call it unprompted. Add this to your project's `.cursorrules` (or equivalent system prompt) to guarantee auto-load:
+> ```
+> At the start of every conversation, call session_load_context with project "my-project" before doing any work.
+> ```
+> Claude Code users can use the `.clauderules` auto-load hook shown in the [Setup Guides](#setup-guides). Prism also has a **server-side fallback** (v5.2.1+) that auto-pushes context after 10 seconds if no load is detected.
+
 ---
 
-## 📥 Universal Import — Bring Your History
+## 📥 Universal Import: Bring Your History
 
 Switching to Prism? Don't leave months of AI session history behind. Prism can **ingest historical sessions from Claude Code, Gemini, and OpenAI** and give your Mind Palace an instant head start — no manual re-entry required.
 
@@ -349,7 +401,7 @@ npx -y prism-mcp-server universal-import --format gemini --path ./gemini_history
 **Option 2 — Dashboard:** Open `localhost:3000`, navigate to the **Import** tab, select the format and file, and click Import. Supports dry-run preview.
 
 ### Why It's Safe to Re-Run
-* **OOM-Safe Streaming:** Processes massive log files line-by-line using `stream-json`.
+* **Memory-Safe Streaming:** Processes massive log files line-by-line using `stream-json` to prevent Out-of-Memory (OOM) crashes.
 * **Idempotent Dedup:** Content-hash prevents duplicate imports on re-run (`skipCount` reported).
 * **Chronological Integrity:** Uses timestamp fallbacks and `requestId` sorting to preserve your memory timeline.
 * **Smart Context Mapping:** Extracts `cwd`, `gitBranch`, and tool usage patterns into searchable metadata.
@@ -369,6 +421,7 @@ Every save creates a versioned snapshot. Made a mistake? `memory_checkout` rever
 A gorgeous glassmorphism UI at `localhost:3000` that lets you see exactly what your agent is thinking:
 
 - **Current State & TODOs** — the exact context injected into the LLM's prompt
+- **Intent Health Gauges** — per-project 0–100 health score with staleness decay, TODO load, and decision signals
 - **Interactive Knowledge Graph** — force-directed neural graph with click-to-filter, node renaming, and surgical keyword deletion
 - **Deep Storage Manager** — preview and execute vector purge operations with dry-run safety
 - **Session Ledger** — full audit trail of every decision your agent has made
@@ -378,7 +431,7 @@ A gorgeous glassmorphism UI at `localhost:3000` that lets you see exactly what y
 - **Morning Briefing** — AI-synthesized action plan after 4+ hours away
 - **Brain Health** — memory integrity scan with one-click auto-repair
 
-![Mind Palace Dashboard](docs/mind-palace-dashboard.png)
+
 
 ### 🧬 10× Memory Compression
 Powered by a pure TypeScript port of Google's TurboQuant (inspired by Google's ICLR research), Prism compresses 768-dim embeddings from **3,072 bytes → ~400 bytes** — enabling decades of session history on a standard laptop. No native modules. No vector database required.
@@ -387,7 +440,7 @@ Powered by a pure TypeScript port of Google's TurboQuant (inspired by Google's I
 Multiple agents (dev, QA, PM) can work on the same project with **role-isolated memory**. Agents discover each other automatically, share context in real-time via Telepathy sync, and see a team roster during context loading. → [Multi-agent setup example](examples/multi-agent-hivemind/)
 
 ### 🚦 Task Router
-Prism can score coding tasks and recommend whether to keep execution on the host model or delegate to local Claw. This enables faster handling of small, local-safe edits while preserving host execution for non-delegable or higher-complexity work. In client startup/skill flows, use defensive delegation: route only coding tasks, call `session_task_route` only when available, delegate to `claw` only when executor tooling exists and task is non-destructive, and fallback to host when router/executor is unavailable. → [Task router real-life example](examples/router_real_life_test.ts)
+Prism can score coding tasks and recommend whether to keep execution on the host model or delegate to a **local Claw agent** (a lightweight sub-agent powered by Ollama/vLLM for fast, local-safe edits). This enables faster handling of small edits while preserving host execution for complex work. In client startup/skill flows, use defensive delegation: route only coding tasks, call `session_task_route` only when available, delegate to `claw` only when executor tooling exists and task is non-destructive, and fallback to host when router/executor is unavailable. → [Task router real-life example](examples/router_real_life_test.ts)
 
 ### 🖼️ Visual Memory
 Save UI screenshots, architecture diagrams, and bug states to a searchable vault. Images are auto-captioned by a VLM (Claude Vision / GPT-4V / Gemini) and become semantically searchable across sessions.
@@ -398,11 +451,39 @@ OpenTelemetry spans for every MCP tool call, LLM hop, and background worker. Rou
 ### 🌐 Autonomous Web Scholar
 Prism researches while you sleep. A background pipeline searches the web, scrapes articles, synthesizes findings via LLM, and injects results directly into your semantic memory — fully searchable on your next session. Brave Search → Firecrawl scrape → LLM synthesis → Prism ledger. Task-aware, Hivemind-integrated, and zero-config when API keys are missing (falls back to Yahoo + Readability).
 
-### 🔒 GDPR Compliant
-Soft/hard delete (Art. 17), full export in JSON, Markdown, or Obsidian vault `.zip` (Art. 20), API key redaction, per-project TTL retention, and audit trail. Enterprise-ready out of the box.
-
 ### 🏭 Dark Factory — Adversarial Autonomous Pipelines
-When you trigger a Dark Factory pipeline, Prism doesn't just run your task — it fights itself to produce high-quality output. A `PLAN_CONTRACT` step locks a machine-parseable rubric before any code is written. After execution, an **Adversarial Evaluator** (in a fully isolated context) scores the output against the rubric. It cannot pass the Generator without providing exact file and line evidence for every failing criterion. Failed evaluations inject the critique directly into the Generator's retry prompt so it's never flying blind. The result: security issues, regressions, and lazy debug logs caught autonomously — before you ever see the PR.
+When you trigger a Dark Factory pipeline, Prism doesn't just run your task — it fights itself to produce high-quality output. A `PLAN_CONTRACT` step locks a machine-parseable rubric before any code is written. After execution, an **Adversarial Evaluator** (in a fully isolated context) scores the output against the rubric. It cannot pass the Generator without providing exact file and line evidence for every failing criterion. Failed evaluations inject the critique directly into the Generator's retry prompt so it's never flying blind. The result: security issues, regressions, and lazy debug logs caught autonomously — before you ever see the PR. → [See it in action](examples/adversarial-eval-demo/README.md)
+
+---
+
+## 🔒 Data Privacy & Egress
+
+**Where is my data stored?**
+
+All data lives under `~/.prism-mcp/` on your machine:
+
+| File | Contents |
+|------|----------|
+| `~/.prism-mcp/data.db` | All sessions, handoffs, embeddings, knowledge graph (SQLite + WAL) |
+| `~/.prism-mcp/prism-config.db` | Dashboard settings, system config, API keys |
+| `~/.prism-mcp/media/<project>/` | Visual memory vault (screenshots, HTML captures) |
+| `~/.prism-mcp/dashboard.port` | Ephemeral port lock file |
+| `~/.prism-mcp/sync.lock` | Sync coordination lock |
+
+**Hard reset:** To completely erase your agent's brain, stop Prism and delete the directory:
+```bash
+rm -rf ~/.prism-mcp
+```
+Prism will recreate the directory with empty databases on next startup.
+
+**What leaves your machine?**
+- **Local mode (default):** Nothing. Zero network calls. All data is on-disk SQLite.
+- **With `GOOGLE_API_KEY`:** Text snippets are sent to Gemini for embedding generation, summaries, and Morning Briefings. No session data is stored on Google's servers beyond the API call.
+- **With `VOYAGE_API_KEY` / `OPENAI_API_KEY`:** Text snippets are sent to providers if selected as your embedding endpoints.
+- **With `BRAVE_API_KEY` / `FIRECRAWL_API_KEY`:** Web Scholar queries are sent to Brave/Firecrawl for search and scraping.
+- **With Supabase:** Session data syncs to your own Supabase instance (you control the Postgres database).
+
+**GDPR compliance:** Soft/hard delete (Art. 17), full export in JSON, Markdown, or Obsidian vault `.zip` (Art. 20), API key redaction in exports, per-project TTL retention policies, and immutable audit trail. Enterprise-ready out of the box.
 
