eidetic-memory: refresh wrappers (eidetic 0.10) + memory-discipline convention by OriNachum · Pull Request #4 · agentculture/tensor-cli

OriNachum · 2026-06-24T05:34:16Z

Added

Memory-discipline "Conventions and workflow" section in CLAUDE.md — a
per-task recall-before / remember-after convention (scope localized to this
repo's nick) so the vendored remember / recall skills are actually used,
not just present: /recall before non-trivial work to build on prior
decisions instead of re-deriving them, and /remember when a non-obvious
decision, constraint, fix-and-why, or hard-won gotcha surfaces. The section
documents this repo's memory as in-repo and public — records resolve to
<repo-root>/.eidetic/memory (committed, team- and mesh-shared). Inserted
idempotently (skipped if already present), slotted under an existing
"Conventions and workflow" heading when one exists, else appended.

Changed

Refreshed the remember + recall wrappers from eidetic-cli 0.10.0
(cite-don't-import) — picks up eidetic's project-local store default: the
files backend now resolves per record by visibility — PUBLIC records inside a
git repo go to <repo-root>/.eidetic/memory (committed, team-shared), PRIVATE
records (or any record outside a repo) go to $HOME/.eidetic/memory (never
committed), an explicit EIDETIC_DATA_DIR still wins, and recall reads both
stores and merges. Also carries the 0.9.3 hardening (interactive-stdin guard,
help as a search term, SIGPIPE-safe suffix parsing). Recipe policy
override (the wrappers here are NOT byte-verbatim): the injected default
visibility is flipped from eidetic's private to public, so a plain
/remember lands the note in ./.eidetic/memory in this repo, kept as part
of the repo — pass --visibility private to route a record to $HOME
instead. remember drives eidetic remember (idempotent upsert of one JSON
record or an NDJSON batch on stdin); recall drives eidetic recall with
four search modes (exact / approximate / keyword / hybrid). Each SKILL.md is
localized only in the illustrative --scope <nick> examples (Provenance keeps
"First-party to eidetic-cli"). Runtime dep: the eidetic CLI on PATH (else a
local eidetic-cli checkout with uv) — eidetic >= 0.10.0 for the
in-repo routing; on an older CLI the public records still work but are stored
in $HOME/.eidetic/memory instead of in-repo. Propagated by rollout-cli's
eidetic-memory recipe.

- **Memory-discipline "Conventions and workflow" section in `CLAUDE.md`** — a per-task *recall-before / remember-after* convention (scope localized to this repo's nick) so the vendored `remember` / `recall` skills are actually used, not just present: `/recall` before non-trivial work to build on prior decisions instead of re-deriving them, and `/remember` when a non-obvious decision, constraint, fix-and-why, or hard-won gotcha surfaces. The section documents this repo's memory as **in-repo and public** — records resolve to `<repo-root>/.eidetic/memory` (committed, team- and mesh-shared). Inserted idempotently (skipped if already present), slotted under an existing "Conventions and workflow" heading when one exists, else appended. ### Changed - **Refreshed the `remember` + `recall` wrappers from eidetic-cli 0.10.0** (cite-don't-import) — picks up eidetic's **project-local store default**: the files backend now resolves per record by visibility — PUBLIC records inside a git repo go to `<repo-root>/.eidetic/memory` (committed, team-shared), PRIVATE records (or any record outside a repo) go to `$HOME/.eidetic/memory` (never committed), an explicit `EIDETIC_DATA_DIR` still wins, and recall reads both stores and merges. Also carries the 0.9.3 hardening (interactive-stdin guard, `help` as a search term, SIGPIPE-safe suffix parsing). **Recipe policy override (the wrappers here are NOT byte-verbatim):** the injected default visibility is flipped from eidetic's `private` to **`public`**, so a plain `/remember` lands the note in `./.eidetic/memory` in this repo, kept as part of the repo — pass `--visibility private` to route a record to `$HOME` instead. `remember` drives `eidetic remember` (idempotent upsert of one JSON record or an NDJSON batch on stdin); `recall` drives `eidetic recall` with four search modes (exact / approximate / keyword / hybrid). Each `SKILL.md` is localized only in the illustrative `--scope <nick>` examples (Provenance keeps "First-party to eidetic-cli"). Runtime dep: the `eidetic` CLI on PATH (else a local eidetic-cli checkout with `uv`) — **`eidetic >= 0.10.0`** for the in-repo routing; on an older CLI the public records still work but are stored in `$HOME/.eidetic/memory` instead of in-repo. Propagated by rollout-cli's `eidetic-memory` recipe.

