prism-mcp-server 9.0.5 → 9.1.0

package/README.md

@@ -20,6 +20,8 @@ npx -y prism-mcp-server
 
 Works with **Claude Desktop · Claude Code · Cursor · Windsurf · Cline · Gemini · Antigravity** — **any MCP client.**
 
+https://github.com/dcostenco/prism-mcp/raw/main/docs/prism_mcp_demo.mp4
+
 ## 📖 Table of Contents
 
 - [Why Prism?](#why-prism)
@@ -437,13 +439,13 @@ A gorgeous glassmorphism UI at `localhost:3000` that lets you see exactly what y
 
 
 ### 🧬 10× Memory Compression
-Powered by a pure TypeScript port of Google's TurboQuant (inspired by Google's ICLR research), Prism compresses 768-dim embeddings from **3,072 bytes → ~400 bytes** — enabling decades of session history on a standard laptop. No native modules. No vector database required.
+Powered by a pure TypeScript port of Google's TurboQuant (inspired by Google's ICLR research), Prism compresses 768-dim embeddings from **3,072 bytes → ~400 bytes** — enabling decades of session history on a standard laptop. No native modules. No vector database required. To mitigate quantization degradation (where repeated compress/decompress cycles could smear subtle corrections after 10k+ memories), Prism leverages autonomous **ledger compaction** and **Deep Storage cleanup** to guarantee high-fidelity memory integrity over time.
 
-### 🐝 Multi-Agent Hivemind
-Multiple agents (dev, QA, PM) can work on the same project with **role-isolated memory**. Agents discover each other automatically, share context in real-time via Telepathy sync, and see a team roster during context loading. → [Multi-agent setup example](examples/multi-agent-hivemind/)
+### 🐝 Multi-Agent Hivemind & Enterprise Sync
+While local SQLite is amazing for solo developers, enterprise teams cannot share a local SQLite file. Prism breaks the "local-only" ceiling via **Supabase Sync** and the **Multi-Agent Hivemind**—scaling effortlessly to teams of 50+ developers using agents. Multiple agents (dev, QA, PM) can work on the same project with **role-isolated memory**, discover each other automatically, and share context in real-time via Telepathy sync to a shared Postgres backend. → [Multi-agent setup example](examples/multi-agent-hivemind/)
 
 ### 🚦 Task Router
-Prism can score coding tasks and recommend whether to keep execution on the host model or delegate to a **local Claw agent** (a lightweight sub-agent powered by Ollama/vLLM for fast, local-safe edits). This enables faster handling of small edits while preserving host execution for complex work. In client startup/skill flows, use defensive delegation: route only coding tasks, call `session_task_route` only when available, delegate to `claw` only when executor tooling exists and task is non-destructive, and fallback to host when router/executor is unavailable. → [Task router real-life example](examples/router_real_life_test.ts)
+Prism scores coding tasks across **6 weighted heuristic signals** (keyword analysis, file count, file-type complexity, scope, length, multi-step detection) and recommends whether to keep execution on the host cloud model or delegate to a **local Claw agent** (powered by deepseek-r1 / qwen2.5-coder via Ollama). File-type awareness routes config/docs edits locally while reserving systems-programming tasks for the host. The local agent features buffered streaming (handles split `<think>` tags), stateful multi-turn conversations, and automatic memory trimming. In client startup/skill flows, use defensive delegation: route only coding tasks, call `session_task_route` only when available, delegate to `claw` only when executor tooling exists and task is non-destructive, and fallback to host when router/executor is unavailable. → [Task router real-life example](examples/router_real_life_test.ts)
 
 ### 🖼️ Visual Memory
 Save UI screenshots, architecture diagrams, and bug states to a searchable vault. Images are auto-captioned by a VLM (Claude Vision / GPT-4V / Gemini) and become semantically searchable across sessions.
@@ -725,13 +727,13 @@ The Generator strips the `console.log`, resubmits, and the next `EVALUATE` retur
 
 ## 🆕 What's New
 
-> **Current release: v7.8.2 — Cognitive Architecture**
+> **Current release: v9.1.0 — Task Router v2 & Local Agent Hardening**
 