 ---
 
@@ -411,7 +492,8 @@ When you trigger a Dark Factory pipeline, Prism doesn't just run your task — i
 - **Long-running feature work** — Save state at end of day, restore full context next morning. No re-explaining.
 - **Multi-agent collaboration** — Dev, QA, and PM agents share real-time context without stepping on each other's memory.
 - **Consulting / multi-project** — Switch between client projects with progressive loading: `quick` (~50 tokens), `standard` (~200), or `deep` (~1000+).
-  - **Autonomous execution (v7.4)** — Dark Factory pipeline: `plan → plan_contract → execute → evaluate → verify → finalize`. Generator and evaluator run in isolated roles — the evaluator cannot approve without evidence-bound findings scored against a pre-committed rubric.
+- **Autonomous execution (v7.4)** — Dark Factory pipeline: `plan → plan_contract → execute → evaluate → verify → finalize`. Generator and evaluator run in isolated roles — the evaluator cannot approve without evidence-bound findings scored against a pre-committed rubric.
+- **Project health monitoring (v7.5)** — Intent Health Dashboard scores each project 0–100 based on staleness, TODO load, and decision quality — turning silent drift into an actionable signal.
 - **Team onboarding** — New team member's agent loads the full project history instantly.
 - **Behavior enforcement** — Agent corrections auto-graduate into permanent `.cursorrules` / `.clauderules` rules.
 - **Offline / air-gapped** — Full SQLite local mode + Ollama LLM adapter. Zero internet dependency.
@@ -434,8 +516,6 @@ Then continue a specific thread with a follow-up message to the selected agent,
 
 ---
 
----
-
 ## ⚔️ Adversarial Evaluation in Action
 
 > **Split-Brain Anti-Sycophancy** — the signature feature of v7.4.0.
@@ -543,18 +623,13 @@ The Generator strips the `console.log`, resubmits, and the next `EVALUATE` retur
 
 ## 🆕 What's New
 
+> **Current release: v7.5.0**
 
-> **Current release: v7.4.0**
-
-- ⚔️ **v7.4.0 — Adversarial Evaluation (Anti-Sycophancy):** The Dark Factory pipeline now separates generator and evaluator into isolated roles. `PLAN_CONTRACT` locks a machine-parseable rubric before any code runs. `EVALUATE` scores the output with evidence-bound findings (`file`, `line`, `description`). Failed evaluations retry with `plan_viable` routing — conservatively escalating to full PLAN re-planning on parse failures instead of burning revision budget.
-- 🔧 **v7.3.3 — Dashboard Stability Hotfix:** Fixed a multi-layer quote-escaping trap in the `abortPipeline` onclick handler that silently killed the dashboard IIFE and froze the project selector at "Loading projects..." forever. Fixed via `data-id` attribute pattern + ES5 lint guard (`npm run lint:dashboard`).
-- 🏭 **v7.3.1 — Dark Factory (Fail-Closed Execution):** The LLM can no longer touch the filesystem directly. Every autonomous `EXECUTE` step passes 3 gates — Parse → Type → Scope — before any side effect occurs. Scope violations terminate the entire pipeline.
-- 📊 **v7.3.2 — Verification Diagnostics v2:** `verify status --json` now emits per-layer `diff_counts` + `changed_keys`. JSON schema is contract-enforced in CI (`schema_version: 1`).
-- 🔭 **v7.2.0 — Verification Harness:** Spec-frozen contracts (`verification_harness.json` hash-locked before execution), multi-layer assertions across Data / Agent / Pipeline, and finalization gate policies (`warn` / `gate` / `abort`).
-- 🚦 **v7.1.0 — Task Router:** Heuristic + ML-experience routing delegates cloud vs. local model in under 2ms, cold-start safe, per-project experience-corrected.
-- 🧠 **v7.0.0 — ACT-R Activation Memory:** `B_i = ln(Σ t_j^{-d})` recency × frequency re-ranking. Stale memories fade naturally. Active context surfaces automatically.
+- 🩺 **v7.5.0 — Intent Health Dashboard + Security Hardening:** Real-time 0–100 project health scoring (staleness × TODO load × decisions). 10 XSS injection vectors patched. Algorithm hardened with NaN guards and score ceiling.
+- ⚔️ **v7.4.0 — Adversarial Evaluation:** Split-brain anti-sycophancy pipeline. Generator and evaluator in isolated roles with evidence-bound findings.
+- 🏭 **v7.3.x — Dark Factory + Stability:** Fail-closed 3-gate execution pipeline. Dashboard stability and verification diagnostics.
 
-👉 **[Full release history → CHANGELOG.md](CHANGELOG.md)** · [ROADMAP →](ROADMAP.md)
+👉 **[Full release history → CHANGELOG.md](CHANGELOG.md)** · **[ROADMAP →](ROADMAP.md)**
 
 ---
 
@@ -765,6 +840,8 @@ Requires `PRISM_DARK_FACTORY_ENABLED=true`.
 | `PRISM_ENABLE_HIVEMIND` | No | `"true"` to enable multi-agent tools — restart required |
 | `PRISM_INSTANCE` | No | Instance name for multi-server PID isolation |
 | `GOOGLE_API_KEY` | No | Gemini — enables semantic search, Briefings, compaction |
+| `VOYAGE_API_KEY` | No | Voyage AI — optional premium embedding provider |
+| `OPENAI_API_KEY` | No | OpenAI — optional proxy model and embedding provider |
 | `BRAVE_ANSWERS_API_KEY` | No | Separate Brave Answers key |
 | `SUPABASE_URL` | If cloud | Supabase project URL |
 | `SUPABASE_KEY` | If cloud | Supabase anon/service key |
@@ -793,6 +870,10 @@ Requires `PRISM_DARK_FACTORY_ENABLED=true`.
 
