omni-cortex 1.5.0__tar.gz → 1.6.0__tar.gz

{omni_cortex-1.5.0 → omni_cortex-1.6.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: omni-cortex
-Version: 1.5.0
+Version: 1.6.0
 Summary: Give Claude Code a perfect memory - auto-logs everything, searches smartly, and gets smarter over time
 Project-URL: Homepage, https://github.com/AllCytes/Omni-Cortex
 Project-URL: Repository, https://github.com/AllCytes/Omni-Cortex

{omni_cortex-1.5.0 → omni_cortex-1.6.0}/dashboard/backend/chat_service.py

@@ -214,9 +214,13 @@ async def save_conversation(
     client = get_client()
     if client:
         try:
+            # Escape content to prevent injection in summary generation
+            safe_content = xml_escape(content[:2000])
             summary_prompt = f"""Summarize this conversation in one concise sentence (max 100 chars):
 
-{content[:2000]}
+<conversation>
+{safe_content}
+</conversation>
 
 Summary:"""
             response = client.models.generate_content(

{omni_cortex-1.5.0 → omni_cortex-1.6.0}/dashboard/backend/image_service.py

@@ -209,9 +209,9 @@ Tags: {', '.join(memory.tags) if memory.tags else 'N/A'}
             if preset_prompt:
                 parts.append(f"\nImage style guidance:\n{preset_prompt}")
 
-        # Add user's custom prompt
+        # Add user's custom prompt (escaped to prevent injection)
         if request.custom_prompt:
-            parts.append(f"\nUser request: {request.custom_prompt}")
+            parts.append(f"\nUser request: {xml_escape(request.custom_prompt)}")
 
         parts.append("\nGenerate a professional, high-quality image optimized for social media sharing.")
 
@@ -461,10 +461,10 @@ Tags: {', '.join(memory.tags) if memory.tags else 'N/A'}
                 "parts": parts
             })
 
-        # Add refinement prompt
+        # Add refinement prompt (escaped to prevent injection)
         contents.append({
             "role": "user",
-            "parts": [{"text": refinement_prompt}]
+            "parts": [{"text": xml_escape(refinement_prompt)}]
         })
 
         # Configure - use defaults or provided values

{omni_cortex-1.5.0 → omni_cortex-1.6.0}/dashboard/backend/main.py

@@ -135,6 +135,7 @@ class DatabaseChangeHandler(FileSystemEventHandler):
         self.loop = loop
         self._debounce_task: Optional[asyncio.Task] = None
         self._last_path: Optional[str] = None
+        self._last_activity_count: dict[str, int] = {}
 
     def on_modified(self, event):
         if event.src_path.endswith("cortex.db") or event.src_path.endswith("global.db"):
@@ -146,9 +147,35 @@ class DatabaseChangeHandler(FileSystemEventHandler):
                 )
 
     async def _debounced_notify(self):
-        await asyncio.sleep(0.5)  # Wait for rapid changes to settle
+        await asyncio.sleep(0.3)  # Reduced from 0.5s for faster updates
         if self._last_path:
-            await self.ws_manager.broadcast("database_changed", {"path": self._last_path})
+            db_path = self._last_path
+
+            # Broadcast general database change
+            await self.ws_manager.broadcast("database_changed", {"path": db_path})
+
+            # Fetch and broadcast latest activities (IndyDevDan pattern)
+            try:
+                # Get recent activities
+                recent = get_activities(db_path, limit=5, offset=0)
+                if recent:
+                    # Broadcast each new activity
+                    for activity in recent:
+                        await self.ws_manager.broadcast_activity_logged(
+                            db_path,
+                            activity if isinstance(activity, dict) else activity.model_dump()
+                        )
+
+                    # Also broadcast session update
+                    sessions = get_recent_sessions(db_path, limit=1)
+                    if sessions:
+                        session = sessions[0]
+                        await self.ws_manager.broadcast_session_updated(
+                            db_path,
+                            session if isinstance(session, dict) else dict(session)
+                        )
+            except Exception as e:
+                print(f"[WS] Error broadcasting activities: {e}")
 