-- 🧠 **v7.8.0 — Cognitive Architecture:** The biggest leap forward yet. Moved beyond flat vector search into a true cognitive architecture inspired by human brain mechanics. Episodic-to-Semantic memory consolidation (Hebbian learning), ACT-R Spreading Activation with multi-hop causal reasoning, Uncertainty-Aware Rejection Gate (your agent can say "I don't know"), and Dynamic Fast Weight Decay (semantic memories outlive episodic chatter by 2×). **Your agents don't just remember; they learn.** → [Cognitive Architecture](#-cognitive-architecture-v78)
-- 🌐 **v7.7.0 — Cloud-Native SSE Transport:** Full unauthenticated and authenticated Server-Sent Events MCP support for seamless network deployments.
-- 🩺 **v7.5.0 — Intent Health Dashboard + Security Hardening:** Real-time 0–100 project health scoring (staleness × TODO load × decisions). 10 XSS injection vectors patched. Algorithm hardened with NaN guards and score ceiling.
-- ⚔️ **v7.4.0 — Adversarial Evaluation:** Split-brain anti-sycophancy pipeline. Generator and evaluator in isolated roles with evidence-bound findings.
-- 🏭 **v7.3.x — Dark Factory + Stability:** Fail-closed 3-gate execution pipeline. Dashboard stability and verification diagnostics.
+- 🚦 **v9.1.0 — Task Router v2:** File-type complexity signal for intelligent code-vs-config routing, 6-signal weighted heuristic engine, multi-step false-positive fix, expanded file extension classification. Local agent hardened with buffered streaming, system prompts, memory trimming, and stateful `/api/chat` API.
+- 🔒 **v9.0.5 — JWKS Auth Security Hardening:** JWT audience/issuer claim validation (`PRISM_JWT_AUDIENCE`, `PRISM_JWT_ISSUER`), structured error logging for JWT failures, typed `PrismAuthenticatedRequest` interface, 11 new JWKS unit tests, Smithery server card fix. Vendor-neutral — tested with Auth0, AgentLair ([llms.txt](https://agentlair.com/llms.txt)), Keycloak, and custom JWKS endpoints.
+- 🧠 **v9.0.0 — Autonomous Cognitive OS:** Token-Economic Reinforcement Learning (Surprisal Gate + Cognitive Budget), Affect-Tagged Memory (valence-scored retrieval), and Episodic→Semantic Consolidation. Your agents learn compression and develop intuition. → [Cognitive OS](#-autonomous-cognitive-os-v90)
+- 🧠 **v7.8.0 — Cognitive Architecture:** Episodic-to-Semantic memory consolidation (Hebbian learning), ACT-R Spreading Activation with multi-hop causal reasoning, Uncertainty-Aware Rejection Gate, and Dynamic Fast Weight Decay. → [Cognitive Architecture](#-cognitive-architecture-v78)
+- 🌐 **v7.7.0 — Cloud-Native SSE Transport:** Full Server-Sent Events MCP support for seamless network deployments.
 
 👉 **[Full release history → CHANGELOG.md](CHANGELOG.md)** · **[ROADMAP →](ROADMAP.md)**
 
@@ -971,6 +973,9 @@ Requires `PRISM_DARK_FACTORY_ENABLED=true`.
 | `PRISM_ACTR_WEIGHT_ACTIVATION` | No | Composite score ACT-R activation weight (default: `0.3`) |
 | `PRISM_ACTR_ACCESS_LOG_RETENTION_DAYS` | No | Days before access logs are pruned by background scheduler (default: `90`) |
 | `PRISM_DARK_FACTORY_ENABLED` | No | `"true"` to enable Dark Factory autonomous pipeline tools (`session_start_pipeline`, `session_check_pipeline_status`, `session_abort_pipeline`) |
+| `PRISM_JWKS_URI` | No | JWKS endpoint URL for vendor-neutral JWT auth (e.g., `https://your-tenant.auth0.com/.well-known/jwks.json`) |
+| `PRISM_JWT_AUDIENCE` | No | Expected JWT `aud` claim — prevents cross-service token confusion |
+| `PRISM_JWT_ISSUER` | No | Expected JWT `iss` claim — validates token origin |
 
 </details>
 
@@ -1097,12 +1102,39 @@ Prism has evolved from smart session logging into a **cognitive memory architect
 