 </details>
 
+### System Settings (Dashboard)
+Some configurations are stored dynamically in SQLite (`system_settings` table) and can be edited through the Dashboard UI at `http://localhost:3000`:
+- **`intent_health_stale_threshold_days`** (default: `30`): Number of days before a project is considered fully stale for Intent Health scoring.
+
 ---
 
 ## Architecture
@@ -888,6 +969,7 @@ Prism is evolving from smart session logging toward a **cognitive memory archite
 | **v7.3** | Dark Factory — 3-gate fail-closed EXECUTE pipeline (parse → type → scope) with structured JSON action contract | Industrial safety systems (defense-in-depth, fail-closed valves) | ✅ Shipped |
 | **v7.2** | Verification-first harness — spec-freeze contract, rubric hash lock, multi-layer assertions, CLI `verify` commands | Programmatic verification systems + adversarial validation loops | ✅ Shipped |
 | **v7.4** | Adversarial Evaluation — PLAN_CONTRACT + EVALUATE with isolated generator/evaluator roles, pre-committed rubrics, and evidence-bound findings | Anti-sycophancy research, adversarial ML evaluation frameworks | ✅ Shipped |
+| **v7.5** | Intent Health Dashboard — 3-signal scoring algorithm (staleness, TODO load, decisions), comprehensive XSS hardening (10 vectors), NaN/`Infinity` guards | Proactive monitoring, defense-in-depth security | ✅ Shipped |
 | **v7.x** | Affect-Tagged Memory — sentiment shapes what gets recalled | Affect-modulated retrieval (neuroscience) | 🔭 Horizon |
 | **v8+** | Zero-Search Retrieval — no index, no ANN, just ask the vector | Holographic Reduced Representations | 🔭 Horizon |
 
@@ -895,34 +977,26 @@ Prism is evolving from smart session logging toward a **cognitive memory archite
 
 ---
 
-## 📦 Recent Milestones & Roadmap
-
-> **[Full ROADMAP.md →](ROADMAP.md)**
-
-### v6.2: The "Synthesize & Prune" Phase ✅
-Shipped in v6.2.0. Edge synthesis, graph pruning with SLO observability, temporal decay heatmaps, active recall prompt generation, and full dashboard metrics integration.
+## 📦 Milestones & Roadmap
 
-### v6.5: Cognitive Architecture ✅
-Shipped. Full Superposed Memory (SDM) + Hyperdimensional Computing (HDC/VSA) cognitive routing pipeline. Compositional memory states via XOR binding, Hamming resolution, and policy-gated routing (direct / clarify / fallback). 705 tests passing.
+> **Current: v7.5.0** — Intent Health Dashboard + XSS Hardening ([CHANGELOG](CHANGELOG.md))
 
-### v7.4: Adversarial Evaluation ✅
-Shipped. `PLAN_CONTRACT` + `EVALUATE` steps added to the Dark Factory pipeline. Generator and evaluator operate in isolated roles with pre-committed rubrics. Evidence-bound findings with `criterion_id`, `severity`, `file`, and `line` (number). Conservative `plan_viable=false` default on parse failure escalates to full PLAN re-plan. 78 new tests, 978 total.
-
-### v7.3: Dark Factory — Fail-Closed Execution ✅
-Shipped. Structured JSON action contract for autonomous `EXECUTE` steps. 3-gate validation pipeline (parse → type → scope) terminates pipelines on any violation before filesystem side effects. 67 edge-case tests covering adversarial LLM output, path traversal, and type coercion.
-
-### v7.1: Prism Task Router ✅
-Shipped. Deterministic task routing (`session_task_route`) with optional experience-based confidence adjustment for host vs. local Claw delegation.
-
-### v7.0: ACT-R Activation Memory ✅
-Shipped. Scientifically-grounded retrieval re-ranking via ACT-R base-level activation (`B_i = ln(Σ t_j^(-d))`), candidate-scoped spreading activation, parameterized sigmoid normalization, composite scoring, and zero-cold-start access log infrastructure. 49 dedicated unit tests, 705 total passing.
-
-### v7.2: Verification Harness ✅
-Shipped. Spec-frozen verification contract (`implementation_plan.md` + `verification_harness.json` + immutable `validation_result`), multi-layer machine checks (`data`, `agent`, `pipeline`), finalization gate policies (`warn` / `gate` / `abort`), and CLI `verify generate` / `verify status --json` with schema-versioned output.
+| Release | Headline |
+|---------|----------|
+| **v7.5** | Intent Health scoring + 10 XSS patches |
+| **v7.4** | Adversarial Evaluation (anti-sycophancy) |
+| **v7.3** | Dark Factory fail-closed execution |
+| **v7.2** | Verification Harness |
+| **v7.1** | Task Router |
+| **v7.0** | ACT-R Activation Memory |
+| **v6.5** | HDC Cognitive Routing |
+| **v6.2** | Synthesize & Prune |
 
 ### Future Tracks
-- **v7.x: Affect-Tagged Memory** — Recall prioritization improves by weighting memories with affective/contextual valence, making surfaced context more behaviorally useful.
-- **v8+: Zero-Search Retrieval** — Direct vector-addressed recall (“just ask the vector”) reduces retrieval indirection and moves Prism toward truly native associative memory.
+- **v7.x: Affect-Tagged Memory** — Recall prioritization improves by weighting memories with affective/contextual valence.
+- **v8+: Zero-Search Retrieval** — Direct vector-addressed recall reduces retrieval indirection.
+
+👉 **[Full ROADMAP.md →](ROADMAP.md)**
 
 
 ## ❓ Troubleshooting FAQ
@@ -939,18 +1013,19 @@ A: Use `session_forget_memory` for targeted soft/hard deletion. For manual clean
 **Q: How do I verify the install quickly?**
 A: Run `npm run build && npm test`, then open the Mind Palace dashboard (`localhost:3000`) and confirm projects load plus Graph Health renders.
 
+
 ---
 
 ### 💡 Known Limitations & Quirks
 
 - **LLM-dependent features require an API key.** Semantic search, Morning Briefings, auto-compaction, and VLM captioning need a `GOOGLE_API_KEY` (your Gemini API key) or equivalent provider key. Without one, Prism falls back to keyword-only search (FTS5).
-- **Auto-load is model- and client-dependent.** Session auto-loading relies on both the LLM following system prompt instructions *and* the MCP client completing tool registration before the model's first turn. Prism provides platform-specific [Setup Guides](#-setup-guides) and a server-side fallback (v5.2.1) that auto-pushes context after 10 seconds.
+- **Auto-load is model- and client-dependent.** Session auto-loading relies on both the LLM following system prompt instructions *and* the MCP client completing tool registration before the model's first turn. Prism provides platform-specific [Setup Guides](#setup-guides) and a server-side fallback (v5.2.1) that auto-pushes context after 10 seconds.
 - **MCP client race conditions.** Some MCP clients may not finish tool enumeration before the model generates its first response, causing transient `unknown_tool` errors. This is a client-side timing issue — Prism's server completes the MCP handshake in ~60ms. Workaround: the server-side auto-push fallback and the startup skill's retry logic.
 - **No real-time sync without Supabase.** Local SQLite mode is single-machine only. Multi-device or team sync requires a Supabase backend.
 - **Embedding quality varies by provider.** Gemini `text-embedding-004` and OpenAI `text-embedding-3-small` produce high-quality 768-dim vectors. Prism passes `dimensions: 768` via the Matryoshka API for OpenAI models (native output is 1536-dim; this truncation is lossless and outperforms ada-002 at full 1536 dims). Ollama embeddings (e.g., `nomic-embed-text`) are usable but may reduce retrieval accuracy.
 - **Dashboard is HTTP-only.** The Mind Palace dashboard at `localhost:3000` does not support HTTPS. For remote access, use a reverse proxy (nginx/Caddy) or SSH tunnel. Basic auth is available via `PRISM_DASHBOARD_USER` / `PRISM_DASHBOARD_PASS`.
 - **Long-lived clients can accumulate zombie processes.** MCP clients that run for extended periods (e.g., Claude CLI) may leave orphaned Prism server processes. The lifecycle manager detects true orphans (PPID=1) but allows coexistence for active parent processes. Use `PRISM_INSTANCE` to isolate instances across clients.
-- **Migration is one-way.** Universal History Migration imports sessions *into* Prism but does not export back to Claude/Gemini/OpenAI formats. Use `session_export_memory` for portable JSON/Markdown export, or the `vault` format for Obsidian/Logseq-compatible `.zip` archives.
+- **Migration is one-way.** Universal Import ingests sessions *into* Prism but does not export back to Claude/Gemini/OpenAI formats. Use `session_export_memory` for portable JSON/Markdown export, or the `vault` format for Obsidian/Logseq-compatible `.zip` archives.
 - **Export ceiling at 10,000 ledger entries.** The `session_export_memory` tool and the dashboard export button cap vault/JSON exports at 10,000 entries per project as an OOM guard. Projects exceeding this limit should use per-project exports and time-based filtering to stay within the ceiling. This limit does not affect search or context loading.
 - **No Windows CI testing.** Prism is developed and tested on macOS/Linux. It should work on Windows via Node.js, but edge cases (file paths, PID locks) may surface.
 