sonarqubecloud · 2026-06-24T05:34:59Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

qodo-code-review · 2026-06-24T05:35:38Z

PR Summary by Qodo

Refresh eidetic memory wrappers (0.10) and document recall/remember discipline
✨ Enhancement 📝 Documentation ⚙️ Configuration changes 🕐 20-40 Minutes

Description

• Refresh /remember and /recall wrappers for eidetic 0.10 public in-repo storage.
• Add guards/warnings: missing query, interactive stdin hang, SIGPIPE-safe suffix parsing.
• Document recall-before/remember-after workflow; bump version to 0.4.0 with changelog.

Diagram

graph TD
  agent(["Agent/Developer"]) --> remember["remember.sh"] --> cli["eidetic CLI"] --> repo["Repo .eidetic/memory"]
  agent --> recall["recall.sh"] --> cli --> repo
  cli --> home["$HOME .eidetic/memory"]
  culture["culture.yaml suffix"] --> remember
  culture --> recall

High-Level Assessment

The following are alternative approaches to this PR:

1. Keep upstream default visibility (private) and rely on explicit flags

➕ Minimizes behavioral divergence from eidetic-cli wrappers
➕ Reduces risk of unintentionally committing sensitive notes
➖ Adds ongoing friction; shared in-repo memory won’t happen unless users remember flags
➖ Conflicts with the stated goal of making recall/remember a habitual workflow

2. Make default visibility configurable (env var or repo config)

➕ Keeps current repo-friendly default while allowing teams/users to opt out easily
➕ Avoids hard-coding a policy override into vendored wrappers
➖ More surface area to document and support
➖ Adds another configuration path to debug when routing is unexpected

3. Force project-local storage via EIDETIC_DATA_DIR instead of visibility defaults

➕ Single routing switch; easy mental model for where records go
➕ Avoids changing visibility semantics
➖ Overrides eidetic’s two-store model (repo + home) and merged recall behavior
➖ Harder to keep both public (repo) and private (home) memories available concurrently

Recommendation: The PR’s approach (defaulting injected visibility to public when a repo scope is resolved, plus warnings when suffix resolution fails) best matches the stated intent: make shared, in-repo memory the path of least resistance while still allowing --visibility private. If accidental-public risk is a concern, consider a follow-up to gate the policy override behind a repo-level env var/config knob, but the current explicit warnings and opt-out flag already mitigate most footguns.

Files changed (5) +142 / -27

Enhancement (2) +74 / -26

recall.shUpdate recall wrapper for eidetic 0.10 routing and stricter CLI ergonomics +35/-13

Update recall wrapper for eidetic 0.10 routing and stricter CLI ergonomics

• Updates the store location documentation to match eidetic-cli 0.10’s repo-public vs home-private routing and merged recall reads. Tightens CLI behavior by treating empty query as an error (keeping 'help' as a valid search term), hardens culture.yaml suffix parsing against SIGPIPE under pipefail, and defaults injected visibility to public (with a warning when no suffix is resolved). Also simplifies the missing-eidetic install hint into single-line error/hint output.

.claude/skills/recall/scripts/recall.sh

remember.shUpdate remember wrapper for eidetic 0.10 routing and safer stdin/visibility defaults +39/-13

Update remember wrapper for eidetic 0.10 routing and safer stdin/visibility defaults

• Updates comments and usage text for eidetic-cli 0.10’s per-visibility routing behavior. Adds an interactive-stdin guard to prevent hanging when no record is provided, hardens suffix parsing against SIGPIPE under pipefail, and flips the injected default visibility to public when a repo scope is resolved (with a warning when suffix resolution fails and visibility is implicit). Also simplifies the missing-eidetic install hint output.

.claude/skills/remember/scripts/remember.sh

Documentation (2) +67 / -0

CHANGELOG.mdAdd 0.4.0 changelog entry for memory discipline and wrapper refresh +39/-0

Add 0.4.0 changelog entry for memory discipline and wrapper refresh

• Prepends a 0.4.0 release entry documenting the new CLAUDE.md memory-discipline section and the eidetic 0.10 wrapper refresh, including the repo-public visibility policy override.