 
 # File watcher

{omni_cortex-1.5.0 → omni_cortex-1.6.0}/dashboard/backend/websocket_manager.py

@@ -77,6 +77,28 @@ class WebSocketManager:
         """Get the number of active connections."""
         return len(self.connections)
 
+    # Typed broadcast methods (IndyDevDan pattern)
+    async def broadcast_activity_logged(self, project: str, activity: dict[str, Any]):
+        """Broadcast when a new activity is logged."""
+        await self.broadcast("activity_logged", {
+            "project": project,
+            "activity": activity,
+        })
+
+    async def broadcast_session_updated(self, project: str, session: dict[str, Any]):
+        """Broadcast when a session is updated."""
+        await self.broadcast("session_updated", {
+            "project": project,
+            "session": session,
+        })
+
+    async def broadcast_stats_updated(self, project: str, stats: dict[str, Any]):
+        """Broadcast when stats change (for charts/panels)."""
+        await self.broadcast("stats_updated", {
+            "project": project,
+            "stats": stats,
+        })
+
 
 # Global manager instance
 manager = WebSocketManager()

omni_cortex-1.6.0/hooks/post_tool_use.py

@@ -0,0 +1,335 @@
+#!/usr/bin/env python3
+"""PostToolUse hook - logs tool result after execution.
+
+This hook is called by Claude Code after each tool completes.
+It logs the tool output, duration, and success/error status.
+
+Hook configuration for settings.json:
+{
+    "hooks": {
+        "PostToolUse": [
+            {
+                "type": "command",
+                "command": "python hooks/post_tool_use.py"
+            }
+        ]
+    }
+}
+"""
+
+import json
+import re
+import sys
+import os
+import sqlite3
+import time
+from datetime import datetime, timezone
+from pathlib import Path
+from typing import Optional
+
+
+# Session timeout in seconds (4 hours of inactivity = new session)
+SESSION_TIMEOUT_SECONDS = 4 * 60 * 60
+
+# Patterns for sensitive field names that should be redacted
+SENSITIVE_FIELD_PATTERNS = [
+    r'(?i)(api[_-]?key|apikey)',
+    r'(?i)(password|passwd|pwd)',
+    r'(?i)(secret|token|credential)',
+    r'(?i)(auth[_-]?token|access[_-]?token)',
+    r'(?i)(private[_-]?key|ssh[_-]?key)',
+]
+
+
+def generate_session_id() -> str:
+    """Generate a unique session ID matching the MCP format."""
+    timestamp_ms = int(time.time() * 1000)
+    random_hex = os.urandom(4).hex()
+    return f"sess_{timestamp_ms}_{random_hex}"
+
+
+def get_session_file_path() -> Path:
+    """Get the path to the current session file."""
+    project_path = os.environ.get("CLAUDE_PROJECT_DIR", os.getcwd())
+    return Path(project_path) / ".omni-cortex" / "current_session.json"
+
+
+def load_session_file() -> Optional[dict]:
+    """Load the current session from file if it exists and is valid."""
+    session_file = get_session_file_path()
+    if not session_file.exists():
+        return None
+
+    try:
+        with open(session_file, "r") as f:
+            return json.load(f)
+    except (json.JSONDecodeError, IOError):
+        return None
+
+
+def save_session_file(session_data: dict) -> None:
+    """Save the current session to file."""
+    session_file = get_session_file_path()
+    session_file.parent.mkdir(parents=True, exist_ok=True)
+
+    with open(session_file, "w") as f:
+        json.dump(session_data, f, indent=2)
+
+
+def is_session_valid(session_data: dict) -> bool:
+    """Check if a session is still valid (not timed out)."""
+    last_activity = session_data.get("last_activity_at")
+    if not last_activity:
+        return False
+
+    try:
+        last_time = datetime.fromisoformat(last_activity.replace("Z", "+00:00"))
+        now = datetime.now(timezone.utc)
+        elapsed_seconds = (now - last_time).total_seconds()
+        return elapsed_seconds < SESSION_TIMEOUT_SECONDS
+    except (ValueError, TypeError):
+        return False
+
+
+def create_session_in_db(conn: sqlite3.Connection, session_id: str, project_path: str) -> None:
+    """Create a new session record in the database."""
+    cursor = conn.cursor()