 ---
 
+## 💼 B2B Consulting & Enterprise Support
+
+Prism MCP is open-source and free for individual developers. For teams and enterprises building autonomous AI workflows or integrating MCP-native memory at scale, we offer professional consulting and setup packages.
+
+### 🥉 Team Pilot Package
+*Perfect for engineering teams adopting MCP tools and collaborative agents.*
+* **What's included:** Full team rollout, managed Supabase configuration (for multi-device sync), Universal Import of legacy chat history, and dedicated setup support.
+* **Model:** Fixed-price engagement.
+
+### 🥈 Cognitive Architecture Tuning
+*For teams building advanced AI agents or autonomous pipelines.*
+* **What's included:** "Dark Factory" pipeline implementation tailored to your workflows, adversarial evaluator tuning, custom HDC cognitive route configuration, and local open-weight model integration (BYOM).
+* **Model:** Retainer or project-based.
+
+### 🥇 Enterprise Integration
+*Full-scale deployment for high-compliance environments.*
+* **What's included:** Active Directory / custom JWKS auth integration, Air-gapped on-premise deployment, custom OTel Grafana dashboards for cognitive observability, and custom skills/tools development.
+* **Model:** Custom enterprise quote.
+
+**Interested in accelerating your team's autonomous workflows?**  
+[📧 Contact us for a consultation](mailto:inquiries@prism-mcp.com) — let's build your organization's cognitive memory engine.
+
+---
+
 ## 📦 Milestones & Roadmap
 
-> **Current: v7.8.2** — Cognitive Architecture ([CHANGELOG](CHANGELOG.md))
+> **Current: v9.1.0** — Task Router v2 & Local Agent Hardening ([CHANGELOG](CHANGELOG.md))
 
 | Release | Headline |
 |---------|----------|
+| **v9.1.0** | 🚦 Task Router v2 — file-type routing signal, 6-signal heuristics, local agent streaming buffer |
+| **v9.0.5** | 🔒 JWKS Auth Security Hardening — audience/issuer validation, JWT failure logging, typed agent identity |
+| **v9.0** | 🧠 Autonomous Cognitive OS — Surprisal Gate, Cognitive Budget, Affect-Tagged Memory |
 | **v7.8** | 🧠 Cognitive Architecture — Hebbian consolidation, multi-hop reasoning, rejection gate, dynamic decay |
 | **v7.7** | 🌐 Cloud-Native SSE Transport |
 | **v7.5** | 🩺 Intent Health Dashboard + Security Hardening |
@@ -1145,7 +1177,7 @@ A: Run `npm run build && npm test`, then open the Mind Palace dashboard (`localh
 - **MCP client race conditions.** Some MCP clients may not finish tool enumeration before the model generates its first response, causing transient `unknown_tool` errors. This is a client-side timing issue — Prism's server completes the MCP handshake in ~60ms. Workaround: the server-side auto-push fallback and the startup skill's retry logic.
 - **No real-time sync without Supabase.** Local SQLite mode is single-machine only. Multi-device or team sync requires a Supabase backend.
 - **Embedding quality varies by provider.** Gemini `text-embedding-004` and OpenAI `text-embedding-3-small` produce high-quality 768-dim vectors. Prism passes `dimensions: 768` via the Matryoshka API for OpenAI models (native output is 1536-dim; this truncation is lossless and outperforms ada-002 at full 1536 dims). Ollama embeddings (e.g., `nomic-embed-text`) are usable but may reduce retrieval accuracy.
-- **Dashboard is HTTP-only.** The Mind Palace dashboard at `localhost:3000` does not support HTTPS. For remote access, use a reverse proxy (nginx/Caddy) or SSH tunnel. Basic auth is available via `PRISM_DASHBOARD_USER` / `PRISM_DASHBOARD_PASS`.
+- **Dashboard is HTTP-only.** The Mind Palace dashboard at `localhost:3000` does not support HTTPS. For remote access, use a reverse proxy (nginx/Caddy) or SSH tunnel. Basic auth is available via `PRISM_DASHBOARD_USER` / `PRISM_DASHBOARD_PASS`. JWKS JWT auth is available via `PRISM_JWKS_URI` for agent-native authentication (works with Auth0, AgentLair ([llms.txt](https://agentlair.com/llms.txt)), Keycloak, Cognito, or any standard JWKS endpoint).
 - **Long-lived clients can accumulate zombie processes.** MCP clients that run for extended periods (e.g., Claude CLI) may leave orphaned Prism server processes. The lifecycle manager detects true orphans (PPID=1) but allows coexistence for active parent processes. Use `PRISM_INSTANCE` to isolate instances across clients.
 - **Migration is one-way.** Universal Import ingests sessions *into* Prism but does not export back to Claude/Gemini/OpenAI formats. Use `session_export_memory` for portable JSON/Markdown export, or the `vault` format for Obsidian/Logseq-compatible `.zip` archives.
 - **Export ceiling at 10,000 ledger entries.** The `session_export_memory` tool and the dashboard export button cap vault/JSON exports at 10,000 entries per project as an OOM guard. Projects exceeding this limit should use per-project exports and time-based filtering to stay within the ceiling. This limit does not affect search or context loading.