package/dist/config.js

@@ -15,6 +15,9 @@ import { fileURLToPath } from "node:url";
  *   SUPABASE_KEY           — (optional) Your Supabase anon/service key. Enables session memory tools.
  *   PRISM_USER_ID          — (optional) Unique tenant ID for multi-user Supabase instances.
  *                            Defaults to "default". Set per-user in Claude Desktop config.
+ *   VOYAGE_API_KEY         — (optional) API key for Voyage AI embeddings. Enables embedding_provider=voyage.
+ *                            Voyage AI is the embedding provider recommended by Anthropic for use with
+ *                            Claude. Get a free key at https://dash.voyageai.com.
  *
  * If a required key is missing, the process exits immediately.
  * If an optional key is missing, a warning is logged but the server continues
@@ -60,6 +63,14 @@ export const BRAVE_ANSWERS_API_KEY = process.env.BRAVE_ANSWERS_API_KEY;
 if (!BRAVE_ANSWERS_API_KEY) {
     console.error("Warning: BRAVE_ANSWERS_API_KEY environment variable is missing. Brave Answers tool will be unavailable.");
 }
+// ─── Optional: Voyage AI API Key ──────────────────────────────
+// Used when embedding_provider = "voyage" in the dashboard.
+// Voyage AI is the embedding provider recommended by Anthropic for use
+// alongside Claude. voyage-3 supports 768-dim output via MRL truncation,
+// matching Prism's storage schema for zero-migration drop-in replacement.
+// Without this, VoyageAdapter construction will throw at server start if
+// embedding_provider=voyage is selected.
+export const VOYAGE_API_KEY = process.env.VOYAGE_API_KEY;
 // ─── v2.0: Storage Backend Selection ─────────────────────────
 // REVIEWER NOTE: Step 1 of v2.0 introduces a storage abstraction.
 // Currently only "supabase" is implemented. "local" (SQLite) is

package/dist/dashboard/intentHealth.js

@@ -0,0 +1,62 @@
+export function computeIntentHealth(ctx, staleThresholdDays = 30, nowMs = Date.now()) {
+    if (!Number.isFinite(staleThresholdDays) || staleThresholdDays <= 0)
+        staleThresholdDays = 30; // Guard against NaN / zero / negative
+    // 2. Compute staleness (Days since last session)
+    let stalenessDays = 0;
+    if (ctx.recent_sessions && ctx.recent_sessions.length > 0) {
+        const lastTimestamp = ctx.recent_sessions[0].created_at ? new Date(ctx.recent_sessions[0].created_at).getTime() : NaN;
+        stalenessDays = isNaN(lastTimestamp) ? 0 : Math.max(0, (nowMs - lastTimestamp) / (1000 * 60 * 60 * 24));
+    }
+    // 3. Count TODOs and Decisions
+    const todoCount = ctx.pending_todo?.length || 0;
+    const hasDecisions = ctx.recent_sessions?.some((s) => Array.isArray(s.decisions) && s.decisions.length > 0) ?? false;
+    // 4. Execute Intent Debt Scoring Algorithm
+    // Staleness (50 points): Linear decay until threshold
+    const stalenessScore = Math.max(0, 50 - (stalenessDays / staleThresholdDays) * 50);
+    // Open TODOs (30 points)
+    let todoScore = 30;
+    if (todoCount >= 10)
+        todoScore = 0;
+    else if (todoCount >= 7)
+        todoScore = 5;
+    else if (todoCount >= 4)
+        todoScore = 15;
+    else if (todoCount >= 1)
+        todoScore = 25;
+    // Decisions (20 points): 70% of max if missing
+    const decisionScore = hasDecisions ? 20 : 14;
+    const totalScore = Math.min(100, Math.round(stalenessScore + todoScore + decisionScore));
+    // 5. Generate Actionable Signals
+    const signals = [];
+    if (stalenessDays > staleThresholdDays) {
+        signals.push({ type: "staleness", message: `Stale: Last updated ${Math.round(stalenessDays)} days ago`, severity: "critical" });
+    }
+    else if (stalenessDays > staleThresholdDays / 2) {
+        signals.push({ type: "staleness", message: `Aging: Last updated ${Math.round(stalenessDays)} days ago`, severity: "warn" });
+    }
+    else {
+        signals.push({ type: "staleness", message: `Fresh: Last updated ${Math.round(stalenessDays)} days ago`, severity: "ok" });
+    }
+    if (todoCount >= 10) {
+        signals.push({ type: "todos", message: `${todoCount} TODOs pending (Overwhelming)`, severity: "critical" });
+    }
+    else if (todoCount >= 4) {
+        signals.push({ type: "todos", message: `${todoCount} TODOs pending`, severity: "warn" });
+    }
+    else {
+        signals.push({ type: "todos", message: `${todoCount} TODOs pending`, severity: "ok" });
+    }
+    if (hasDecisions) {
+        signals.push({ type: "decisions", message: "Active decisions captured", severity: "ok" });
+    }
+    else {
+        signals.push({ type: "decisions", message: "No active decisions documented", severity: "warn" });
+    }
+    return {
+        score: totalScore,
+        staleness_days: Math.round(stalenessDays),
+        open_todo_count: todoCount,
+        has_active_decisions: hasDecisions,
+        signals: signals
+    };
+}