+    now = datetime.now(timezone.utc).isoformat()
+
+    # Check if sessions table exists (it might not if only activities table was created)
+    cursor.execute("SELECT name FROM sqlite_master WHERE type='table' AND name='sessions'")
+    if cursor.fetchone() is None:
+        # Create sessions table with minimal schema
+        conn.executescript("""
+            CREATE TABLE IF NOT EXISTS sessions (
+                id TEXT PRIMARY KEY,
+                project_path TEXT NOT NULL,
+                started_at TEXT NOT NULL,
+                ended_at TEXT,
+                summary TEXT,
+                tags TEXT,
+                metadata TEXT
+            );
+            CREATE INDEX IF NOT EXISTS idx_sessions_started ON sessions(started_at DESC);
+            CREATE INDEX IF NOT EXISTS idx_sessions_project ON sessions(project_path);
+        """)
+        conn.commit()
+
+    cursor.execute(
+        """
+        INSERT OR IGNORE INTO sessions (id, project_path, started_at)
+        VALUES (?, ?, ?)
+        """,
+        (session_id, project_path, now),
+    )
+    conn.commit()
+
+
+def get_or_create_session(conn: sqlite3.Connection, project_path: str) -> str:
+    """Get the current session ID, creating a new one if needed.
+
+    Session management logic:
+    1. Check for existing session file
+    2. If exists and not timed out, use it and update last_activity
+    3. If doesn't exist or timed out, create new session
+
+    Returns:
+        The session ID to use for activity logging
+    """
+    session_data = load_session_file()
+    now_iso = datetime.now(timezone.utc).isoformat()
+
+    if session_data and is_session_valid(session_data):
+        # Update last activity time
+        session_data["last_activity_at"] = now_iso
+        save_session_file(session_data)
+        return session_data["session_id"]
+
+    # Create new session
+    session_id = generate_session_id()
+
+    # Create in database
+    create_session_in_db(conn, session_id, project_path)
+
+    # Save to file
+    session_data = {
+        "session_id": session_id,
+        "project_path": project_path,
+        "started_at": now_iso,
+        "last_activity_at": now_iso,
+    }
+    save_session_file(session_data)
+
+    return session_id
+
+
+def redact_sensitive_fields(data: dict) -> dict:
+    """Redact sensitive fields from a dictionary for safe logging.
+
+    Recursively processes nested dicts and lists.
+    """
+    if not isinstance(data, dict):
+        return data
+
+    result = {}
+    for key, value in data.items():
+        # Check if key matches sensitive patterns
+        is_sensitive = any(
+            re.search(pattern, str(key))
+            for pattern in SENSITIVE_FIELD_PATTERNS
+        )
+
+        if is_sensitive:
+            result[key] = '[REDACTED]'
+        elif isinstance(value, dict):
+            result[key] = redact_sensitive_fields(value)
+        elif isinstance(value, list):
+            result[key] = [
+                redact_sensitive_fields(item) if isinstance(item, dict) else item
+                for item in value
+            ]
+        else:
+            result[key] = value
+
+    return result
+
+
+def get_db_path() -> Path:
+    """Get the database path for the current project."""
+    project_path = os.environ.get("CLAUDE_PROJECT_DIR", os.getcwd())
+    return Path(project_path) / ".omni-cortex" / "cortex.db"
+
+
+def ensure_database(db_path: Path) -> sqlite3.Connection:
+    """Ensure database exists and is initialized.
+
+    Auto-creates the database and schema if it doesn't exist.
+    This enables 'out of the box' functionality.
+    """
+    db_path.parent.mkdir(parents=True, exist_ok=True)
+    conn = sqlite3.connect(str(db_path))
+
+    # Check if schema exists
+    cursor = conn.cursor()
+    cursor.execute("SELECT name FROM sqlite_master WHERE type='table' AND name='activities'")
+    if cursor.fetchone() is None:
+        # Apply minimal schema for activities (full schema applied by MCP)
+        conn.executescript("""
+            CREATE TABLE IF NOT EXISTS activities (
+                id TEXT PRIMARY KEY,