CHANGELOG.md

CLAUDE.mdDocument recall-before/remember-after workflow and in-repo public memory policy +28/-0

Document recall-before/remember-after workflow and in-repo public memory policy

• Adds a new "Conventions and workflow" section defining a per-task convention to /recall before non-trivial work and /remember after non-obvious decisions or gotchas. Explicitly documents that this repo’s eidetic memory is intended to be committed in-repo by default (public), with '--visibility private' as the opt-out to route to the home store.

CLAUDE.md

Other (1) +1 / -1

pyproject.tomlBump project version to 0.4.0 +1/-1

Bump project version to 0.4.0
• Updates the package version from 0.3.0 to 0.4.0 to match the changelog entry.
pyproject.toml

qodo-code-review · 2026-06-24T05:37:49Z

Code Review by Qodo

🐞 Bugs (2) 📘 Rule violations (0) 📜 Skill insights (1)

Context used

✅ Compliance rules (platform): 10 rules

✅ Skills: cicd, doc-test-alignment

1. Help contradicts public default 🐞 Bug ⛨ Security

Description

In remember.sh, the usage text says records default to the agent’s PRIVATE personal scope and
suggests --visibility public to share, but when a culture.yaml suffix is resolved the wrapper
actually injects --visibility public by default. This mismatch can cause users to store sensitive
notes believing they are private, while they are written as public (and, with eidetic>=0.10 in a
repo, routed to the committed in-repo store).

Code

.claude/skills/remember/scripts/remember.sh[R62-64]

+Records default to this agent's PRIVATE personal scope (--scope from the
+culture.yaml suffix); pass --visibility public to contribute to the shared
+public pool. Every flag is forwarded verbatim to `eidetic remember`.

Evidence
The wrapper’s own help text claims a private default, but the actual argument injection path (when a
suffix is resolved) defaults visibility to public. Repo-level documentation also states the intended
default is public/in-repo, while the SKILL.md docs still describe the old private/home-dir behavior,
creating a high-risk discrepancy for users deciding what to store.
.claude/skills/remember/scripts/remember.sh[51-66]
.claude/skills/remember/scripts/remember.sh[139-158]
CLAUDE.md[162-188]
.claude/skills/remember/SKILL.md[11-20]
.claude/skills/recall/SKILL.md[12-18]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

### Issue description
`remember.sh` now defaults to `--visibility public` when it can resolve a `culture.yaml` suffix, but the wrapper’s help text (and the existing SKILL.md docs for both remember/recall) still describe a private-by-default flow and the old `~/.eidetic/memory` default store. This is especially risky because users can rely on help/docs to decide whether to store sensitive information.

### Issue Context
- Runtime behavior: when suffix resolves, wrapper injects `--visibility public` unless caller explicitly passes `--visibility`.
- Repo documentation (`CLAUDE.md`) states the intended policy is public/in-repo by default.
- SKILL.md files still describe the pre-0.10 behavior and private defaults.

### Fix Focus Areas
- .claude/skills/remember/scripts/remember.sh[51-66]
- .claude/skills/remember/scripts/remember.sh[88-104]
- .claude/skills/remember/scripts/remember.sh[139-158]
- .claude/skills/recall/scripts/recall.sh[82-99]
- .claude/skills/recall/scripts/recall.sh[134-154]
- .claude/skills/remember/SKILL.md[1-30]
- .claude/skills/remember/SKILL.md[61-100]
- .claude/skills/recall/SKILL.md[1-40]
- .claude/skills/recall/SKILL.md[114-133]

### What to change
- Update `remember.sh` usage text to state the correct default: when a suffix is resolved, the wrapper defaults to `--visibility public` (and mention `--visibility private` to keep data in `$HOME` store).
- Update the large comment blocks in both wrappers that still claim “PERSONAL, PRIVATE scope … private default”.
- Update `.claude/skills/remember/SKILL.md` and `.claude/skills/recall/SKILL.md` to reflect:
 - store routing is visibility-based (public in-repo vs private in `$HOME`) and
 - the wrapper policy override is public-by-default (conditional on suffix resolution),
 - and remove/replace the outdated `~/.eidetic/memory` claims.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

2. workflow.sh delta not noted 📜 Skill insight ≡ Correctness

Description

This PR modifies CLAUDE.md and files under .claude/skills/, which triggers the requirement to
run an alignment delta check and note any sibling follow-up needs. There is no in-repo evidence
indicating that workflow.sh delta was run or that sibling impact was documented for this change
set.