package/dist/dashboard/server.js

@@ -23,7 +23,8 @@ import * as fs from "fs";
 import { getStorage } from "../storage/index.js";
 import { PRISM_USER_ID, SERVER_CONFIG } from "../config.js";
 import { renderDashboardHTML } from "./ui.js";
-import { getAllSettings, setSetting, getSetting } from "../storage/configStorage.js";
+import { computeIntentHealth } from "./intentHealth.js";
+import { getAllSettings, setSetting, getSetting, getSettingSync } from "../storage/configStorage.js";
 import { compactLedgerHandler } from "../tools/compactionHandler.js";
 import { getLLMProvider } from "../utils/llm/factory.js";
 import { buildVaultDirectory } from "../utils/vaultExporter.js";
@@ -1095,6 +1096,39 @@ self.addEventListener('message', (e) => {
                 });
                 return res.end(Buffer.from(pngBase64, "base64"));
             }
+            // ─── API: Intent Health (Feature A) ───
+            // GET /api/intent-health?project=xxx
+            if (url.pathname === "/api/intent-health" && req.method === "GET") {
+                const project = url.searchParams.get("project");
+                if (!project) {
+                    res.writeHead(400, { "Content-Type": "application/json" });
+                    return res.end(JSON.stringify({ error: "project is required" }));
+                }
+                try {
+                    const storage = await getStorageSafe();
+                    if (!storage) {
+                        res.writeHead(503, { "Content-Type": "application/json" });
+                        return res.end(JSON.stringify({ error: "Storage initializing..." }));
+                    }
+                    // Load 'standard' context to get active_decisions and recent_sessions
+                    // Note: API MUST use "standard" level (deep skips recent_sessions, which breaks staleness).
+                    const ctx = await storage.loadContext(project, "standard", PRISM_USER_ID);
+                    if (!ctx) {
+                        res.writeHead(404, { "Content-Type": "application/json" });
+                        return res.end(JSON.stringify({ error: "Project not found" }));
+                    }
+                    // 1. Fetch configurable threshold (default 30 days, avoiding 7-day panic)
+                    const staleThresholdDays = parseInt(getSettingSync("intent_health_stale_threshold_days", "30"), 10) || 30;
+                    const healthResult = computeIntentHealth(ctx, staleThresholdDays);
+                    res.writeHead(200, { "Content-Type": "application/json" });
+                    return res.end(JSON.stringify(healthResult));
+                }
+                catch (err) {
+                    console.error("[intent-health] Error computing intent health:", err);
+                    res.writeHead(500, { "Content-Type": "application/json" });
+                    return res.end(JSON.stringify({ error: "Failed to compute intent health" }));
+                }
+            }
             // ─── 404 ───
             res.writeHead(404, { "Content-Type": "text/plain" });
             res.end("Not found");

package/dist/dashboard/ui.js

@@ -625,6 +625,15 @@ export function renderDashboardHTML(version) {
           <ul class="todo-list" id="todos"></ul>
         </div>
 
+        <!-- Intent Health (Feature A) -->
+        <div class="card" id="intentHealthCard" style="display: none;">
+          <div class="card-title" style="display: flex; justify-content: space-between; align-items: center;">
+            <div><span class="dot" style="background:var(--accent-purple)"></span> Intent Health</div>
+            <span style="font-size: 11px; color: var(--text-muted); cursor: help; border-bottom: 1px dotted var(--text-muted); letter-spacing: normal; text-transform: none;" title="Intent debt limits how AI agents can evolve the system (Storey / Fowler)">What is this?</span>
+          </div>
+          <div id="intentHealthCardContent"></div>
+        </div>
+
         <!-- Git Metadata -->
         <div class="card">
           <div class="card-title"><span class="dot" style="background:var(--accent-green)"></span> Git Metadata</div>
@@ -1465,15 +1474,15 @@ function loadPipelines() {
             html += '<span style="font-weight:600;color:var(--text-primary)">' + emoji + ' ' + p.status + '</span>';
             html += '<span style="font-size:0.7rem;font-family:var(--font-mono);color:var(--text-muted)">' + p.id.slice(0, 8) + '…</span>';
             html += '</div>';
-            html += '<div style="font-size:0.82rem;color:var(--text-secondary);margin-bottom:0.35rem">' + objective + '</div>';
+            html += '<div style="font-size:0.82rem;color:var(--text-secondary);margin-bottom:0.35rem">' + escapeHtml(objective) + '</div>';
             html += '<div style="display:flex;gap:1rem;font-size:0.72rem;color:var(--text-muted);flex-wrap:wrap">';
-            html += '<span>📁 ' + (p.project || '?') + '</span>';
+            html += '<span>📁 ' + escapeHtml(p.project || '?') + '</span>';
             html += '<span>🔄 ' + p.iteration + ' / ' + maxIter + '</span>';
-            html += '<span>📍 ' + (p.current_step || '?') + '</span>';
+            html += '<span>📍 ' + escapeHtml(p.current_step || '?') + '</span>';
             html += '<span>🕐 ' + new Date(p.updated_at).toLocaleString() + '</span>';
             html += '</div>';
             if (p.error) {
-                html += '<div style="font-size:0.72rem;color:var(--accent-rose);margin-top:0.35rem;padding:0.3rem 0.5rem;background:rgba(244,63,94,0.08);border-radius:4px">⚠ ' + p.error.slice(0, 200) + '</div>';
+                html += '<div style="font-size:0.72rem;color:var(--accent-rose);margin-top:0.35rem;padding:0.3rem 0.5rem;background:rgba(244,63,94,0.08);border-radius:4px">⚠ ' + escapeHtml(p.error.slice(0, 200)) + '</div>';
             }
             if (isActive) {
                 html += '<div style="margin-top:0.5rem"><button onclick="abortPipeline(this.dataset.id)" data-id="' + p.id + '" class="cleanup-btn" style="font-size:0.72rem">🛑 Abort Pipeline</button></div>';
@@ -1495,7 +1504,7 @@ function loadPipelines() {
         }
     })
         .catch(function (err) {
-        document.getElementById('factoryList').innerHTML = '<div style="color:var(--accent-rose);padding:1rem">Failed to load pipelines: ' + err.message + '</div>';
+        document.getElementById('factoryList').innerHTML = '<div style="color:var(--accent-rose);padding:1rem">Failed to load pipelines: ' + escapeHtml(err.message) + '</div>';
     });
 }
 function abortPipeline(id) {
@@ -1672,11 +1681,36 @@ function loadIdentityChip() {
                     select = document.getElementById('projectSelect');
                     if (data.projects && data.projects.length > 0) {
                         select.innerHTML = '<option value="">— Select a project —</option>' +
-                            data.projects.map(function (p) { return '<option value="' + p + '">' + p + '</option>'; }).join('');
+                            data.projects.map(function (p) { return '<option value="' + escapeHtml(p) + '">' + escapeHtml(p) + '</option>'; }).join('');
+                        
+                        // v7.5.0: Background fetch intent health to add global traffic-light dots
+                        // Fetch sequentially to prevent SQLite WAL saturation with N concurrent loadContext calls
+                        var pIndex = 0;
+                        function fetchNextHealth() {
+                            if (pIndex >= data.projects.length) return;
+                            var p = data.projects[pIndex++];
+                            fetch('/api/intent-health?project=' + encodeURIComponent(p))
+                                .then(function (res) { return res.json(); })
+                                .then(function (hData) {
+                                    if (hData && typeof hData.score === 'number') {
+                                        var icon = hData.score >= 80 ? "🟢" : (hData.score >= 50 ? "🟡" : "🔴");
+                                        var opt = null;
+                                        for (var oi = 0; oi < select.options.length; oi++) {
+                                            if (select.options[oi].value === p) { opt = select.options[oi]; break; }
+                                        }
+                                        if (opt) opt.textContent = icon + " " + p;
+                                    }
+                                    fetchNextHealth();
+                                }).catch(function () { fetchNextHealth(); });
+                        }
+                        if (data.projects && data.projects.length > 0) {
+                            fetchNextHealth();
+                        }
+
                         gp = document.getElementById('graphProjectFilter');
                         if (gp) {
                             gp.innerHTML = '<option value="">All Projects</option>' +
-                                data.projects.map(function (p) { return '<option value="' + p + '">' + p + '</option>'; }).join('');
+                                data.projects.map(function (p) { return '<option value="' + escapeHtml(p) + '">' + escapeHtml(p) + '</option>'; }).join('');
                         }
                         // Restore last selected project from localStorage
                         var lastProject = localStorage.getItem('prism_last_project');
@@ -1708,8 +1742,15 @@ function loadProject() {
             switch (_a.label) {
                 case 0:
                     project = document.getElementById('projectSelect').value;
-                    if (!project)
+                    if (!project) {
+                        var hc = document.getElementById('intentHealthCard');
+                        if (hc) hc.style.display = 'none';
+                        var welcomeEl = document.getElementById('welcome');
+                        var contentEl = document.getElementById('content');
+                        if (contentEl) contentEl.style.display = 'none';
+                        if (welcomeEl) welcomeEl.style.display = 'flex';
                         return [2 /*return*/];
+                    }
                     // Persist last selected project
                     try { localStorage.setItem('prism_last_project', project); } catch(e) {}
                     document.getElementById('welcome').style.display = 'none';
@@ -1767,7 +1808,7 @@ function loadProject() {
                             var snap = h.snapshot || {};
                             var summary = snap.last_summary || snap.summary || 'Snapshot';
                             return '<div class="timeline-item history">' +
-                                '<div class="meta"><span class="badge badge-purple">v' + h.version + '</span>' +
+                                '<div class="meta"><span class="badge badge-purple">v' + escapeHtml(h.version) + '</span>' +
                                 '<span>' + formatDate(h.created_at) + '</span></div>' +
                                 escapeHtml(summary) + '</div>';
                         }).join('');
@@ -1785,7 +1826,7 @@ function loadProject() {
                                 try {
                                     var parsed = typeof decisions === 'string' ? JSON.parse(decisions) : decisions;
                                     if (Array.isArray(parsed) && parsed.length > 0) {
-                                        extra = '<div style="margin-top:0.3rem;font-size:0.75rem;color:var(--accent-cyan)">Decisions: ' + parsed.join(', ') + '</div>';
+                                        extra = '<div style="margin-top:0.3rem;font-size:0.75rem;color:var(--accent-cyan)">Decisions: ' + parsed.map(function(d) { return escapeHtml(d); }).join(', ') + '</div>';
                                     }
                                 }
                                 catch (e) { }
@@ -1851,6 +1892,10 @@ function loadProject() {
                     document.getElementById('content').className = 'grid grid-main fade-in';
                     document.getElementById('content').style.display = 'grid';
                     projectLoaded = true; // Fix 3: mark project as loaded for tab-switch restore
+                    
+                    // Feature A: Run Intent Health Fetch
+                    fetchIntentHealth(project);
+                    
                     // v3.1: Analytics + Lifecycle Controls + Import
                     document.getElementById('analyticsCard').style.display = 'block';
                     document.getElementById('lifecycleCard').style.display = 'block';
@@ -2393,7 +2438,7 @@ function showToast(msg, isErr) {
 function escapeHtml(str) {
     if (!str)
         return '';
-    return String(str).replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;');
+    return String(str).replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;').replace(/"/g, '&quot;').replace(/'/g, '&#039;');
 }
 function formatDate(isoStr) {
     if (!isoStr)
@@ -4060,6 +4105,67 @@ if ('serviceWorker' in navigator) {
     });
 }
 