+                session_id TEXT,
+                agent_id TEXT,
+                timestamp TEXT NOT NULL,
+                event_type TEXT NOT NULL,
+                tool_name TEXT,
+                tool_input TEXT,
+                tool_output TEXT,
+                duration_ms INTEGER,
+                success INTEGER DEFAULT 1,
+                error_message TEXT,
+                project_path TEXT,
+                file_path TEXT,
+                metadata TEXT
+            );
+            CREATE INDEX IF NOT EXISTS idx_activities_timestamp ON activities(timestamp DESC);
+            CREATE INDEX IF NOT EXISTS idx_activities_tool ON activities(tool_name);
+        """)
+        conn.commit()
+
+    return conn
+
+
+def generate_id() -> str:
+    """Generate a unique activity ID."""
+    timestamp_ms = int(datetime.now().timestamp() * 1000)
+    random_hex = os.urandom(4).hex()
+    return f"act_{timestamp_ms}_{random_hex}"
+
+
+def truncate(text: str, max_length: int = 10000) -> str:
+    """Truncate text to max length."""
+    if len(text) <= max_length:
+        return text
+    return text[:max_length - 20] + "\n... [truncated]"
+
+
+def main():
+    """Process PostToolUse hook."""
+    try:
+        # Read all input at once (more reliable than json.load on stdin)
+        raw_input = sys.stdin.read()
+        if not raw_input or not raw_input.strip():
+            print(json.dumps({}))
+            return
+
+        input_data = json.loads(raw_input)
+
+        # Extract data from hook input
+        tool_name = input_data.get("tool_name")
+        tool_input = input_data.get("tool_input", {})
+        tool_output = input_data.get("tool_output", {})
+        agent_id = input_data.get("agent_id")
+
+        # Determine success/error
+        is_error = input_data.get("is_error", False)
+        error_message = None
+        if is_error and isinstance(tool_output, dict):
+            error_message = tool_output.get("error") or tool_output.get("message")
+
+        # Skip logging our own tools to prevent recursion
+        # MCP tools are named like "mcp__omni-cortex__cortex_remember"
+        if tool_name and ("cortex_" in tool_name or "omni-cortex" in tool_name):
+            print(json.dumps({}))
+            return
+
+        project_path = os.environ.get("CLAUDE_PROJECT_DIR", os.getcwd())
+
+        # Auto-initialize database (creates if not exists)
+        db_path = get_db_path()
+        conn = ensure_database(db_path)
+
+        # Get or create session (auto-manages session lifecycle)
+        session_id = get_or_create_session(conn, project_path)
+
+        # Redact sensitive fields before logging
+        safe_input = redact_sensitive_fields(tool_input) if isinstance(tool_input, dict) else tool_input
+        safe_output = redact_sensitive_fields(tool_output) if isinstance(tool_output, dict) else tool_output
+
+        # Insert activity record
+        cursor = conn.cursor()
+        cursor.execute(
+            """
+            INSERT INTO activities (
+                id, session_id, agent_id, timestamp, event_type,
+                tool_name, tool_input, tool_output, success, error_message, project_path
+            ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+            """,
+            (
+                generate_id(),
+                session_id,
+                agent_id,
+                datetime.now(timezone.utc).isoformat(),
+                "post_tool_use",
+                tool_name,
+                truncate(json.dumps(safe_input, default=str)),
+                truncate(json.dumps(safe_output, default=str)),
+                0 if is_error else 1,
+                error_message,
+                project_path,
+            ),
+        )
+        conn.commit()
+        conn.close()
+
+        # Return empty response (no modification)
+        print(json.dumps({}))
+
+    except Exception as e:
+        # Hooks should never block - log error but continue
+        print(json.dumps({"systemMessage": f"Cortex post_tool_use: {e}"}))
+
+    sys.exit(0)
+
+
+if __name__ == "__main__":
+    main()