package/dist/dashboard/authUtils.js

@@ -41,24 +41,39 @@ let jwksCache = null;
 export function initJWKS(uri) {
     try {
         jwksCache = createRemoteJWKSet(new URL(uri));
+        console.error(`[Auth] 🔑 JWKS remote key set initialized: ${uri}`);
     }
     catch (err) {
-        console.error(`Failed to initialize JWKS from ${uri}:`, err);
+        console.error(`[Auth] ❌ Failed to initialize JWKS from ${uri}:`, err);
     }
 }
+/**
+ * Reset JWKS cache — for testing only.
+ * @internal
+ */
+export function _resetJWKS(cache = null) {
+    jwksCache = cache;
+}
+/** Expose JWKS cache state for testing. @internal */
+export function _getJWKSCache() {
+    return jwksCache;
+}
 // ─────────────────────────────────────────────────────────────────
 // AUTHENTICATION CHECK
 // ─────────────────────────────────────────────────────────────────
 /**
  * Check if a request is authenticated against the provided config.
  *
- * Returns true if:
- *   1. Auth is disabled (authEnabled === false) → pass-through
- *   2. Request has a valid, non-expired session cookie
- *   3. Request has valid Basic Auth credentials
+ * Authentication is checked in priority order:
+ *   1. Auth disabled (authEnabled === false) → pass-through
+ *   2. Bearer JWT token verified against JWKS remote key set
+ *   3. Valid, non-expired session cookie
+ *   4. Valid Basic Auth credentials
  *
- * Side effect: expired session tokens are lazily cleaned up when
- * encountered, preventing unbounded memory growth.
+ * Side effects:
+ *   - Expired session tokens are lazily cleaned up when encountered
+ *   - On successful JWT verification, `req.agent_id` is set for
+ *     downstream traceability (audit logging, access control)
  */
 export async function isAuthenticated(req, config) {
     if (!config.authEnabled)
@@ -68,14 +83,26 @@ export async function isAuthenticated(req, config) {
     if (authHeader.startsWith("Bearer ") && jwksCache) {
         try {
             const token = authHeader.slice(7);
-            const { payload } = await jwtVerify(token, jwksCache);
-            // Attach agent_id to the request for traceability if needed downstream
-            req.agent_id = payload.agent_id || payload.sub;
+            const verifyOpts = {
+                clockTolerance: 30, // 30s clock skew tolerance
+            };
+            if (config.jwtAudience)
+                verifyOpts.audience = config.jwtAudience;
+            if (config.jwtIssuer)
+                verifyOpts.issuer = config.jwtIssuer;
+            const { payload } = await jwtVerify(token, jwksCache, verifyOpts);
+            const payloadDict = payload;
+            // Attach agent_id and AgentLair audit metadata to the request for downstream traceability
+            const authReq = req;
+            authReq.agent_id =
+                payloadDict.agent_id || payload.sub;
+            authReq.al_name = payloadDict.al_name;
+            authReq.al_audit_url = payloadDict.al_audit_url;
             return true;
         }
         catch (err) {
-            // Verification failed — let it fall through or return false
-            // console.error("JWT verification failed:", err);
+            const code = err.code || "UNKNOWN";
+            console.error(`[Auth] JWT verification failed (${code}):`, err.message);
             return false;
         }
     }