+/* --- INTENT HEALTH COMPONENT (ES5 Safe) --- */
+
+function fetchIntentHealth(project) {
+    var container = document.getElementById('intentHealthCardContent');
+    var card = document.getElementById('intentHealthCard');
+    if (!container || !card) return;
+
+    card.style.display = 'block';
+    container.innerHTML = '<div style="color: #8b949e; padding: 16px;">Computing intent debt...</div>';
+
+    fetch('/api/intent-health?project=' + encodeURIComponent(project))
+        .then(function(res) { return res.json(); })
+        .then(function(data) {
+            if (data.error) {
+                container.innerHTML = '<div style="color: #ff7b72; padding: 16px;">Error: ' + escapeHtml(data.error) + '</div>';
+                return;
+            }
+            renderIntentHealthCard(data);
+        })
+        .catch(function(err) {
+            container.innerHTML = '<div style="color: #ff7b72; padding: 16px;">Failed to load intent health.</div>';
+        });
+}
+
+function renderIntentHealthCard(data) {
+    var container = document.getElementById('intentHealthCardContent');
+    if (!container) return;
+
+    // Determine Gauge Color
+    var scoreColor = '#2ea043'; // Green
+    if (data.score < 50) {
+        scoreColor = '#ff7b72'; // Red
+    } else if (data.score < 80) {
+        scoreColor = '#d29922'; // Yellow
+    }
+
+    // Render Signals
+    var signalsHtml = '';
+    for (var i = 0; i < data.signals.length; i++) {
+        var sig = data.signals[i];
+        var icon = '🟢';
+        if (sig.severity === 'warn') icon = '🟡';
+        if (sig.severity === 'critical') icon = '🔴';
+        signalsHtml += '<div style="margin-bottom: 8px; font-size: 13px;">' + icon + ' ' + escapeHtml(sig.message) + '</div>';
+    }
+
+    // Render Layout
+    var html = '' +
+        '<div style="display: flex; gap: 24px; align-items: center; padding: 16px;">' +
+            '<div style="text-align: center; flex-shrink: 0; min-width: 80px;">' +
+                '<div style="font-size: 42px; font-weight: bold; color: ' + scoreColor + '; line-height: 1;">' + (typeof data.score === 'number' ? data.score : '—') + '</div>' +
+                '<div style="font-size: 10px; color: #8b949e; text-transform: uppercase; letter-spacing: 1px; margin-top: 8px;">Health Score</div>' +
+            '</div>' +
+            '<div style="flex-grow: 1; border-left: 1px solid var(--border-glass); padding-left: 24px;">' +
+                signalsHtml +
+            '</div>' +
+        '</div>';
+
+    container.innerHTML = html;
+}
+
 </script>
 </body>
 </html>`;

package/dist/storage/sqlite.js

@@ -1184,6 +1184,30 @@ export class SqliteStorage {
                 importance: r.importance,
             }));
         }
+        // ─── v7.5.0: Validation Pulse (Standard & Deep) ─────────────
+        context.recent_validations = []; // Default empty
+        try {
+            const validationResult = await this.db.execute({
+                sql: `SELECT run_at, passed, pass_rate, gate_action, critical_failures
+              FROM verification_runs
+              WHERE project = ? AND user_id = ?
+              ORDER BY run_at DESC
+              LIMIT 3`,
+                args: [project, userId],
+            });
+            if (validationResult.rows.length > 0) {
+                context.recent_validations = validationResult.rows.map(r => ({
+                    run_at: r.run_at,
+                    passed: Boolean(r.passed),
+                    pass_rate: r.pass_rate,
+                    gate_action: r.gate_action,
+                    critical_failures: Number(r.critical_failures) || 0,
+                }));
+            }
+        }
+        catch (e) {
+            // Graceful degradation if verification_runs table hasn't been migrated yet
+        }
         if (level === "standard") {
             // Add recent ledger entries (role-scoped)
             const recentLedger = await this.db.execute({

package/dist/storage/supabase.js

@@ -170,7 +170,36 @@ export class SupabaseStorage {
                 p_role: role || "global", // v3.0: pass role to RPC
             });
             const data = Array.isArray(result) ? result[0] : result;
-            return data ?? null;
+            const context = data ?? null;
+            if (!context)
+                return null;
+            // ─── v7.5.0: Validation Pulse (Standard & Deep) ─────────────
+            if (level === "standard" || level === "deep") {
+                context.recent_validations = [];
+                try {
+                    const valData = await supabaseGet("verification_runs", {
+                        project: `eq.${project}`,
+                        user_id: `eq.${userId}`,
+                        select: "run_at,passed,pass_rate,gate_action,critical_failures",
+                        order: "run_at.desc",
+                        limit: "3"
+                    });
+                    const validations = Array.isArray(valData) ? valData : [];
+                    if (validations.length > 0) {
+                        context.recent_validations = validations.map((r) => ({
+                            run_at: r.run_at,
+                            passed: Boolean(r.passed),
+                            pass_rate: r.pass_rate,
+                            gate_action: r.gate_action,
+                            critical_failures: Number(r.critical_failures) || 0,
+                        }));
+                    }
+                }
+                catch (e) {
+                    // Graceful degradation if table doesn't exist yet
+                }
+            }
+            return context;
         }
         catch (e) {
             debugLog("[SupabaseStorage] loadContext RPC failed: " + (e instanceof Error ? e.message : String(e)));

package/dist/tools/ledgerHandlers.js

@@ -657,6 +657,19 @@ export async function sessionLoadContextHandler(args) {
     if (d.session_history?.length) {
         formattedContext += `\n📂 Session History (${d.session_history.length} entries):\n` + d.session_history.map((s) => `  [${s.session_date?.split("T")[0]}] ${s.summary}`).join("\n") + `\n`;
     }
+    if (d.recent_validations?.length) {
+        formattedContext += `\n🔬 Recent Validations:\n` + d.recent_validations.map((v) => {
+            const passStr = v.passed ? "✅ PASS" : "❌ FAIL";
+            const icon = v.gate_action ? (v.passed ? "🚀" : "🛑") : "ℹ️";
+            const dateStr = (v.run_at || "unknown").split("T")[0];
+            const rateStr = Math.round((Number(v.pass_rate) || 0) * 100);
+            let out = `  ${icon} [${dateStr}] ${passStr} (${rateStr}%)`;
+            if (v.critical_failures > 0) {
+                out += ` -> Critical Blockers: ${v.critical_failures}`;
+            }
+            return out;
+        }).join("\n") + `\n`;
+    }
     // ─── Role-Scoped Skill Injection ─────────────────────────────
     // If the active role has a skill document stored, append it so the
     // agent loads its rules/conventions automatically at session start.

package/dist/utils/llm/adapters/anthropic.js

@@ -85,8 +85,11 @@ export class AnthropicAdapter {
         // silent zero-vector or crash.
         throw new Error("AnthropicAdapter does not support text embeddings. " +
             "Anthropic has no native embedding API. " +
-            "In the Mind Palace dashboard, set 'Embedding Provider' to Gemini or OpenAI/Ollama. " +
-            "When using Ollama locally, 'nomic-embed-text' is a free, high-quality option.");
+            "Their official recommendation is Voyage AI (voyage-3, voyage-3-lite). " +
+            "In the Mind Palace dashboard, set 'Embedding Provider' to: " +
+            "'voyage' (Anthropic-recommended, set VOYAGE_API_KEY), " +
+            "'openai' (OpenAI cloud or local Ollama with nomic-embed-text), " +
+            "or 'gemini' (Google AI, set GOOGLE_API_KEY).");
     }
     // ─── Image Description (VLM) ─────────────────────────────────────────────
     /**

package/dist/utils/llm/adapters/voyage.js

@@ -0,0 +1,129 @@
+/**
+ * Voyage AI Adapter (v1.0)
+ * ─────────────────────────────────────────────────────────────────────────────
+ * PURPOSE:
+ *   Implements LLMProvider using Voyage AI's REST API for text embeddings.
+ *   Voyage AI is the embedding provider officially recommended by Anthropic
+ *   for use alongside Claude — it fills the gap left by Anthropic's lack
+ *   of a native embedding API.
+ *
+ * TEXT GENERATION:
+ *   Voyage AI is an embeddings-only service. generateText() throws an explicit
+ *   error, the same pattern used by AnthropicAdapter.generateEmbedding().
+ *   Set text_provider separately (anthropic, openai, or gemini).
+ *
+ * EMBEDDING DIMENSION PARITY (768 dims):
+ *   Prism's SQLite (sqlite-vec) and Supabase (pgvector) schemas define
+ *   embedding columns as EXACTLY 768 dimensions.
+ *
+ *   Voyage solution: voyage-3 and voyage-3-lite output 1024 dims by default,
+ *   but both support the `output_dimension` parameter (Matryoshka Representation
+ *   Learning), enabling truncation to 768 while preserving quality.
+ *   voyage-3-lite at 768 dims is the fastest and most cost-efficient option.
+ *
+ * MODELS:
+ *   voyage-3           — Highest quality, 1024 dims natively (MRL → 768)
+ *   voyage-3-lite      — Fast & cheap, 512 dims natively (MRL → 768 NOT supported)
+ *   voyage-3-large     — Best quality, use for offline indexing
+ *   voyage-code-3      — Optimised for code (recommended for dev sessions)
+ *
+ *   NOTE: voyage-3-lite natively outputs 512 dims; it does NOT support
+ *   output_dimension truncation to 768. Use voyage-3 for dimension parity.
+ *   Default is voyage-3 for this reason.
+ *
+ * CONFIG KEYS (Prism dashboard "AI Providers" tab OR environment variables):
+ *   voyage_api_key     — Required. Voyage AI API key (pa-...)
+ *   voyage_model       — Embedding model (default: voyage-3)
+ *
+ * USAGE WITH ANTHROPIC TEXT PROVIDER:
+ *   Set text_provider=anthropic, embedding_provider=voyage in the dashboard.
+ *   This pairs Claude for reasoning with Voyage for semantic memory — the
+ *   combination Anthropic recommends in their documentation.
+ *
+ * API REFERENCE:
+ *   https://docs.voyageai.com/reference/embeddings-api
+ */
+import { getSettingSync } from "../../../storage/configStorage.js";
+import { debugLog } from "../../logger.js";
+// ─── Constants ────────────────────────────────────────────────────────────────
+// Must match Prism's DB schema (sqlite-vec and pgvector column sizes).
+const EMBEDDING_DIMS = 768;
+// voyage-3 supports up to 32,000 tokens. Character-based cap (consistent
+// with OpenAI and Gemini adapters) avoids tokenizer dependency.
+// 8000 chars ≈ 1500-2000 tokens for typical session summaries.
+const MAX_EMBEDDING_CHARS = 8000;
+// Default model: voyage-3 (supports output_dimension=768 via MRL)
+// voyage-3-lite is NOT recommended as its native 512 dims < 768.
+const DEFAULT_MODEL = "voyage-3";
+const VOYAGE_API_BASE = "https://api.voyageai.com/v1";
+// ─── Adapter ─────────────────────────────────────────────────────────────────
+export class VoyageAdapter {
+    apiKey;
+    constructor() {
+        const apiKey = getSettingSync("voyage_api_key", process.env.VOYAGE_API_KEY ?? "");
+        if (!apiKey) {
+            throw new Error("VoyageAdapter requires a Voyage AI API key. " +
+                "Get one free at https://dash.voyageai.com — then set VOYAGE_API_KEY " +
+                "or configure it in the Mind Palace dashboard under 'AI Providers'.");
+        }
+        this.apiKey = apiKey;
+        debugLog("[VoyageAdapter] Initialized");
+    }
+    // ─── Text Generation (Not Supported) ────────────────────────────────────
+    async generateText(_prompt, _systemInstruction) {
+        // Voyage AI is an embeddings-only service.
+        // Use text_provider=anthropic, openai, or gemini for text generation.
+        throw new Error("VoyageAdapter does not support text generation. " +
+            "Voyage AI is an embeddings-only service. " +
+            "Set text_provider to 'anthropic', 'openai', or 'gemini' in the dashboard.");
+    }
+    // ─── Embedding Generation ────────────────────────────────────────────────
+    async generateEmbedding(text) {
+        if (!text || !text.trim()) {
+            throw new Error("[VoyageAdapter] generateEmbedding called with empty text");
+        }
+        // Truncate to character limit (consistent with other adapters)
+        const truncated = text.length > MAX_EMBEDDING_CHARS
+            ? text.slice(0, MAX_EMBEDDING_CHARS).replace(/\s+\S*$/, "")
+            : text;
+        const model = getSettingSync("voyage_model", DEFAULT_MODEL);
+        debugLog(`[VoyageAdapter] generateEmbedding — model=${model}, chars=${truncated.length}`);
+        const requestBody = {
+            input: [truncated],
+            model,
+            // Request exactly 768 dims via Matryoshka truncation.
+            // Supported by voyage-3, voyage-3-large, voyage-code-3.
+            // voyage-3-lite (native 512 dims) will ignore this and return 512,
+            // which will be caught by the dimension guard below.
+            output_dimension: EMBEDDING_DIMS,
+        };
+        const response = await fetch(`${VOYAGE_API_BASE}/embeddings`, {
+            method: "POST",
+            headers: {
+                "Authorization": `Bearer ${this.apiKey}`,
+                "Content-Type": "application/json",
+            },
+            body: JSON.stringify(requestBody),
+        });
+        if (!response.ok) {
+            const errorText = await response.text().catch(() => "unknown error");
+            throw new Error(`[VoyageAdapter] API request failed — status=${response.status}: ${errorText}`);
+        }
+        const data = (await response.json());
+        const embedding = data?.data?.[0]?.embedding;
+        if (!Array.isArray(embedding)) {
+            throw new Error("[VoyageAdapter] Unexpected response format — no embedding array found");
+        }
+        // Dimension guard: Prism's DB schema requires exactly 768 dims.
+        // This catches voyage-3-lite (512) or future API changes silently early.
+        if (embedding.length !== EMBEDDING_DIMS) {
+            throw new Error(`[VoyageAdapter] Embedding dimension mismatch: expected ${EMBEDDING_DIMS}, ` +
+                `got ${embedding.length}. ` +
+                `Use voyage-3 (not voyage-3-lite) to get 768-dim output via MRL truncation. ` +
+                `Change voyage_model in the Mind Palace dashboard.`);
+        }
+        debugLog(`[VoyageAdapter] Embedding generated — dims=${embedding.length}, ` +
+            `tokens_used=${data.usage?.total_tokens ?? "unknown"}`);
+        return embedding;
+    }
+}