{omni_cortex-1.5.0 → omni_cortex-1.6.0}/hooks/pre_tool_use.py

@@ -22,10 +22,15 @@ import re
 import sys
 import os
 import sqlite3
+import time
 from datetime import datetime, timezone
 from pathlib import Path
+from typing import Optional
 
 
+# Session timeout in seconds (4 hours of inactivity = new session)
+SESSION_TIMEOUT_SECONDS = 4 * 60 * 60
+
 # Patterns for sensitive field names that should be redacted
 SENSITIVE_FIELD_PATTERNS = [
     r'(?i)(api[_-]?key|apikey)',
@@ -36,6 +41,128 @@ SENSITIVE_FIELD_PATTERNS = [
 ]
 
 
+def generate_session_id() -> str:
+    """Generate a unique session ID matching the MCP format."""
+    timestamp_ms = int(time.time() * 1000)
+    random_hex = os.urandom(4).hex()
+    return f"sess_{timestamp_ms}_{random_hex}"
+
+
+def get_session_file_path() -> Path:
+    """Get the path to the current session file."""
+    project_path = os.environ.get("CLAUDE_PROJECT_DIR", os.getcwd())
+    return Path(project_path) / ".omni-cortex" / "current_session.json"
+
+
+def load_session_file() -> Optional[dict]:
+    """Load the current session from file if it exists and is valid."""
+    session_file = get_session_file_path()
+    if not session_file.exists():
+        return None
+
+    try:
+        with open(session_file, "r") as f:
+            return json.load(f)
+    except (json.JSONDecodeError, IOError):
+        return None
+
+
+def save_session_file(session_data: dict) -> None:
+    """Save the current session to file."""
+    session_file = get_session_file_path()
+    session_file.parent.mkdir(parents=True, exist_ok=True)
+
+    with open(session_file, "w") as f:
+        json.dump(session_data, f, indent=2)
+
+
+def is_session_valid(session_data: dict) -> bool:
+    """Check if a session is still valid (not timed out)."""
+    last_activity = session_data.get("last_activity_at")
+    if not last_activity:
+        return False
+
+    try:
+        last_time = datetime.fromisoformat(last_activity.replace("Z", "+00:00"))
+        now = datetime.now(timezone.utc)
+        elapsed_seconds = (now - last_time).total_seconds()
+        return elapsed_seconds < SESSION_TIMEOUT_SECONDS
+    except (ValueError, TypeError):
+        return False
+
+
+def create_session_in_db(conn: sqlite3.Connection, session_id: str, project_path: str) -> None:
+    """Create a new session record in the database."""
+    cursor = conn.cursor()
+    now = datetime.now(timezone.utc).isoformat()
+
+    # Check if sessions table exists (it might not if only activities table was created)
+    cursor.execute("SELECT name FROM sqlite_master WHERE type='table' AND name='sessions'")
+    if cursor.fetchone() is None:
+        # Create sessions table with minimal schema
+        conn.executescript("""
+            CREATE TABLE IF NOT EXISTS sessions (
+                id TEXT PRIMARY KEY,
+                project_path TEXT NOT NULL,
+                started_at TEXT NOT NULL,
+                ended_at TEXT,
+                summary TEXT,
+                tags TEXT,
+                metadata TEXT
+            );
+            CREATE INDEX IF NOT EXISTS idx_sessions_started ON sessions(started_at DESC);
+            CREATE INDEX IF NOT EXISTS idx_sessions_project ON sessions(project_path);
+        """)
+        conn.commit()
+
+    cursor.execute(
+        """
+        INSERT OR IGNORE INTO sessions (id, project_path, started_at)
+        VALUES (?, ?, ?)
+        """,
+        (session_id, project_path, now),
+    )
+    conn.commit()
+
+
+def get_or_create_session(conn: sqlite3.Connection, project_path: str) -> str:
+    """Get the current session ID, creating a new one if needed.
+
+    Session management logic:
+    1. Check for existing session file
+    2. If exists and not timed out, use it and update last_activity
+    3. If doesn't exist or timed out, create new session
+
+    Returns:
+        The session ID to use for activity logging
+    """
+    session_data = load_session_file()
+    now_iso = datetime.now(timezone.utc).isoformat()
+
+    if session_data and is_session_valid(session_data):
+        # Update last activity time
+        session_data["last_activity_at"] = now_iso
+        save_session_file(session_data)
+        return session_data["session_id"]
+
+    # Create new session
+    session_id = generate_session_id()
+
+    # Create in database
+    create_session_in_db(conn, session_id, project_path)
+
+    # Save to file
+    session_data = {
+        "session_id": session_id,
+        "project_path": project_path,
+        "started_at": now_iso,
+        "last_activity_at": now_iso,
+    }
+    save_session_file(session_data)
+
+    return session_id
+
+
 def redact_sensitive_fields(data: dict) -> dict:
     """Redact sensitive fields from a dictionary for safe logging.
 
@@ -157,13 +284,15 @@ def main():
             print(json.dumps({}))
             return
 
-        session_id = os.environ.get("CLAUDE_SESSION_ID")
         project_path = os.environ.get("CLAUDE_PROJECT_DIR", os.getcwd())
 
         # Auto-initialize database (creates if not exists)
         db_path = get_db_path()
         conn = ensure_database(db_path)
 
+        # Get or create session (auto-manages session lifecycle)
+        session_id = get_or_create_session(conn, project_path)
+
         # Redact sensitive fields before logging
         safe_input = redact_sensitive_fields(tool_input) if isinstance(tool_input, dict) else tool_input
 

{omni_cortex-1.5.0 → omni_cortex-1.6.0}/omni_cortex/__init__.py

@@ -1,3 +1,3 @@
 """Omni Cortex MCP - Universal Memory System for Claude Code."""
 
-__version__ = "1.5.0"
+__version__ = "1.6.0"

{omni_cortex-1.5.0 → omni_cortex-1.6.0}/omni_cortex/tools/memories.py

@@ -22,7 +22,7 @@ from ..models.memory import (
 from ..models.relationship import create_relationship, get_relationships, VALID_RELATIONSHIP_TYPES
 from ..search.hybrid import search
 from ..search.ranking import calculate_relevance_score
-from ..utils.formatting import format_memory_markdown, format_memories_list_markdown
+from ..utils.formatting import format_memory_markdown, format_memories_list_markdown, detect_injection_patterns
 from ..embeddings import generate_and_store_embedding, is_model_available
 from ..config import load_config
 from ..database.sync import sync_memory_to_global, delete_memory_from_global
@@ -157,6 +157,14 @@ def register_memory_tools(mcp: FastMCP) -> None:
             project_path = str(get_project_path())
             session_id = get_session_id()
 
+            # Detect potential injection patterns in content
+            injection_warnings = detect_injection_patterns(params.content)
+            if injection_warnings:
+                import logging
+                logging.getLogger(__name__).warning(
+                    f"Memory content contains potential injection patterns: {injection_warnings}"
+                )
+
             # Create the memory
             memory_data = MemoryCreate(
                 content=params.content,
@@ -218,13 +226,16 @@ def register_memory_tools(mcp: FastMCP) -> None:
             )
 
             embedding_status = "with embedding" if has_embedding else "no embedding"
-            return (
+            result = (
                 f"Remembered: {memory.id}\n"
                 f"Type: {memory.type}\n"
                 f"Tags: {', '.join(memory.tags) if memory.tags else 'none'}\n"
                 f"Importance: {memory.importance_score:.0f}/100\n"
                 f"Search: {embedding_status}"
             )
+            if injection_warnings:
+                result += f"\n[Security Note: Content contains patterns that may be injection attempts: {', '.join(injection_warnings)}]"
+            return result
 
         except Exception as e:
             return f"Error storing memory: {e}"

{omni_cortex-1.5.0 → omni_cortex-1.6.0}/omni_cortex/utils/formatting.py

@@ -1,12 +1,45 @@
 """Output formatting utilities for Omni Cortex."""
 
 import json
+import re
+from html import escape as html_escape
 from typing import Any, Optional
 from datetime import datetime
 
 from .timestamps import format_relative_time
 
 
+def xml_escape(text: str) -> str:
+    """Escape text for safe inclusion in XML-structured outputs.
+
+    Prevents prompt injection by escaping special characters that
+    could be interpreted as XML/instruction delimiters.
+    """
+    return html_escape(text, quote=True)
+
+
+# Known prompt injection patterns
+_INJECTION_PATTERNS = [
+    (r'(?i)(ignore|disregard|forget)\s+(all\s+)?(previous|prior|above)\s+instructions?',
+     'instruction override'),
+    (r'(?i)(new\s+)?system\s+(prompt|instruction|message)',
+     'system prompt manipulation'),
+    (r'(?i)\[/?system\]|\[/?inst\]|<\/?system>|<\/?instruction>',
+     'fake delimiter'),
+    (r'(?i)bypass|jailbreak|DAN|GODMODE',
+     'jailbreak signature'),
+]
+
+
+def detect_injection_patterns(content: str) -> list[str]:
+    """Detect potential prompt injection patterns in content."""
+    detected = []
+    for pattern, description in _INJECTION_PATTERNS:
+        if re.search(pattern, content):
+            detected.append(description)
+    return detected
+
+
 def format_memory_markdown(
     memory: dict[str, Any],
     related_memories: Optional[list[dict[str, Any]]] = None,
@@ -27,9 +60,13 @@ def format_memory_markdown(
     lines.append(f"## [{mem_type}] {memory.get('id', 'unknown')}")
     lines.append("")
 
-    # Content
+    # Content - XML escape to prevent prompt injection when returned to Claude
     content = memory.get("content", "")
-    lines.append(content)
+    # Detect and flag potential injection patterns
+    injections = detect_injection_patterns(content)
+    if injections:
+        lines.append(f"[Security Note: Content contains patterns that may be injection attempts: {', '.join(injections)}]")
+    lines.append(xml_escape(content))
     lines.append("")
 
     # Metadata
@@ -43,10 +80,10 @@ def format_memory_markdown(
         if tags:
             lines.append(f"**Tags:** {', '.join(tags)}")
 
-    # Context
+    # Context - also escape
     context = memory.get("context")
     if context:
-        lines.append(f"**Context:** {context}")
+        lines.append(f"**Context:** {xml_escape(context)}")
 
     # Timestamps
     created = memory.get("created_at")
@@ -72,7 +109,7 @@ def format_memory_markdown(
         for related in related_memories[:3]:  # Limit to 3
             rel_type = related.get("relationship_type", "related_to")
             rel_id = related.get("id", "unknown")
-            rel_content = related.get("content", "")[:50]
+            rel_content = xml_escape(related.get("content", "")[:50])
             lines.append(f"  - [{rel_type}] {rel_id}: {rel_content}...")
 
     return "\n".join(lines)
@@ -189,7 +226,7 @@ def format_timeline_markdown(
         else:
             mem = item["data"]
             lines.append(f"**Memory created**: [{mem.get('type')}] {mem.get('id')}")
-            content = mem.get("content", "")[:100]
+            content = xml_escape(mem.get("content", "")[:100])
             lines.append(f"  > {content}...")
         lines.append("")
 

{omni_cortex-1.5.0 → omni_cortex-1.6.0}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "omni-cortex"
-version = "1.5.0"
+version = "1.6.0"
 description = "Give Claude Code a perfect memory - auto-logs everything, searches smartly, and gets smarter over time"
 readme = "README.md"
 license = "MIT"

omni_cortex-1.5.0/hooks/post_tool_use.py

@@ -1,160 +0,0 @@
-#!/usr/bin/env python3
-"""PostToolUse hook - logs tool result after execution.
-
-This hook is called by Claude Code after each tool completes.
-It logs the tool output, duration, and success/error status.
-
-Hook configuration for settings.json:
-{
-    "hooks": {
-        "PostToolUse": [
-            {
-                "type": "command",
-                "command": "python hooks/post_tool_use.py"
-            }
-        ]
-    }
-}
-"""
-
-import json
-import sys
-import os
-import sqlite3
-from datetime import datetime, timezone
-from pathlib import Path
-
-
-def get_db_path() -> Path:
-    """Get the database path for the current project."""
-    project_path = os.environ.get("CLAUDE_PROJECT_DIR", os.getcwd())
-    return Path(project_path) / ".omni-cortex" / "cortex.db"
-
-
-def ensure_database(db_path: Path) -> sqlite3.Connection:
-    """Ensure database exists and is initialized.
-
-    Auto-creates the database and schema if it doesn't exist.
-    This enables 'out of the box' functionality.
-    """
-    db_path.parent.mkdir(parents=True, exist_ok=True)
-    conn = sqlite3.connect(str(db_path))
-
-    # Check if schema exists
-    cursor = conn.cursor()
-    cursor.execute("SELECT name FROM sqlite_master WHERE type='table' AND name='activities'")
-    if cursor.fetchone() is None:
-        # Apply minimal schema for activities (full schema applied by MCP)
-        conn.executescript("""
-            CREATE TABLE IF NOT EXISTS activities (
-                id TEXT PRIMARY KEY,
-                session_id TEXT,
-                agent_id TEXT,
-                timestamp TEXT NOT NULL,
-                event_type TEXT NOT NULL,
-                tool_name TEXT,
-                tool_input TEXT,
-                tool_output TEXT,
-                duration_ms INTEGER,
-                success INTEGER DEFAULT 1,
-                error_message TEXT,
-                project_path TEXT,
-                file_path TEXT,
-                metadata TEXT
-            );
-            CREATE INDEX IF NOT EXISTS idx_activities_timestamp ON activities(timestamp DESC);
-            CREATE INDEX IF NOT EXISTS idx_activities_tool ON activities(tool_name);
-        """)
-        conn.commit()
-
-    return conn
-
-
-def generate_id() -> str:
-    """Generate a unique activity ID."""
-    timestamp_ms = int(datetime.now().timestamp() * 1000)
-    random_hex = os.urandom(4).hex()
-    return f"act_{timestamp_ms}_{random_hex}"
-
-
-def truncate(text: str, max_length: int = 10000) -> str:
-    """Truncate text to max length."""
-    if len(text) <= max_length:
-        return text
-    return text[:max_length - 20] + "\n... [truncated]"
-
-
-def main():
-    """Process PostToolUse hook."""
-    try:
-        # Read all input at once (more reliable than json.load on stdin)
-        raw_input = sys.stdin.read()
-        if not raw_input or not raw_input.strip():
-            print(json.dumps({}))
-            return
-
-        input_data = json.loads(raw_input)
-
-        # Extract data from hook input
-        tool_name = input_data.get("tool_name")
-        tool_input = input_data.get("tool_input", {})
-        tool_output = input_data.get("tool_output", {})
-        agent_id = input_data.get("agent_id")
-
-        # Determine success/error
-        is_error = input_data.get("is_error", False)
-        error_message = None
-        if is_error and isinstance(tool_output, dict):
-            error_message = tool_output.get("error") or tool_output.get("message")
-
-        # Skip logging our own tools to prevent recursion
-        # MCP tools are named like "mcp__omni-cortex__cortex_remember"
-        if tool_name and ("cortex_" in tool_name or "omni-cortex" in tool_name):
-            print(json.dumps({}))
-            return
-
-        session_id = os.environ.get("CLAUDE_SESSION_ID")
-        project_path = os.environ.get("CLAUDE_PROJECT_DIR", os.getcwd())
-
-        # Auto-initialize database (creates if not exists)
-        db_path = get_db_path()
-        conn = ensure_database(db_path)
-
-        # Insert activity record
-        cursor = conn.cursor()
-        cursor.execute(
-            """
-            INSERT INTO activities (
-                id, session_id, agent_id, timestamp, event_type,
-                tool_name, tool_input, tool_output, success, error_message, project_path
-            ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
-            """,
-            (
-                generate_id(),
-                session_id,
-                agent_id,
-                datetime.now(timezone.utc).isoformat(),
-                "post_tool_use",
-                tool_name,
-                truncate(json.dumps(tool_input, default=str)),
-                truncate(json.dumps(tool_output, default=str)),
-                0 if is_error else 1,
-                error_message,
-                project_path,
-            ),
-        )
-        conn.commit()
-        conn.close()
-
-        # Return empty response (no modification)
-        print(json.dumps({}))
-
-    except Exception as e:
-        # Hooks should never block - log error but continue
-        print(json.dumps({"systemMessage": f"Cortex post_tool_use: {e}"}))
-
-    sys.exit(0)
-
-
-if __name__ == "__main__":
-    main()