package/dist/dashboard/server.js

@@ -90,6 +90,8 @@ export async function startDashboardServer() {
         authUser: AUTH_USER,
         authPass: AUTH_PASS,
         activeSessions,
+        jwtAudience: process.env.PRISM_JWT_AUDIENCE || undefined,
+        jwtIssuer: process.env.PRISM_JWT_ISSUER || undefined,
     };
     // v6.5.1: Rate limiter for login endpoint — 5 attempts per 60 seconds per IP
     const loginRateLimiter = createRateLimiter({
@@ -141,7 +143,18 @@ return false;}
 </script></body></html>`;
     }
     if (AUTH_ENABLED) {
-        console.error(`[Dashboard] 🔒 Auth enabled for user "${AUTH_USER}"`);
+        if (AUTH_USER) {
+            console.error(`[Dashboard] 🔒 Basic auth enabled for user "${AUTH_USER}"`);
+        }
+        if (AUTH_JWKS_URI) {
+            console.error(`[Dashboard] 🔑 JWKS auth enabled: ${AUTH_JWKS_URI}`);
+            if (process.env.PRISM_JWT_AUDIENCE) {
+                console.error(`[Dashboard]    Audience: ${process.env.PRISM_JWT_AUDIENCE}`);
+            }
+            else {
+                console.error(`[Dashboard] ⚠️  No PRISM_JWT_AUDIENCE set — any valid JWT from this JWKS will be accepted.`);
+            }
+        }
         // Security advisory: HTTP Basic Auth transmits credentials in cleartext.
         // When auth is enabled for remote access, HTTPS (reverse proxy) is strongly recommended.
         console.error(`[Dashboard] ⚠️  WARNING: Dashboard uses HTTP (not HTTPS). ` +
@@ -228,7 +241,7 @@ return false;}
                         version: SERVER_CONFIG.version,
                     },
                     authentication: {
-                        required: false
+                        required: AUTH_ENABLED
                     },
                     configSchema: {
                         type: "object",
@@ -318,6 +331,17 @@ return false;}
             res.writeHead(401, { "Content-Type": "text/html; charset=utf-8" });
             return res.end(renderLoginPage());
         }
+        // ─── AUDIT LOGGING (JWKS / AgentLair) ───
+        const authReq = req;
+        // Log successful agent access (identified via JWKS JWT)
+        if (authReq.agent_id && reqUrl.pathname !== "/api/scheduler") {
+            let auditLog = `[Dashboard] 🚦 Access: ${req.method} ${reqUrl.pathname} by agent ${authReq.agent_id}`;
+            if (authReq.al_name)
+                auditLog += ` (${authReq.al_name})`;
+            if (authReq.al_audit_url)
+                auditLog += ` - Audit: ${authReq.al_audit_url}`;
+            console.error(auditLog);
+        }
         try {
             const url = new URL(req.url || "/", `http://${req.headers.host}`);
             // ─── SSE: MCP Transport Endpoint ───