package/dist/utils/llm/factory.js

@@ -1,5 +1,5 @@
 /**
- * LLM Provider Factory (v4.4 — Split Provider Architecture)
+ * LLM Provider Factory (v4.5 — Voyage AI Embedding Support)
  * ─────────────────────────────────────────────────────────────────────────────
  * PURPOSE:
  *   Single point of resolution for the active LLMProvider.
@@ -11,19 +11,21 @@
  *   Two independent settings control text and embedding routing:
  *
  *   text_provider      — "gemini" (default) | "openai" | "anthropic"
- *   embedding_provider — "auto" (default)   | "gemini" | "openai"
+ *   embedding_provider — "auto" (default)   | "gemini" | "openai" | "voyage"
  *
  *   When embedding_provider = "auto":
  *     * If text_provider is gemini or openai → use same provider for embeddings
  *     * If text_provider is anthropic → auto-fallback to gemini for embeddings
- *       (Anthropic has no native embedding API)
+ *       (Anthropic has no native embedding API; consider setting
+ *        embedding_provider=voyage for the Anthropic-recommended pairing)
  *
  * EXAMPLE CONFIGURATIONS:
  *   text_provider=gemini,    embedding_provider=auto   → Gemini+Gemini (default)
  *   text_provider=openai,    embedding_provider=auto   → OpenAI+OpenAI
  *   text_provider=anthropic, embedding_provider=auto   → Claude+Gemini (auto-bridge)
+ *   text_provider=anthropic, embedding_provider=voyage → Claude+Voyage (Anthropic-recommended)
  *   text_provider=anthropic, embedding_provider=openai → Claude+Ollama (cost-optimized)
- *   text_provider=gemini,    embedding_provider=openai → Gemini+Ollama (mixed)
+ *   text_provider=gemini,    embedding_provider=voyage → Gemini+Voyage (mixed)
  *
  * SINGLETON + GRACEFUL DEGRADATION:
  *   Same as before — instance cached per process, errors fall back to Gemini.
@@ -41,6 +43,7 @@ import { getSettingSync } from "../../storage/configStorage.js";
 import { GeminiAdapter } from "./adapters/gemini.js";
 import { OpenAIAdapter } from "./adapters/openai.js";
 import { AnthropicAdapter } from "./adapters/anthropic.js";
+import { VoyageAdapter } from "./adapters/voyage.js";
 import { TracingLLMProvider } from "./adapters/traced.js";
 // Module-level singleton — one composed provider per MCP server process.
 let providerInstance = null;
@@ -59,8 +62,10 @@ function buildEmbeddingAdapter(type) {
     // Note: "anthropic" is intentionally absent from this switch.
     // Anthropic has no embedding API, so it can never be an embedding provider.
     // The factory resolves "auto" away from "anthropic" before calling this.
+    // For Anthropic text users, "voyage" is the Anthropic-recommended pairing.
     switch (type) {
         case "openai": return new OpenAIAdapter();
+        case "voyage": return new VoyageAdapter();
         case "gemini":
         default: return new GeminiAdapter();
     }
@@ -90,7 +95,9 @@ export function getLLMProvider() {
         if (textType === "anthropic") {
             console.info("[LLMFactory] text_provider=anthropic with embedding_provider=auto: " +
                 "routing embeddings to GeminiAdapter (Anthropic has no native embedding API). " +
-                "Set embedding_provider=openai in dashboard to use Ollama/OpenAI instead.");
+                "For the Anthropic-recommended pairing, set embedding_provider=voyage in the dashboard " +
+                "(voyage-3 supports 768-dim output via MRL). " +
+                "Alternatively, set embedding_provider=openai to use Ollama/OpenAI.");
         }
     }
     try {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "prism-mcp-server",
-  "version": "7.4.0",
+  "version": "7.6.0",
   "mcpName": "io.github.dcostenco/prism-mcp",
   "description": "The Mind Palace for AI Agents — adversarial evaluation (PLAN_CONTRACT→EVALUATE anti-sycophancy), fail-closed Dark Factory autonomous pipelines (3-gate parse→type→scope), persistent memory (SQLite/Supabase), ACT-R cognitive retrieval, behavioral learning & IDE rules sync, multi-agent Hivemind, time travel, visual dashboard. Zero-config local mode.",
   "module": "index.ts",