Code

CLAUDE.md[R162-188]

+## Conventions and workflow
+
+**Memory discipline — recall before, remember after.** This repo keeps its
+eidetic memory **in-repo and public**: records resolve to
+`<repo-root>/.eidetic/memory` — committed, and shared with the team and mesh
+peers (the `claude` and `colleague` backends both read the same
+`tensor-cli` scope), so memory travels with the repo, not a private
+home-dir store. Make it a per-task habit:
+
+- **`/recall` before you start.** Search the store for the area you're about
+  to touch — prior decisions, gotchas, "have we done this before?" — so you
+  build on what's already known instead of re-deriving it. Do this before
+  non-trivial tasks, not just when asked.
+- **`/remember` when something worth keeping surfaces.** A non-obvious
+  decision and its rationale, a constraint, a fix and *why* it was needed, a
+  gotcha that cost time, a fact the next session would otherwise re-learn.
+  Capture it as it happens, not at the end when it's faded.
+
+A plain `/remember` lands the note in `./.eidetic/memory` in this repo — no
+flag needed (the wrappers here default to `--visibility public`; in-repo
+routing needs `eidetic >= 0.10.0`, older CLIs keep records in `$HOME`). Keep
+something out of the committed store only by passing `--visibility private`
+(routes to `$HOME/.eidetic/memory`, never committed); `/recall` reads both
+stores and merges. Don't store what the repo already records (code structure,
+git history, what's already in this file or `CHANGELOG.md`) — store what you'd
+have to re-derive. These are the `recall`/`remember` skills (`.claude/skills/`),
+backed by the `eidetic` store.

Evidence
The checklist rule applies when CLAUDE.md or .claude/skills/* is modified. This PR includes
changes to CLAUDE.md and multiple skill wrapper scripts, so an alignment delta check should be run
and its results recorded (including any sibling follow-ups).
CLAUDE.md[162-188]
.claude/skills/recall/scripts/recall.sh[66-80]
.claude/skills/remember/scripts/remember.sh[76-86]
Skill: cicd

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
This PR changes skill/config files (`CLAUDE.md`, `.claude/skills/...`), which requires running the alignment delta check and documenting any sibling follow-up PR needs.

## Issue Context
Compliance requires that when these files change, the reviewer/author confirms they ran `workflow.sh delta` and notes any sibling repos that need syncing.

## Fix Focus Areas
- CLAUDE.md[162-188]
- .claude/skills/recall/scripts/recall.sh[66-80]
- .claude/skills/remember/scripts/remember.sh[76-86]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

3. TTY hang on flags-only 🐞 Bug ☼ Reliability

Description

remember.sh only guards the interactive-stdin hang when there are zero CLI args, but calling it
with only flags (e.g. remember.sh --json) in a TTY still falls through to eidetic remember with
no record argument and interactive stdin, which can block indefinitely. This undermines the intended
“interactive-stdin guard” hardening for a common mistake (forgetting to pipe NDJSON).

Code

.claude/skills/remember/scripts/remember.sh[R80-84]

+if [ "$#" -eq 0 ] && [ -t 0 ]; then
+    usage >&2
+    printf 'hint: pass a JSON record as an argument, or pipe NDJSON on stdin.\n' >&2
+    exit 1
+fi

Evidence

The guard only checks for the empty-argv case, but the script’s own usage supports running with
flags while reading batch NDJSON from stdin; therefore the interactive case with flags-only is
plausible and currently unguarded, leading to a likely hang waiting on stdin.

.claude/skills/remember/scripts/remember.sh[55-59]
.claude/skills/remember/scripts/remember.sh[76-84]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

### Issue description
The interactive-stdin hang guard only triggers when `$# == 0`, but `remember.sh --json` (or any flags-only call) is still “no payload” and can hang waiting on stdin when run in an interactive terminal.

### Issue Context
The usage explicitly supports a batch path where flags may be provided and records arrive on stdin. The guard should therefore detect “no JSON record positional arg provided” rather than “no argv at all”.