package/dist/tools/taskRouterHandler.js

@@ -1,20 +1,20 @@
 /**
- * Task Router Handler (v7.1.0)
+ * Task Router Handler (v9.1.0)
  *
  * Pure, deterministic heuristic-based routing engine that analyzes a coding
  * task description and recommends whether it should be handled by the host
- * cloud model or delegated to the local claw-code-agent (Qwen3).
+ * cloud model or delegated to the local claw-code-agent (deepseek-r1 / qwen2.5-coder).
  *
- * No database queries. No API calls. Fully testable.
+ * No database queries in the pure route. No API calls. Fully testable.
+ * Experience-based ML bias (v7.2.0+) is applied post-hoc in the handler.
  *
- * Heuristic Signals (v7.1.0):
+ * Heuristic Signals:
  *   1. Keyword analysis        (weight: 0.35)
- *   2. File count               (weight: 0.20)
- *   3. estimated_scope enum     (weight: 0.25)
- *   4. Task length proxy        (weight: 0.10)
- *   5. Multi-step detection     (weight: 0.10)
- *
- * v7.2.0 will add experience-based ML routing using SQLite feedback data.
+ *   2. File count               (weight: 0.15)
+ *   3. File type / extension    (weight: 0.10)
+ *   4. estimated_scope enum     (weight: 0.20)
+ *   5. Task length proxy        (weight: 0.10)
+ *   6. Multi-step detection     (weight: 0.10)
  */
 import { isSessionTaskRouteArgs, } from "./sessionMemoryDefinitions.js";
 import { getStorage } from "../storage/index.js";
@@ -59,7 +59,8 @@ const MULTI_STEP_MARKERS = [
     "step 1", "step 2", "step 3",
     "then update", "then modify", "then create",
     "followed by", "subsequently",
-    "1.", "2.", "3.",
+    // Note: removed bare "1.", "2.", "3." — too many false positives
+    // on version numbers (v1.2.3), decimals, and IP addresses.
 ];
 // ─── Heuristic Engine ────────────────────────────────────────
 /**
@@ -108,7 +109,32 @@ function fileCountSignal(files) {
     return -1.0;
 }
 /**
- * Compute a claw-affinity score from estimated_scope.
+ * Compute a claw-affinity score from file extentions.
+ * Simple configs/docs -> claw (+0.5)
+ * Complex low-level languages -> host (-0.5)
+ */
+function fileTypeSignal(files) {
+    if (!files || files.length === 0)
+        return 0;
+    let simple = 0;
+    let complex = 0;
+    for (const f of files) {
+        if (f.match(/\.(md|json|yml|yaml|txt|csv|env|ini|toml|cfg)$/i))
+            simple++;
+        else if (f.match(/\.(cpp|cc|cxx|c|h|hpp|rs|go|java|swift|zig)$/i))
+            complex++;
+        // .ts, .js, .py, .rb, .sh, .css, .html — common scripting/web langs stay neutral (0)
+    }
+    if (simple > 0 && complex === 0)
+        return 0.5;
+    if (complex > 0 && simple === 0)
+        return -0.5;
+    if (complex > 0 && simple > 0)
+        return -0.2; // Complex outweighs simple
+    return 0;
+}
+/**
+ * Compute a claw-affinity score from scope.
  * minor_edit → strongly claw (+1.0)
  * bug_fix → moderate claw (+0.4) — some bugs are complex
  * new_feature → moderate host (-0.3)
@@ -125,17 +151,23 @@ function scopeSignal(scope) {
 }
 /**
  * Compute a claw-affinity score from task description length.
- * Short (< 200 chars) → claw-favoring (+0.5)
+ * Short (< 100 chars) → strongly claw (+1.0)
+ * Short-medium (< 200 chars) → claw (+0.5)
  * Medium (200-500 chars) → neutral (0.0)
- * Long (> 500 chars) → host-favoring (-0.5) — long = complex context
+ * Long (500-1500 chars) → host-favoring (-0.5)
+ * Very long (> 1500 chars) → strongly host (-1.0) due to context complexity
  */
 function lengthSignal(description) {
     const len = description.length;
+    if (len < 100)
+        return 1.0;
     if (len < 200)
         return 0.5;
     if (len <= 500)
         return 0.0;
-    return -0.5;
+    if (len <= 1500)
+        return -0.5;
+    return -1.0;
 }
 /**
  * Detect multi-step task patterns.
@@ -153,8 +185,9 @@ function multiStepSignal(description) {
 // ─── Weights ─────────────────────────────────────────────────
 const WEIGHTS = {
     keyword: 0.35,
-    fileCount: 0.20,
-    scope: 0.25,
+    fileCount: 0.15,
+    fileType: 0.10,
+    scope: 0.20,
     length: 0.10,
     multiStep: 0.10,
 };
@@ -177,6 +210,7 @@ export function computeRoute(args) {
     // ── Compute individual signals ──
     const kw = keywordSignal(task_description);
     const fc = fileCountSignal(files_involved);
+    const ft = fileTypeSignal(files_involved);
     const sc = scopeSignal(estimated_scope);
     const ln = lengthSignal(task_description);
     const ms = multiStepSignal(task_description);
@@ -184,6 +218,7 @@ export function computeRoute(args) {
     // Positive = claw-favoring, Negative = host-favoring
     const composite = kw * WEIGHTS.keyword +
         fc * WEIGHTS.fileCount +
+        ft * WEIGHTS.fileType +
         sc * WEIGHTS.scope +
         ln * WEIGHTS.length +
         ms * WEIGHTS.multiStep;
@@ -206,6 +241,8 @@ export function computeRoute(args) {
         signals.push(`keyword analysis ${kw > 0 ? "favors claw" : "favors host"} (${kw.toFixed(2)})`);
     if (fc !== 0)
         signals.push(`file count signal: ${fc.toFixed(1)}`);
+    if (ft !== 0)
+        signals.push(`file type signal: ${ft.toFixed(1)}`);
     if (sc !== 0)
         signals.push(`scope "${estimated_scope}" signal: ${sc.toFixed(1)}`);
     if (ms !== 0)

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "prism-mcp-server",
-  "version": "9.0.5",
+  "version": "9.1.0",
   "mcpName": "io.github.dcostenco/prism-mcp",
   "description": "The Mind Palace for AI Agents — a true Cognitive Architecture with Hebbian learning (episodic→semantic consolidation), ACT-R spreading activation (multi-hop causal reasoning), uncertainty-aware rejection gates (agents that know when they don't know), adversarial evaluation (anti-sycophancy), fail-closed Dark Factory pipelines, persistent memory (SQLite/Supabase), multi-agent Hivemind, time travel & visual dashboard. Zero-config local mode.",
   "module": "index.ts",