### Fix Focus Areas
- .claude/skills/remember/scripts/remember.sh[69-85]

### What to change
- When stdin is a TTY (`-t 0`), error out unless a non-flag positional argument (the JSON object) is present.
 - Simple heuristic: if `-t 0` and (`$# == 0` OR `$1` starts with `-`), then print usage + hint and exit 1.
 - Or more robust: scan `"$@"` for the first arg that does not start with `-`; if none exists, treat as “no record argument” and exit 1.
- Keep the current behavior for piped/redirected stdin (non-TTY), where flags-only is valid for NDJSON batch ingest.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

qodo-code-review · 2026-06-24T05:37:50Z

+Records default to this agent's PRIVATE personal scope (--scope from the
+culture.yaml suffix); pass --visibility public to contribute to the shared
+public pool. Every flag is forwarded verbatim to `eidetic remember`.


2. Help contradicts public default 🐞 Bug ⛨ Security

In remember.sh, the usage text says records default to the agent’s PRIVATE personal scope and suggests --visibility public to share, but when a culture.yaml suffix is resolved the wrapper actually injects --visibility public by default. This mismatch can cause users to store sensitive notes believing they are private, while they are written as public (and, with eidetic>=0.10 in a repo, routed to the committed in-repo store).

Agent Prompt

### Issue description `remember.sh` now defaults to `--visibility public` when it can resolve a `culture.yaml` suffix, but the wrapper’s help text (and the existing SKILL.md docs for both remember/recall) still describe a private-by-default flow and the old `~/.eidetic/memory` default store. This is especially risky because users can rely on help/docs to decide whether to store sensitive information. ### Issue Context - Runtime behavior: when suffix resolves, wrapper injects `--visibility public` unless caller explicitly passes `--visibility`. - Repo documentation (`CLAUDE.md`) states the intended policy is public/in-repo by default. - SKILL.md files still describe the pre-0.10 behavior and private defaults. ### Fix Focus Areas - .claude/skills/remember/scripts/remember.sh[51-66] - .claude/skills/remember/scripts/remember.sh[88-104] - .claude/skills/remember/scripts/remember.sh[139-158] - .claude/skills/recall/scripts/recall.sh[82-99] - .claude/skills/recall/scripts/recall.sh[134-154] - .claude/skills/remember/SKILL.md[1-30] - .claude/skills/remember/SKILL.md[61-100] - .claude/skills/recall/SKILL.md[1-40] - .claude/skills/recall/SKILL.md[114-133] ### What to change - Update `remember.sh` usage text to state the correct default: when a suffix is resolved, the wrapper defaults to `--visibility public` (and mention `--visibility private` to keep data in `$HOME` store). - Update the large comment blocks in both wrappers that still claim “PERSONAL, PRIVATE scope … private default”. - Update `.claude/skills/remember/SKILL.md` and `.claude/skills/recall/SKILL.md` to reflect: - store routing is visibility-based (public in-repo vs private in `$HOME`) and - the wrapper policy override is public-by-default (conditional on suffix resolution), - and remove/replace the outdated `~/.eidetic/memory` claims.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

OriNachum deployed to testpypi June 24, 2026 05:34 — with GitHub Actions Active

qodo-code-review Bot reviewed Jun 24, 2026

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

eidetic-memory: refresh wrappers (eidetic 0.10) + memory-discipline convention#4

eidetic-memory: refresh wrappers (eidetic 0.10) + memory-discipline convention#4
OriNachum wants to merge 1 commit into
mainfrom
rollout/eidetic-memory-0.10

OriNachum commented Jun 24, 2026

Uh oh!

sonarqubecloud Bot commented Jun 24, 2026

Uh oh!

qodo-code-review Bot commented Jun 24, 2026

Uh oh!

qodo-code-review Bot commented Jun 24, 2026

Uh oh!

qodo-code-review Bot Jun 24, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Uh oh!

Conversation

OriNachum commented Jun 24, 2026

Added

Changed

Uh oh!

sonarqubecloud Bot commented Jun 24, 2026

Quality Gate passed

Uh oh!

qodo-code-review Bot commented Jun 24, 2026

PR Summary by Qodo

Uh oh!

qodo-code-review Bot commented Jun 24, 2026

Code Review by Qodo

Uh oh!

qodo-code-review Bot Jun 24, 2026

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant