build: rebuild plugin artifacts for v13.3.0

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
chore: merge upstream v13.3.0 + keep local fixes
2026-05-24 15:16:44 +09:00 · 2026-05-24 15:15:06 +09:00 · 2026-05-21 03:26:17 -07:00 · 2026-05-21 03:25:35 -07:00 · 2026-05-21 01:48:59 -07:00 · 2026-05-21 01:48:50 -07:00
787 changed files with 86551 additions and 46083 deletions
@@ -0,0 +1,20 @@
+{
+  "name": "claude-mem-local",
+  "interface": {
+    "displayName": "claude-mem (local)"
+  },
+  "plugins": [
+    {
+      "name": "claude-mem",
+      "source": {
+        "source": "local",
+        "path": "./plugin"
+      },
+      "policy": {
+        "installation": "AVAILABLE",
+        "authentication": "ON_INSTALL"
+      },
+      "category": "Productivity"
+    }
+  ]
+}
@@ -1,136 +0,0 @@
-<claude-mem-context>
-# Recent Activity
-
-### Oct 25, 2025
-
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #2374 | 2:55 PM | ✅ | Marketplace metadata version synchronized to 4.2.11 | ~157 |
-
-### Oct 27, 2025
-
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #2757 | 1:23 AM | 🟣 | Released v4.3.3 with Configurable Session Display and First-Time Setup UX | ~391 |
-
-### Nov 4, 2025
-
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #3706 | 9:47 PM | ✅ | Marketplace Plugin Version Synchronized to 5.0.2 | ~162 |
-| #3655 | 3:43 PM | ✅ | Version bumped to 5.0.1 across project | ~354 |
-
-### Nov 5, 2025
-
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #4068 | 10:58 PM | ✅ | Committed v5.1.0 release with comprehensive release notes | ~486 |
-| #4066 | 10:57 PM | ✅ | Updated marketplace.json version to 5.1.0 | ~192 |
-| #3739 | 2:24 PM | ✅ | Updated version to 5.0.3 across project manifests | ~322 |
-
-### Nov 6, 2025
-
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #4099 | 1:13 PM | 🟣 | Theme Toggle for Light/Dark Mode | ~253 |
-| #4096 | " | ✅ | Marketplace Metadata Version Sync | ~179 |
-| #4092 | 1:12 PM | 🔵 | Marketplace Configuration for Claude-Mem Plugin | ~194 |
-| #4078 | 12:50 PM | 🔴 | Fixed PM2 ENOENT error on Windows systems | ~286 |
-| #4075 | 12:49 PM | ✅ | Marketplace plugin version synchronized to 5.1.1 | ~189 |
-
-### Nov 7, 2025
-
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #4612 | 6:33 PM | ✅ | Version Bumped to 5.2.0 Across All Package Metadata | ~359 |
-| #4598 | 6:31 PM | ✅ | PR #69 Merged: cleanup/worker Branch Integration | ~469 |
-| #4298 | 11:54 AM | 🔴 | Fixed PostToolUse Hook Schema Compliance | ~310 |
-| #4295 | 11:53 AM | ✅ | Synchronized Plugin Marketplace Version to 5.1.4 | ~188 |
-
-### Nov 8, 2025
-
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #5150 | 7:37 PM | 🟣 | Troubleshooting Skill Added to Claude-Mem Plugin | ~427 |
-| #5133 | 7:29 PM | ✅ | Version 5.2.3 Released with Build Process | ~487 |
-
-### Nov 9, 2025
-
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #5941 | 7:14 PM | ✅ | Marketplace Version Updated to 5.4.0 | ~157 |
-
-### Nov 10, 2025
-
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #6341 | 1:49 PM | ✅ | Version Bumped to 5.4.1 | ~239 |
-
-### Nov 11, 2025
-
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #6602 | 1:51 PM | ✅ | Version 5.4.5 Released to GitHub | ~279 |
-| #6601 | " | ✅ | Version Patch Bump 5.4.4 to 5.4.5 | ~233 |
-
-### Nov 14, 2025
-
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #8212 | 3:06 PM | 🔵 | Version Consistency Verification Across Multiple Configuration Files | ~238 |
-
-### Nov 25, 2025
-
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #14882 | 1:32 PM | 🔵 | Marketplace Configuration Defines Plugin Version and Source Directory | ~366 |
-
-### Nov 30, 2025
-
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #18064 | 10:52 PM | ✅ | Bumped version to 6.3.7 in marketplace.json | ~179 |
-| #18060 | 10:51 PM | 🔵 | Read marketplace.json plugin manifest | ~190 |
-
-### Dec 1, 2025
-
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #18428 | 3:33 PM | 🔵 | Version Conflict in Marketplace Configuration | ~191 |
-
-### Dec 4, 2025
-
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #20049 | 3:23 PM | ✅ | Updated marketplace.json version to 6.5.2 | ~203 |
-
-### Dec 9, 2025
-
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #22559 | 1:08 AM | ✅ | Version 7.0.3 committed to repository | ~261 |
-| #22551 | 1:07 AM | ✅ | Marketplace metadata updated to version 7.0.3 | ~179 |
-
-### Dec 10, 2025
-
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #23440 | 2:25 PM | ✅ | Marketplace Configuration Updated to 7.0.8 | ~188 |
-
-### Dec 14, 2025
-
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #26799 | 11:39 PM | ✅ | Marketplace Manifest Version Updated to 7.2.3 | ~248 |
-| #26796 | " | ✅ | Version Bumped to 7.2.3 in marketplace.json | ~259 |
-| #26792 | 11:38 PM | 🔵 | Current Version Confirmed as 7.2.2 Across All Configuration Files | ~291 |
-
-### Dec 16, 2025
-
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #28306 | 10:08 PM | 🔵 | Marketplace Configuration Also Shows Version 7.3.3 | ~220 |
-| #27555 | 4:48 PM | ✅ | Version bump committed to main branch | ~242 |
-| #27553 | " | ✅ | Version consistency verified across all configuration files | ~195 |
-| #27551 | 4:47 PM | ✅ | Marketplace.json version updated to 7.3.1 | ~207 |
-</claude-mem-context>
@@ -10,7 +10,7 @@
  "plugins": [
    {
      "name": "claude-mem",
-      "version": "12.1.2",
+      "version": "13.3.0",
      "source": "./plugin",
      "description": "Persistent memory system for Claude Code - context compression across sessions"
    }
@@ -1,12 +1,12 @@
 {
  "name": "claude-mem",
-  "version": "12.1.1",
+  "version": "13.3.0",
  "description": "Memory compression system for Claude Code - persist context across sessions",
  "author": {
    "name": "Alex Newman"
  },
  "repository": "https://github.com/thedotmack/claude-mem",
-  "license": "AGPL-3.0",
+  "license": "Apache-2.0",
  "keywords": [
    "claude",
    "claude-code",
@@ -1 +0,0 @@
-{"sessionId":"6a00de6e-282e-4cd8-98ec-b5afb73c468d","pid":50072,"acquiredAt":1775678989779}
@@ -1,29 +0,0 @@
-# Project-Level Skills
-
-This directory contains skills **for developing and maintaining the claude-mem project itself**, not skills that are released as part of the plugin.
-
-## Distinction
-
-**Project Skills** (`.claude/skills/`):
- Used by developers working on claude-mem
- Not included in the plugin distribution
- Project-specific workflows (version bumps, release management, etc.)
- Not synced to `~/.claude/plugins/marketplaces/thedotmack/`
-
-**Plugin Skills** (`plugin/skills/`):
- Released as part of the claude-mem plugin
- Available to all users who install the plugin
- General-purpose memory search functionality
- Synced to user installations via `npm run sync-marketplace`
-
-## Skills in This Directory
-
-### version-bump
-Manages semantic versioning for the claude-mem project itself. Handles updating all three version files (package.json, marketplace.json, plugin.json), creating git tags, and GitHub releases.
-
-**Usage**: Only for claude-mem maintainers releasing new versions.
-
-## Adding New Skills
-
-**For claude-mem development** → Add to `.claude/skills/`
-**For end users** → Add to `plugin/skills/` (gets distributed with plugin)
@@ -1,6 +1,6 @@
 {
  "name": "claude-mem",
-  "version": "12.1.1",
+  "version": "13.3.0",
  "description": "Memory compression system for Claude Code - persist context across sessions",
  "author": {
    "name": "Alex Newman",
@@ -8,7 +8,7 @@
  },
  "homepage": "https://github.com/thedotmack/claude-mem#readme",
  "repository": "https://github.com/thedotmack/claude-mem",
-  "license": "AGPL-3.0",
+  "license": "Apache-2.0",
  "keywords": [
    "claude",
    "claude-code",
@@ -22,6 +22,9 @@
    "typescript",
    "nodejs"
  ],
+  "skills": "./plugin/skills/",
+  "mcpServers": "./plugin/.mcp.json",
+  "hooks": "./plugin/hooks/codex-hooks.json",
  "interface": {
    "displayName": "claude-mem",
    "shortDescription": "Persistent memory and context compression across coding sessions.",
@@ -0,0 +1,7 @@
+node_modules/
+.git/
+logs/
+evals/swebench/runs/
+.docker-claude-mem-data/
+.venv
+.venv-*
@@ -1,14 +1,8 @@
-# Normalize all text files to LF on commit and checkout.
-# This prevents CRLF shebang lines in bundled scripts from breaking
-# the MCP server on macOS/Linux when built on Windows. Fixes #1342.
 * text=auto eol=lf

-# Compiled plugin scripts must always be LF — CRLF in the shebang
-# causes "env: node\r: No such file or directory" on non-Windows hosts.
 plugin/scripts/*.cjs eol=lf
 plugin/scripts/*.js  eol=lf

-# Explicitly mark binary assets so git never modifies them.
 *.png  binary
 *.jpg  binary
 *.jpeg binary
@@ -1,57 +0,0 @@
-name: Claude Code Review
-
-on:
-  pull_request:
-    types: [opened, synchronize]
-    # Optional: Only run on specific file changes
-    # paths:
-    #   - "src/**/*.ts"
-    #   - "src/**/*.tsx"
-    #   - "src/**/*.js"
-    #   - "src/**/*.jsx"
-
-jobs:
-  claude-review:
-    # Optional: Filter by PR author
-    # if: |
-    #   github.event.pull_request.user.login == 'external-contributor' ||
-    #   github.event.pull_request.user.login == 'new-developer' ||
-    #   github.event.pull_request.author_association == 'FIRST_TIME_CONTRIBUTOR'
-
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      pull-requests: read
-      issues: read
-      id-token: write
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v6
-        with:
-          fetch-depth: 1
-
-      - name: Run Claude Code Review
-        id: claude-review
-        uses: anthropics/claude-code-action@v1
-        with:
-          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
-          prompt: |
-            REPO: ${{ github.repository }}
-            PR NUMBER: ${{ github.event.pull_request.number }}
-
-            Please review this pull request and provide feedback on:
-            - Code quality and best practices
-            - Potential bugs or issues
-            - Performance considerations
-            - Security concerns
-            - Test coverage
-
-            Use the repository's CLAUDE.md for guidance on style and conventions. Be constructive and helpful in your feedback.
-
-            Use `gh pr comment` with your Bash tool to leave your review as a comment on the PR.
-
-          # See https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md
-          # or https://docs.claude.com/en/docs/claude-code/cli-reference for available options
-          claude_args: '--allowed-tools "Bash(gh issue view:*),Bash(gh search:*),Bash(gh issue list:*),Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*),Bash(gh pr list:*)"'
-
@@ -23,7 +23,7 @@ jobs:
      pull-requests: read
      issues: read
      id-token: write
-      actions: read # Required for Claude to read CI results on PRs
+      actions: read
    steps:
      - name: Checkout repository
        uses: actions/checkout@v6
@@ -36,15 +36,6 @@ jobs:
        with:
          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}

-          # This is an optional setting that allows Claude to read CI results on PRs
          additional_permissions: |
            actions: read

-          # Optional: Give a custom prompt to Claude. If this is not specified, Claude will perform the instructions specified in the comment that tagged it.
-          # prompt: 'Update the pull request description to include a summary of changes.'
-
-          # Optional: Add claude_args to customize behavior and configuration
-          # See https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md
-          # or https://docs.claude.com/en/docs/claude-code/cli-reference for available options
-          # claude_args: '--allowed-tools Bash(gh pr:*)'
-
@@ -13,7 +13,6 @@ on:
 jobs:
  convert:
    runs-on: ubuntu-latest
-    # Only run on labeled event if the label is 'feature-request', or always run on workflow_dispatch
    if: |
      (github.event_name == 'issues' && github.event.label.name == 'feature-request') ||
      github.event_name == 'workflow_dispatch'
@@ -0,0 +1,34 @@
+name: Windows
+
+on:
+  pull_request:
+    paths:
+      - 'src/**'
+      - 'plugin/scripts/**'
+      - 'package.json'
+      - 'bunfig.toml'
+      - '.github/workflows/windows.yml'
+  push:
+    branches: [main]
+
+jobs:
+  build:
+    runs-on: windows-latest
+    timeout-minutes: 25
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-node@v4
+        with:
+          node-version: '22'
+
+      - name: Install Bun (worker runtime)
+        run: |
+          irm bun.sh/install.ps1 | iex
+        shell: pwsh
+
+      - run: npm install --no-audit --no-fund
+
+      # Build only — the build-and-sync script also runs marketplace sync + worker
+      # restart from a hardcoded ~/.claude/plugins path that doesn't exist on CI.
+      - run: npm run build
@@ -21,20 +21,31 @@ bun.lock
 private/
 Auto Run Docs/

-# Generated UI files (built from viewer-template.html)
 src/ui/viewer.html

-# Local MCP server config (for development only)
 .mcp.json
 .cursor/

-# Ignore WebStorm project files (for dinosaur IDE users)
 .idea/

 .claude-octopus/
 .claude/session-intent.md
 .claude/session-plan.md
+.claude/scheduled_tasks.lock
 .octo/

-# Local contribution analysis (not part of upstream)
-CONTRIB_NOTES.md
+plugin/.cli-installed
+
+plugin/scripts/claude-mem
+
+CONTRIB_NOTES.md
+
+.docker-claude-mem-data/
+
+evals/swebench/runs/
+claude-opus-4-7+claude-mem.*.json
+logs/run_evaluation/
+.venv-swebench/
+.docker-blowout-data/
+.scratch/
+docker/install-test/
@@ -1,3 +0,0 @@
-{
-  "mcpServers": {}
-}
@@ -1,4 +1,3 @@
-# Source code (dist/ and plugin/ are the shipped artifacts)
 src/
 scripts/
 tests/
@@ -7,14 +6,12 @@ datasets/
 private/
 antipattern-czar/

-# Heavy binaries installed at runtime via smart-install.js
 plugin/node_modules/
 plugin/scripts/claude-mem
 plugin/bun.lock
 plugin/data/
 plugin/data.backup/

-# Development files
 *.ts
 !*.d.ts
 tsconfig*.json
@@ -24,7 +21,6 @@ tsconfig*.json
 jest.config*
 vitest.config*

-# Git and CI
 .git/
 .github/
 .gitignore
@@ -33,14 +29,12 @@ vitest.config*
 .mcp.json
 .plan/

-# OS files
 .DS_Store
 *.log
 *.tmp
 *.temp
 Thumbs.db

-# Misc
 Auto Run Docs/
 ~*/
 http*/
@@ -0,0 +1,100 @@
+# Issue 2341 Reliability Slice Plan
+
+Scope: first PR from the consolidated issue triage. This PR should not try to
+solve the full backlog. It should remove a few high-confidence paper cuts from
+the first two buckets: install/startup contract and DB/export contract.
+
+## Phase 0: Documentation Discovery
+
+Allowed APIs and patterns:
+
+- Install marker helpers live in `src/npx-cli/install/setup-runtime.ts`.
+  Existing tests are in `tests/setup-runtime.test.ts`.
+- Runtime startup warning logic lives in `plugin/scripts/version-check.js`.
+  It currently resolves the plugin root from `CLAUDE_PLUGIN_ROOT`, then from the
+  script directory.
+- Export script reads worker settings via `SettingsDefaultsManager.loadFromFile`.
+  Worker settings must respect `CLAUDE_MEM_DATA_DIR`, because shared path helpers
+  and settings defaults already expose that environment override.
+- `/api/sdk-sessions/batch` is registered in
+  `src/services/worker/http/routes/DataRoutes.ts` and expects
+  `memorySessionIds`. Existing coercion tests are in
+  `tests/worker/http/routes/data-routes-coercion.test.ts`.
+- Current `PendingMessageStore` writes and reads `tool_use_id`, but no longer
+  reads `worker_pid`, `retry_count`, `failed_at_epoch`, or
+  `completed_at_epoch`. Current schema guardrails should match code that runs
+  today, not old migration intent.
+
+Anti-pattern guards:
+
+- Do not reintroduce `worker_pid` in `pending_messages` unless the current claim
+  query starts using it again.
+- Do not rely only on `schema_versions` for columns that current SQL references.
+- Do not add another install marker format. Read both legacy plain text and the
+  current JSON format, but keep writing the JSON marker.
+- Do not make `export-memories.ts` fall back to `~/.claude-mem` when
+  `CLAUDE_MEM_DATA_DIR` is set.
+
+## Phase 1: Install Marker Compatibility
+
+What to implement:
+
+- Teach `readInstallMarker()` to parse legacy plain-text marker files that only
+  contain a version string.
+- Teach `plugin/scripts/version-check.js` to accept the same legacy marker shape.
+- Keep `writeInstallMarker()` unchanged so new installs write the canonical JSON
+  schema.
+
+Verification:
+
+- Add `tests/setup-runtime.test.ts` coverage for a plain-text `.install-version`.
+- Add a focused test for `plugin/scripts/version-check.js` behavior, or extend an
+  existing plugin script test if one exists.
+- Run `bun test tests/setup-runtime.test.ts`.
+
+## Phase 2: Export Script Contract Repair
+
+What to implement:
+
+- Update `scripts/export-memories.ts` to load settings from
+  `CLAUDE_MEM_DATA_DIR/settings.json` instead of always using
+  `~/.claude-mem/settings.json`.
+- Change the `/api/sdk-sessions/batch` request body from `sdkSessionIds` to
+  `memorySessionIds`.
+- Optionally allow `DataRoutes` to accept the legacy `sdkSessionIds` alias as a
+  compatibility bridge, but prefer the canonical field in scripts.
+
+Verification:
+
+- Add or update tests around the SDK-session batch route alias/coercion.
+- Add a script-level test if practical; otherwise verify by grep that
+  `scripts/export-memories.ts` no longer sends `sdkSessionIds` and no longer
+  hardcodes `homedir(), '.claude-mem'`.
+- Run the focused route/export tests.
+
+## Phase 3: Current Pending Queue Shape Guardrails
+
+What to implement:
+
+- Add a regression test that initializes a DB whose `schema_versions` claims old
+  pending-message migrations are applied while `pending_messages.tool_use_id` is
+  missing. Constructing `SessionStore` should still add the missing column
+  because current enqueue SQL requires it.
+- Add a regression test asserting the current fresh DB shape does not require
+  `worker_pid`, since the current claim query does not use it.
+- If tests expose a real source/schema mismatch, update docs/schema comments to
+  match current code rather than reintroducing unused columns.
+
+Verification:
+
+- Run focused sqlite tests for `SessionStore` / `PendingMessageStore`.
+- Grep for live `worker_pid` reads in TypeScript before deciding whether it is
+  still a required current column.
+
+## Final Verification
+
+- Run focused tests changed by this PR.
+- Run `npm run typecheck:root` if dependencies are available.
+- Run `git diff --check`.
+- Open a non-draft PR against the upstream default branch.
+- Do not merge, release, or ship without explicit user approval.
@@ -0,0 +1,315 @@
+# Plan: Disable Summaries for Subagents + Label Subagent Observations
+
+## Goal
+
+1. **Disable summaries for subagents** — prevent any summary generation path (hook → worker → SDK agent) from firing for events originating in a Claude Code subagent.
+2. **Label observations from subagents** — tag every observation with the subagent identity (agent_id + agent_type) so downstream queries can distinguish main-session work from subagent work.
+
+## Phase 0 — Documentation Discovery (COMPLETE)
+
+### Claude Code hook payload fields (source: https://code.claude.com/docs/en/hooks.md)
+
+- `agent_id` — present **only** when the hook fires inside a subagent invocation (e.g., `"agent-def456"`). Absent in the main session.
+- `agent_type` — the subagent identifier (built-in like `"Bash"`, `"Explore"`, `"Plan"`, or a custom agent name). Present in subagents **and** when `--agent` flag is used.
+- `session_id` — shared across main and subagents in the same session. Cannot distinguish contexts on its own.
+- `transcript_path` — shared session transcript. Not a reliable discriminator.
+- `SubagentStop` — dedicated event that fires when a subagent finishes. Currently **NOT registered** in `plugin/hooks/hooks.json`.
+- `Stop` — fires for the main Claude agent (not subagents). Currently registered → wired to `summarize` handler.
+
+**Discriminator for subagent context**: presence of `agent_id` OR `agent_type` in the hook stdin JSON.
+
+### Current claude-mem architecture (grepped + read)
+
+- `src/cli/types.ts:1-15` — `NormalizedHookInput` lacks `agentId` / `agentType`.
+- `src/cli/adapters/claude-code.ts:5-17` — Claude Code adapter does NOT extract `agent_id` / `agent_type`.
+- `src/cli/handlers/summarize.ts:27-143` — Stop-hook handler posts to `/api/sessions/summarize` without guarding on subagent context.
+- `src/cli/handlers/observation.ts:51-62` — PostToolUse handler POSTs observation body without subagent fields.
+- `src/services/worker/http/routes/SessionRoutes.ts:555-646` — `handleObservationsByClaudeId` destructures only `{ contentSessionId, tool_name, tool_input, tool_response, cwd }`; `queueObservation` call at line 620 has no subagent field.
+- `src/services/sqlite/observations/store.ts:75-80` — `INSERT INTO observations` column list has no `agent_type` / `agent_id`.
+- `src/services/sqlite/migrations.ts:578-588` — migrations array ends with `migration009` (version 26). Next migration slot is `migration010` (version 27).
+- `src/utils/logger.ts:195-203` — already reads `input.subagent_type` for formatting Task tool invocations (reference pattern, no downstream storage).
+
+### Allowed APIs / patterns to copy
+
+- **Adapter metadata extension pattern**: `src/cli/adapters/gemini-cli.ts:77-96` already collects platform-specific metadata into `metadata` and returns it on `NormalizedHookInput`. Copy this pattern.
+- **Migration pattern**: `src/services/sqlite/migrations.ts:556-573` (migration009) is a copy-ready template for conditional `ALTER TABLE ADD COLUMN` additions.
+- **Observation INSERT column extension pattern**: `src/services/sqlite/observations/store.ts:75-98` — add `agent_type`, `agent_id` to the column list and to `stmt.run(...)` bindings.
+
+### Anti-patterns to avoid
+
+- Do NOT assume `agent_id` is present on the main session — it is undefined there. Treat presence as the discriminator.
+- Do NOT register SubagentStop as a new hook in `hooks.json` just to "disable" summaries — defensively short-circuiting in the handler is simpler and covers both current and future Claude Code versions where Stop might fire in subagent contexts.
+- Do NOT rely on `session_id` to distinguish — it is shared.
+- Do NOT invent a `parent_tool_use_id` field in hook input. The Claude Code docs do not expose parent tool use ID on hook payloads. Only use `agent_id` + `agent_type`.
+- Do NOT break the existing observation hash-dedup logic in `store.ts:19-28` — leave the hash inputs as-is.
+
+---
+
+## Phase 1 — Extend hook input surface to carry subagent fields
+
+**What to implement** (COPY pattern from gemini-cli adapter metadata handling):
+
+1. Edit `src/cli/types.ts:1-15` — add two optional fields to `NormalizedHookInput`:
+   ```ts
+   agentId?: string;      // Claude Code subagent agent_id (undefined in main session)
+   agentType?: string;    // Claude Code subagent agent_type (undefined in main session)
+   ```
+
+2. Edit `src/cli/adapters/claude-code.ts:5-17` — in `normalizeInput`, extract `r.agent_id` and `r.agent_type`:
+   ```ts
+   return {
+     sessionId: r.session_id ?? r.id ?? r.sessionId,
+     cwd: r.cwd ?? process.cwd(),
+     prompt: r.prompt,
+     toolName: r.tool_name,
+     toolInput: r.tool_input,
+     toolResponse: r.tool_response,
+     transcriptPath: r.transcript_path,
+     agentId: typeof r.agent_id === 'string' ? r.agent_id : undefined,
+     agentType: typeof r.agent_type === 'string' ? r.agent_type : undefined,
+   };
+   ```
+
+3. Edit `src/cli/adapters/gemini-cli.ts:88-97` — return matching `undefined` defaults so the interface contract is consistent across adapters. (No behavior change; just explicit `agentId: undefined, agentType: undefined` on the return object, or rely on the optional-field default by leaving it out. Leave it out — TypeScript optional is fine.)
+
+**Documentation references**: Claude Code hooks docs section "Subagent Identification Fields"; gemini-cli adapter metadata pattern at `src/cli/adapters/gemini-cli.ts:77-96`.
+
+**Verification checklist**:
+- `grep -n "agentId" src/cli/types.ts` → finds the new field.
+- `grep -n "agent_id" src/cli/adapters/claude-code.ts` → finds the extraction.
+- `npm run build` succeeds.
+
+**Anti-pattern guards**:
+- Do NOT rename `agent_id` / `agent_type` snake_case raw fields. Camel-case only in `NormalizedHookInput`.
+- Do NOT default to a sentinel string like `"main"`; leave undefined when absent.
+
+---
+
+## Phase 2 — Short-circuit summary generation in subagent context
+
+**What to implement**:
+
+1. Edit `src/cli/handlers/summarize.ts:27-36`, immediately after the worker-ready check (line 34) and before any processing:
+   ```ts
+   // Skip summaries in subagent context — subagents do not own the session summary.
+   // Main Stop hook owns it; SubagentStop (if ever registered) must no-op.
+   if (input.agentId || input.agentType) {
+     logger.debug('HOOK', 'Skipping summary: subagent context detected', {
+       sessionId: input.sessionId,
+       agentId: input.agentId,
+       agentType: input.agentType
+     });
+     return { continue: true, suppressOutput: true, exitCode: HOOK_EXIT_CODES.SUCCESS };
+   }
+   ```
+
+2. (Safety) Edit `src/services/worker/http/routes/SessionRoutes.ts` in `handleSummarizeByClaudeId` (around line 655-692): add a defensive guard that rejects the summarize request if the body includes `agentId` or `agentType`. Return `{ status: 'skipped', reason: 'subagent_context' }`. This is belt-and-suspenders in case any caller bypasses the hook layer.
+
+3. Extend the `/api/sessions/summarize` body in `src/cli/handlers/summarize.ts:73-82` to include `agentId` and `agentType` (passthrough) so the worker can make the same decision independently. Only pass fields when defined:
+   ```ts
+   body: JSON.stringify({
+     contentSessionId: sessionId,
+     last_assistant_message: lastAssistantMessage,
+     platformSource,
+     ...(input.agentId ? { agentId: input.agentId } : {}),
+     ...(input.agentType ? { agentType: input.agentType } : {}),
+   }),
+   ```
+
+**Documentation references**: summarize.ts handler flow at `src/cli/handlers/summarize.ts:27-143`; summarize route at `src/services/worker/http/routes/SessionRoutes.ts:655-692`.
+
+**Verification checklist**:
+- Unit test or manual dispatch with a payload containing `agent_id: "agent-abc"` → summarize handler returns before calling `/api/sessions/summarize`.
+- `grep -n "subagent" src/cli/handlers/summarize.ts` → finds the new guard.
+- `grep -n "subagent_context\|agentId" src/services/worker/http/routes/SessionRoutes.ts` → finds the server-side guard.
+
+**Anti-pattern guards**:
+- Do NOT also short-circuit in `session-complete` or `context` handlers — the session's main Stop still cleans up.
+- Do NOT log at info level (spammy); `logger.debug` only.
+
+---
+
+## Phase 3 — Database schema migration for subagent labels on observations
+
+**What to implement** (COPY migration009 pattern from `src/services/sqlite/migrations.ts:556-573`):
+
+1. Append a new migration to `src/services/sqlite/migrations.ts` right after `migration009` (before the `migrations` array at line 578):
+   ```ts
+   export const migration010: Migration = {
+     version: 27,
+     up: (db: Database) => {
+       const columns = db.prepare('PRAGMA table_info(observations)').all() as any[];
+       const hasAgentType = columns.some((c: any) => c.name === 'agent_type');
+       const hasAgentId = columns.some((c: any) => c.name === 'agent_id');
+       if (!hasAgentType) {
+         db.run('ALTER TABLE observations ADD COLUMN agent_type TEXT');
+       }
+       if (!hasAgentId) {
+         db.run('ALTER TABLE observations ADD COLUMN agent_id TEXT');
+       }
+       db.run('CREATE INDEX IF NOT EXISTS idx_observations_agent_type ON observations(agent_type)');
+       console.log('[migration010] Added agent_type, agent_id columns to observations');
+     },
+     down: (_db: Database) => {
+       // SQLite DROP COLUMN not fully supported; no-op
+     }
+   };
+   ```
+
+2. Add `migration010` to the `migrations` array at `src/services/sqlite/migrations.ts:578-588`.
+
+3. Check `src/services/sqlite/migrations/runner.ts` to see if there's a parallel registration site; if so, mirror the addition there. (Investigation step — if `runner.ts` replicates migration definitions, extend it the same way. Otherwise, importing `migrations` from `migrations.ts` is sufficient.)
+
+**Documentation references**: migration007 and migration009 at `src/services/sqlite/migrations.ts:491-509` and `556-573` as copy-ready templates.
+
+**Verification checklist**:
+- Run worker; check logs for `[migration010]`.
+- `sqlite3 ~/.claude-mem/claude-mem.db "PRAGMA table_info(observations);"` → shows `agent_type` and `agent_id` columns.
+- `sqlite3 ~/.claude-mem/claude-mem.db ".indexes observations"` → shows `idx_observations_agent_type`.
+
+**Anti-pattern guards**:
+- Do NOT drop or rename existing columns.
+- Do NOT set NOT NULL constraints — main-session rows have NULL for these.
+- Do NOT pick a version number that's already used (26 is migration009; use 27).
+
+---
+
+## Phase 4 — Thread subagent fields through hook → worker → SDK → DB
+
+**What to implement**:
+
+### 4a — Hook PostToolUse handler sends fields
+
+Edit `src/cli/handlers/observation.ts:51-62`:
+```ts
+const response = await workerHttpRequest('/api/sessions/observations', {
+  method: 'POST',
+  headers: { 'Content-Type': 'application/json' },
+  body: JSON.stringify({
+    contentSessionId: sessionId,
+    platformSource,
+    tool_name: toolName,
+    tool_input: toolInput,
+    tool_response: toolResponse,
+    cwd,
+    ...(input.agentId ? { agentId: input.agentId } : {}),
+    ...(input.agentType ? { agentType: input.agentType } : {}),
+  })
+});
+```
+
+### 4b — Worker observations route receives and forwards
+
+Edit `src/services/worker/http/routes/SessionRoutes.ts:555-646`:
+- Destructure: `const { contentSessionId, tool_name, tool_input, tool_response, cwd, agentId, agentType } = req.body;`
+- Pass to `queueObservation` at line 620:
+  ```ts
+  this.sessionManager.queueObservation(sessionDbId, {
+    tool_name,
+    tool_input: cleanedToolInput,
+    tool_response: cleanedToolResponse,
+    prompt_number: promptNumber,
+    cwd: cwd || ...,
+    agentId: typeof agentId === 'string' ? agentId : undefined,
+    agentType: typeof agentType === 'string' ? agentType : undefined,
+  });
+  ```
+
+### 4c — queueObservation type extension
+
+Investigation: find the `queueObservation` signature in the session manager (likely `src/services/session/` or similar). Add optional `agentId?: string; agentType?: string;` to the payload type. These must ride through to the SDK agent's observation context so they land in `storeObservation()`.
+
+### 4d — Observation input type + store.ts extension
+
+- Edit `src/services/sqlite/observations/types.ts:10-19` — add:
+  ```ts
+  agent_type?: string | null;
+  agent_id?: string | null;
+  ```
+- Edit `src/services/sqlite/observations/store.ts:75-98`:
+  - Column list: add `, agent_type, agent_id` before `content_hash`.
+  - Placeholders: add `, ?, ?`.
+  - Bindings: add `observation.agent_type ?? null, observation.agent_id ?? null`.
+- Verify there are no other `INSERT INTO observations` sites that need updating. Sites already located (to re-check):
+  - `src/services/sqlite/SessionStore.ts:1755` / `1890` / `2022` / `2623` — each needs the same two columns added. If these are separate insertion paths, extend all of them; pass `null` for fields not available in that path.
+
+### 4e — SDK agent observation parser forwards fields
+
+The SDK agent parses `<observation>` XML into an `ObservationInput` and calls `storeObservation`. The tool_input passed in must carry `agentId`/`agentType` through to here so the row gets labeled. Investigation step: find where `storeObservation()` is called with an `ObservationInput` built from the queued observation, and inject `agent_type`/`agent_id` from the queue item's subagent fields onto the `ObservationInput`. Location likely in `src/services/sdk/` or adjacent.
+
+**Documentation references**:
+- observation handler at `src/cli/handlers/observation.ts:51-62`
+- SessionRoutes observations endpoint at `src/services/worker/http/routes/SessionRoutes.ts:555-646`
+- storeObservation at `src/services/sqlite/observations/store.ts:75-98`
+- Existing observation INSERT sites at `src/services/sqlite/SessionStore.ts:1755, 1890, 2022, 2623` (audit required)
+
+**Verification checklist**:
+- `grep -rn "agent_type\|agentType" src/` → shows fields threaded through every layer.
+- Simulate a Task subagent PostToolUse payload → observation row has non-null `agent_type`.
+- Main-session PostToolUse → observation row has NULL `agent_type` (existing behavior preserved).
+- No existing test suite breaks: `npm test` passes.
+
+**Anti-pattern guards**:
+- Do NOT include `agent_type` / `agent_id` in the content-hash computation (`src/services/sqlite/observations/store.ts:19-28`). The hash identity must remain stable for dedup.
+- Do NOT add fields to the FTS5 `observations_fts` virtual table — not searchable text.
+- Do NOT backfill — leave existing rows NULL.
+
+---
+
+## Phase 5 — Tests and verification
+
+**What to implement**:
+
+1. Add a unit test at `tests/cli/handlers/summarize-subagent-skip.test.ts` verifying:
+   - When `input.agentId` is set, handler returns early with `exitCode: SUCCESS` and does NOT call `workerHttpRequest`.
+   - When `input.agentType` is set, same behavior.
+   - When both are undefined, handler proceeds (mock worker response).
+
+2. Add a unit test at `tests/cli/adapters/claude-code-subagent.test.ts` verifying:
+   - `normalizeInput({ agent_id: "agent-abc", agent_type: "Explore" })` returns `{ agentId: "agent-abc", agentType: "Explore" }`.
+   - `normalizeInput({})` returns `agentId: undefined, agentType: undefined`.
+
+3. Add a unit test at `tests/services/sqlite/observations/store-subagent-label.test.ts` verifying:
+   - `storeObservation` with `agent_type: "Explore"` inserts row with `agent_type = "Explore"`.
+   - Omitted `agent_type` → NULL in DB.
+   - Content-hash dedup still works (two observations with same title/narrative but different `agent_type` should still collide on dedup — verify expected behavior; update test if product intent differs).
+
+4. Manual integration check: start worker, simulate a hook payload with `agent_id`/`agent_type`, observe observation row in DB.
+
+**Verification checklist**:
+- `npm test` passes.
+- `npm run build` succeeds.
+- Database inspection shows expected rows.
+
+**Anti-pattern guards**:
+- Do NOT mock the entire storeObservation — use a real in-memory Bun SQLite DB if existing tests do.
+- Do NOT add integration tests that require a running worker unless the suite already does.
+
+---
+
+## Phase 6 — Build + autonomous execution pipeline
+
+After Phases 1-5 land and pass verification:
+
+1. **Build**: `npm run build-and-sync`.
+2. **Commit**: a single commit titled `feat: disable subagent summaries and label subagent observations` with co-author footer.
+3. **Push branch**: push current worktree branch `trail-guarantee` (or a new feature branch — confirm with `git status`). Create PR via `gh pr create` with summary of both features.
+4. **Run `/loop 5m`** to continuously re-check PR review comments: as each CodeRabbit/Greptile/human comment arrives, address it in a new commit, push, and re-check. Exit loop only when all actionable review comments are resolved and status checks pass.
+5. **Merge to main** via `gh pr merge --squash --auto` (or `--merge` per repo convention — inspect `.github/` first).
+6. **Version bump**: `cd ~/Scripts/claude-mem/` and run `/version-bump`.
+
+**Anti-pattern guards for this phase**:
+- Do NOT force-push to main.
+- Do NOT skip hooks (`--no-verify`).
+- Do NOT squash-merge if the repo uses rebase-merge; check `.github/` for branch-protection hints.
+- Do NOT resolve a review comment without actually addressing it — every resolved thread must have a corresponding commit or a reply explaining why no change is needed.
+
+---
+
+## Final Verification (end of Phase 5, before Phase 6)
+
+- `grep -rn "agent_id\|agentId" src/` → fields present in: `types.ts`, `claude-code.ts`, `summarize.ts`, `observation.ts`, `SessionRoutes.ts`, observation types, store, migration010.
+- `grep -rn "subagent_context" src/services/worker/` → worker-side guard present.
+- `sqlite3 ~/.claude-mem/claude-mem.db "PRAGMA table_info(observations);"` → includes `agent_type`, `agent_id`.
+- `npm test && npm run build` → both green.
+- Smoke test: simulate a subagent hook payload end-to-end → observation labeled, no summary fired.
@@ -0,0 +1,570 @@
+# Merged-Worktree Adoption
+
+**Goal**: When a worktree's branch is merged into its parent, the worktree's observations become part of the parent project's observation list — without data movement, destructive schema changes, or lost provenance.
+
+**Approach**: Add a nullable `merged_into_project` column to observations and session_summaries, extend query predicates with `OR merged_into_project = :parent`, propagate the same metadata to Chroma embeddings for semantic-search consistency, detect merges via git (authoritative), run adoption automatically on worker startup, and offer a CLI escape hatch for squash-merges.
+
+**Key design decisions**:
+- `observations.project` is **immutable provenance** — never overwritten.
+- Merged-status is a **virtual pointer**, not a data move.
+- **Chroma metadata stays in lockstep with SQLite** (full consistent sync, not lazy SQL expansion). Single source of truth per row.
+- Detection is **git-authoritative** (`git worktree list --porcelain` + `git branch --merged`), with a manual CLI override for squash-merges.
+
+---
+
+## Phase 0 — Documentation Discovery (COMPLETE)
+
+Findings consolidated from three parallel discovery subagents. The following are the ONLY APIs/patterns to copy from. Do not invent alternatives.
+
+### Allowed APIs (copy from these locations)
+
+| Need | File | Lines | What to copy |
+|---|---|---|---|
+| Migration idempotency via marker file | `src/services/infrastructure/ProcessManager.ts` | 680–830 | `runOneTimeCwdRemap` structure, marker file pattern `.cwd-remap-applied-v1` |
+| Worker startup wiring | `src/services/worker-service.ts` | 363–365 | Call site inside `initializeBackground()`, invoked before `dbManager.initialize()` |
+| `ALTER TABLE ADD COLUMN` idempotency | `src/services/sqlite/migrations/runner.ts` | 131–141 | `PRAGMA table_info(<table>)` guard before `ALTER TABLE ... ADD COLUMN` |
+| Column addition example | `src/services/sqlite/migrations/runner.ts` | 495 | `db.run('ALTER TABLE observations ADD COLUMN discovery_tokens INTEGER DEFAULT 0')` |
+| Observations schema | `src/services/sqlite/migrations/runner.ts` | 82–96 | Existing columns + indices (do not duplicate) |
+| `schema_versions` marker table | `src/services/sqlite/migrations/runner.ts` | 51–58 | `INSERT OR IGNORE INTO schema_versions ...` — used only when numbered migration |
+| Logger | `src/utils/logger.ts` | 18 | Components: `SYSTEM`, `DB`, `CHROMA_SYNC`. Use `logger.info/warn/error('SYSTEM', ...)` |
+| Worktree detection | `src/utils/worktree.ts` | 1–84 | `detectWorktree(cwd): WorktreeInfo { isWorktree, worktreeName, parentRepoPath, parentProjectName }` |
+| Project-name derivation | `src/utils/project-name.ts` | 73–119 | `getProjectContext(cwd): ProjectContext { primary, parent, isWorktree, allProjects }` |
+| Multi-project read (WHERE to extend) | `src/services/context/ObservationCompiler.ts` | 111–160 | `queryObservationsMulti` — `WHERE o.project IN (${projectPlaceholders})` |
+| Same, for summaries | `src/services/context/ObservationCompiler.ts` | 168–196 | Parallel summary-fetching query with `ss.project IN (...)` |
+| Context injection endpoint | `src/services/worker/http/routes/SearchRoutes.ts` | 211–253 | `handleContextInject` wires `projects` comma-separated query param into `generateContext` |
+| Context entry point | `src/services/context/ContextBuilder.ts` | 126–183 | `generateContext()` picks `queryObservationsMulti` when `projects.length > 1` |
+| Chroma metadata attach (observations) | `src/services/sync/ChromaSync.ts` | 132–140 | `baseMetadata` object — includes `project`, `sqlite_id`, etc. This is where `merged_into_project` is added. |
+| Chroma collection architecture | `src/services/sync/ChromaSync.ts` | 806 (comment) | **Single shared collection `cm__claude-mem`**, scoped by metadata. Do NOT create a per-merged collection. |
+| Chroma filter build (read side) | `src/services/sync/SearchManager.ts` | 174–177 | `whereFilter = { project: options.project }` — extended with `$or` in Phase 3 |
+| Chroma update API | `src/services/sync/ChromaSync.ts` (grep) | — | `chroma_update_documents` via MCP — used by existing sync flows |
+| CLI entrypoint switch | `src/npx-cli/index.ts` | 28–169 | Plain `switch (command)`, dynamic `import()` of `./commands/<name>.ts`. No commander/cac. |
+| Admin-script template | `scripts/cwd-remap.ts` | 1–186 | Bun shebang, argv parsing, `--apply` gate, dry-run default |
+| UI observation card | `src/ui/viewer/components/ObservationCard.tsx` | 58 | `<span className="card-project">{observation.project}</span>` — where the merged badge is added |
+
+### Anti-patterns (do NOT do these)
+
+- Do NOT overwrite `observations.project` or `session_summaries.project`. These are immutable provenance.
+- Do NOT create a new Chroma collection for merged observations. Deployment uses a single shared `cm__claude-mem` collection.
+- Do NOT introduce a `gh` CLI dependency. Codebase has no `gh` usage outside `.github/workflows/`. Use `git` subprocesses only.
+- Do NOT use SQLite's unsupported `ALTER TABLE ... ADD COLUMN IF NOT EXISTS` syntax. Use the `PRAGMA table_info` guard instead.
+- Do NOT use a CLI framework (commander, cac, yargs). The codebase uses hand-rolled `switch (command)` + `process.argv.slice(2)`.
+- Do NOT mutate `ProjectContext.allProjects` to inject merged children. The reverse lookup lives in the SQL/Chroma query predicates, not in `ProjectContext`.
+- Do NOT run the lazy "SQL-expand projects then filter Chroma" approach. We want Chroma metadata to be the authoritative filter for semantic search.
+
+---
+
+## Phase 1 — Schema migration
+
+**What to implement**: One nullable column + one index on each of `observations` and `session_summaries`. Idempotent via `PRAGMA table_info` guard.
+
+### Files touched
+
+- `src/services/sqlite/migrations/runner.ts`
+
+### Implementation
+
+Add a new method `ensureMergedIntoProjectColumns()` on `MigrationRunner`, modeled on the pattern at lines 131–141:
+
+```typescript
+private ensureMergedIntoProjectColumns(): void {
+  const obsCols = this.db
+    .query('PRAGMA table_info(observations)')
+    .all() as TableColumnInfo[];
+  if (!obsCols.some(c => c.name === 'merged_into_project')) {
+    this.db.run('ALTER TABLE observations ADD COLUMN merged_into_project TEXT');
+    this.db.run(
+      'CREATE INDEX IF NOT EXISTS idx_observations_merged_into ON observations(merged_into_project)'
+    );
+  }
+
+  const sumCols = this.db
+    .query('PRAGMA table_info(session_summaries)')
+    .all() as TableColumnInfo[];
+  if (!sumCols.some(c => c.name === 'merged_into_project')) {
+    this.db.run('ALTER TABLE session_summaries ADD COLUMN merged_into_project TEXT');
+    this.db.run(
+      'CREATE INDEX IF NOT EXISTS idx_summaries_merged_into ON session_summaries(merged_into_project)'
+    );
+  }
+}
+```
+
+Call from `runAllMigrations()` — append immediately after the last existing `ensure*` method so it runs on every worker startup. The `PRAGMA table_info` check is O(1) and makes re-runs cheap.
+
+### Verification
+
+- Start the worker. Migration logs show no error.
+- `sqlite3 ~/.claude-mem/claude-mem.db ".schema observations"` shows `merged_into_project TEXT`.
+- Same for `session_summaries`.
+- Restart worker → no ALTER TABLE error (guard worked).
+- `sqlite3 ~/.claude-mem/claude-mem.db ".indices observations"` lists `idx_observations_merged_into`.
+
+### Anti-pattern guards
+
+- Do NOT use `ALTER TABLE ... ADD COLUMN IF NOT EXISTS` — SQLite does not support it.
+- Do NOT bump `schema_versions` for this migration. That table is for numbered migration history; the column-existence check is self-idempotent.
+
+---
+
+## Phase 2 — Adoption engine (SQLite + Chroma consistent)
+
+**What to implement**: A single function that, given a parent repo path, detects all merged-worktree branches and stamps `merged_into_project` on both SQLite rows AND Chroma metadata in the same logical operation. Reused by worker startup (Phase 4) and CLI (Phase 5).
+
+### Files touched
+
+- `src/services/infrastructure/WorktreeAdoption.ts` (new)
+- `src/services/sync/ChromaSync.ts` — add `updateMergedIntoProject(sqliteIds: number[], mergedIntoProject: string): Promise<void>`
+
+### Public API
+
+```typescript
+export interface AdoptionResult {
+  repoPath: string;
+  parentProject: string;
+  scannedWorktrees: number;
+  mergedBranches: string[];          // branches classified as merged
+  adoptedObservations: number;        // SQLite rows stamped
+  adoptedSummaries: number;
+  chromaUpdates: number;              // Chroma docs patched
+  chromaFailed: number;
+  dryRun: boolean;
+  errors: Array<{ worktree: string; error: string }>;
+}
+
+export async function adoptMergedWorktrees(opts: {
+  repoPath?: string;       // defaults to process.cwd()
+  dataDirectory?: string;  // defaults to DATA_DIR
+  dryRun?: boolean;
+  onlyBranch?: string;     // manual override for squash-merge case
+}): Promise<AdoptionResult>;
+```
+
+### Implementation outline
+
+Mirror `runOneTimeCwdRemap` in `ProcessManager.ts:680–830` for DB lifecycle (open, transaction, finally-close). Add Chroma sync step after SQL commit.
+
+1. **Resolve main repo path**
+   - `const mainRepo = execSync('git rev-parse --git-common-dir', { cwd: opts.repoPath ?? process.cwd() })` — strip `/.git` suffix to get the working tree root.
+   - This pattern is used in `scripts/cwd-remap.ts:48–51`. Copy that handling verbatim.
+
+2. **Resolve parent project name**
+   - `const parentProject = getProjectContext(mainRepo).primary` — imported from `src/utils/project-name.ts`.
+
+3. **Enumerate worktrees**
+   - `git -C <mainRepo> worktree list --porcelain` → parse `worktree <path>`, `branch refs/heads/<name>` lines.
+   - Filter out the main worktree entry (its path equals `mainRepo`).
+
+4. **Classify as merged**
+   - If `opts.onlyBranch` provided: include only that branch (squash-merge escape hatch).
+   - Else: `git -C <mainRepo> branch --merged HEAD --format='%(refname:short)'` → intersect with worktree branch list.
+
+5. **Resolve worktree project names**
+   - For each merged worktree path, `const worktreeProject = getProjectContext(worktreePath).primary` → yields the composite `parent/worktree` name.
+
+6. **SQL transaction** (model on `ProcessManager.ts:745–760, 808`)
+   - Open DB via `new Database(dbPath)` (manage own handle — must close before `dbManager.initialize()` runs).
+   - For each merged worktree:
+     - `SELECT id FROM observations WHERE project = ? AND merged_into_project IS NULL` → collect sqlite IDs to later push to Chroma.
+     - `UPDATE observations SET merged_into_project = ? WHERE project = ? AND merged_into_project IS NULL`.
+     - Same for `session_summaries`.
+   - Commit transaction.
+   - If `dryRun`, roll back instead.
+
+7. **Chroma metadata sync** (full consistent — NOT lazy)
+   - For the set of sqlite IDs just stamped, call `ChromaSync.updateMergedIntoProject(sqliteIds, parentProject)`.
+   - `ChromaSync.updateMergedIntoProject` implementation:
+     ```typescript
+     async updateMergedIntoProject(sqliteIds: number[], mergedIntoProject: string): Promise<void> {
+       if (sqliteIds.length === 0) return;
+       // Batch: look up Chroma doc IDs via metadata filter on sqlite_id, then patch.
+       const where = { sqlite_id: { $in: sqliteIds } };
+       const existing = await chromaMcp.callTool('chroma_get_documents', {
+         collection_name: this.collectionName,
+         where,
+         include: ['metadatas']
+       });
+       const docIds: string[] = existing.ids ?? [];
+       const metadatas: Record<string, unknown>[] = (existing.metadatas ?? []).map(m => ({
+         ...m,
+         merged_into_project: mergedIntoProject
+       }));
+       if (docIds.length === 0) return;
+       await chromaMcp.callTool('chroma_update_documents', {
+         collection_name: this.collectionName,
+         ids: docIds,
+         metadatas
+       });
+     }
+     ```
+   - On Chroma error: log via `logger.error('CHROMA_SYNC', ...)`, increment `chromaFailed`, but do NOT roll back SQL. SQL is source of truth; a subsequent run will retry the Chroma patch (idempotent — metadata set to same value is a no-op).
+
+8. **Logging**
+   - `logger.info('SYSTEM', 'Worktree adoption applied', { parentProject, adoptedObservations, adoptedSummaries, chromaUpdates, chromaFailed, mergedBranches })`.
+   - On per-worktree error: `logger.warn('SYSTEM', 'Worktree adoption skipped branch', { worktree, error })` — collect in `errors[]`, continue.
+
+9. **Re-adoption safety net**
+   - Because Chroma updates can fail independently, add a secondary SQL-side reconciliation: on each adoption run, also find `observations WHERE merged_into_project IS NOT NULL` whose Chroma metadata lacks the field. Run the same `updateMergedIntoProject` on that delta.
+   - Keep this bounded: only reconcile rows adopted in the last N days (e.g. 30) to avoid full-table scans.
+
+### Verification
+
+- Dry-run against a repo with one known-merged worktree: result shows correct `adoptedObservations`, DB unchanged, no Chroma writes.
+- Real run: `SELECT COUNT(*) FROM observations WHERE merged_into_project IS NOT NULL` matches `adoptedObservations`.
+- Chroma: `chroma_get_documents` with `where: { merged_into_project: 'claude-mem' }` returns the same row count.
+- Re-run: `adoptedObservations = 0`, `chromaUpdates = 0` (both idempotent).
+- Simulate Chroma outage (stop chroma): adoption logs `CHROMA_SYNC` error, `chromaFailed > 0`, SQL still stamps. Next run with Chroma back up reconciles the delta.
+
+### Anti-pattern guards
+
+- Do NOT rollback SQL on Chroma failure. SQL is authoritative; Chroma is a derived index.
+- Do NOT call Chroma per-row. Batch by sqlite_id set to minimize round-trips.
+- Do NOT adopt branches not in `git branch --merged HEAD` unless `onlyBranch` override is explicit.
+- Do NOT touch observations whose `project` is not a composite worktree name. The worktree-name match is the safety gate.
+- Do NOT skip the `merged_into_project IS NULL` clause on UPDATE — this is what makes the run idempotent.
+
+---
+
+## Phase 3 — Query plumbing (SQLite + Chroma $or)
+
+**What to implement**: Extend the two multi-project read queries in `ObservationCompiler.ts` and the Chroma filter in `SearchManager.ts` to treat `merged_into_project` as a second match axis. Direct Chroma `$or` filter — no SQL-side expansion dance.
+
+### Files touched
+
+- `src/services/context/ObservationCompiler.ts`
+- `src/services/sync/SearchManager.ts`
+
+### 3a. SQLite WHERE-clause extension
+
+`src/services/context/ObservationCompiler.ts:111–160` (`queryObservationsMulti`): change
+
+```sql
+WHERE o.project IN (${projectPlaceholders})
+```
+
+to
+
+```sql
+WHERE (o.project IN (${projectPlaceholders})
+       OR o.merged_into_project IN (${projectPlaceholders}))
+```
+
+Double-bind the `projects` array:
+
+```typescript
+.all(
+  ...projects,          // for o.project IN (...)
+  ...projects,          // for o.merged_into_project IN (...)
+  ...typeArray,
+  ...conceptArray,
+  ...(platformSource ? [platformSource] : []),
+  config.totalObservationCount
+)
+```
+
+`src/services/context/ObservationCompiler.ts:168–196` (summary variant): apply the same extension, using `ss.merged_into_project`.
+
+### 3b. Chroma filter extension
+
+`src/services/sync/SearchManager.ts:174–177`:
+
+```typescript
+if (options.project) {
+  const projectFilter = {
+    $or: [
+      { project: options.project },
+      { merged_into_project: options.project }
+    ]
+  };
+  whereFilter = whereFilter
+    ? { $and: [whereFilter, projectFilter] }
+    : projectFilter;
+}
+```
+
+When `options.project` is an array (if that path exists — grep first), build a flat `$or` over both fields × all requested projects.
+
+### 3c. New-observation Chroma metadata
+
+`src/services/sync/ChromaSync.ts:132–140` — extend `baseMetadata`:
+
+```typescript
+const baseMetadata: Record<string, string | number | null> = {
+  sqlite_id: obs.id,
+  doc_type: 'observation',
+  memory_session_id: obs.memory_session_id,
+  project: obs.project,
+  merged_into_project: obs.merged_into_project ?? null,  // NEW
+  created_at_epoch: obs.created_at_epoch,
+  type: obs.type || 'discovery',
+  title: obs.title || 'Untitled'
+};
+```
+
+This makes every new observation Chroma-compatible with the Phase 3b filter from the first sync. For existing rows, Phase 2's adoption engine patches metadata retroactively.
+
+**Check Chroma metadata type constraints**: Chroma rejects `null` in metadata — confirm via a quick test. If `null` is rejected, OMIT the field when unset (use `if (obs.merged_into_project) baseMetadata.merged_into_project = obs.merged_into_project;`).
+
+### 3d. ContextBuilder compatibility check
+
+`src/services/context/ContextBuilder.ts:126–183` — no change needed. `projects = input?.projects ?? context.allProjects` stays as-is; the extended WHERE clause in Phase 3a does all the work.
+
+### Verification
+
+- Before adoption: context-inject API for `claude-mem` returns N observations.
+- After adoption of `claude-mem/dar-es-salaam`: API returns N + M (M = count of dar-es-salaam's own observations).
+- Semantic search via Chroma (`/search` endpoint or MCP) with `project=claude-mem` returns dar-es-salaam-origin rows too.
+- Worktree-local queries (`projects=[claude-mem, claude-mem/dar-es-salaam]`) still return `[parent + own]` unchanged.
+- SQL EXPLAIN on the extended WHERE shows it uses `idx_observations_project` OR `idx_observations_merged_into` (both indices hit).
+
+### Anti-pattern guards
+
+- Do NOT lose the `o.project` filter — it's still required (merged-row predicate is additive, not a replacement).
+- Do NOT forget to double-bind `projects` in the prepared statement — placeholder count must match argument count.
+- Do NOT add a subquery or JOIN for merged discovery. A flat `OR` + index is faster.
+- Do NOT write `null` into Chroma metadata if Chroma rejects it. Use the "omit if unset" pattern.
+
+---
+
+## Phase 4 — Automatic trigger on worker startup
+
+**What to implement**: Call `adoptMergedWorktrees()` during worker startup, immediately after `runOneTimeCwdRemap()`. **Not** marker-gated — it runs every worker startup because git state evolves and the engine is idempotent.
+
+### Files touched
+
+- `src/services/worker-service.ts`
+
+### Implementation
+
+Import alongside existing `ProcessManager` imports at lines 41–53:
+
+```typescript
+import { adoptMergedWorktrees } from './infrastructure/WorktreeAdoption.js';
+```
+
+Insert immediately after the existing `runOneTimeCwdRemap()` call at lines 363–365:
+
+```typescript
+runOneTimeCwdRemap();
+
+try {
+  const result = await adoptMergedWorktrees({});
+  if (result.adoptedObservations > 0 || result.chromaUpdates > 0) {
+    logger.info('SYSTEM', 'Merged worktrees adopted on startup', result);
+  }
+  if (result.errors.length > 0) {
+    logger.warn('SYSTEM', 'Worktree adoption had per-branch errors', { errors: result.errors });
+  }
+} catch (err) {
+  logger.error('SYSTEM', 'Worktree adoption failed (non-fatal)', {}, err as Error);
+}
+```
+
+**DB lifecycle note**: `adoptMergedWorktrees` must manage its own DB handle (open + close) before `dbManager.initialize()` runs at line 380. Mirror `runOneTimeCwdRemap`'s finally-block pattern.
+
+### Verification
+
+- Restart worker. Log shows "Merged worktrees adopted on startup" only on first run after a new merge lands.
+- Subsequent restarts log nothing (idempotent).
+- Simulate adoption exception (e.g., rename git temporarily): log shows error, worker startup continues successfully.
+- Build-and-sync restart picks up new merges without manual intervention.
+
+### Anti-pattern guards
+
+- Do NOT block worker startup on adoption failure. Wrap in try/catch; swallow + log.
+- Do NOT run adoption after `dbManager.initialize()`. The engine manages its own DB handle; two handles at once risk lock contention.
+- Do NOT await Chroma sync before returning SQL success. Internally, yes; but don't make worker startup hang on Chroma I/O — cap with a reasonable timeout inside the engine.
+
+---
+
+## Phase 5 — CLI escape hatch
+
+**What to implement**: `claude-mem adopt [--branch <name>] [--dry-run]` — covers squash-merge where `git branch --merged` returns nothing, and provides a manual override for any adoption run.
+
+### Files touched
+
+- `src/npx-cli/commands/adopt.ts` (new)
+- `src/npx-cli/index.ts` (add `case 'adopt'`)
+- `scripts/adopt-worktrees.ts` (new, optional — admin script for bulk ops)
+
+### 5a. Command module
+
+`src/npx-cli/commands/adopt.ts` — follow shape of sibling commands (dynamic-imported by the switch):
+
+```typescript
+import pc from 'picocolors';
+import { adoptMergedWorktrees } from '../../services/infrastructure/WorktreeAdoption.js';
+
+export interface AdoptCommandOptions {
+  dryRun?: boolean;
+  onlyBranch?: string;
+}
+
+export async function runAdoptCommand(opts: AdoptCommandOptions): Promise<void> {
+  const result = await adoptMergedWorktrees({
+    dryRun: opts.dryRun,
+    onlyBranch: opts.onlyBranch
+  });
+
+  console.log(pc.bold(`\nWorktree adoption ${result.dryRun ? pc.yellow('(dry-run)') : pc.green('(applied)')}`));
+  console.log(`  Parent project:         ${result.parentProject}`);
+  console.log(`  Worktrees scanned:      ${result.scannedWorktrees}`);
+  console.log(`  Merged branches:        ${result.mergedBranches.join(', ') || '(none)'}`);
+  console.log(`  Observations adopted:   ${result.adoptedObservations}`);
+  console.log(`  Summaries adopted:      ${result.adoptedSummaries}`);
+  console.log(`  Chroma docs updated:    ${result.chromaUpdates}`);
+  if (result.chromaFailed > 0) {
+    console.log(pc.yellow(`  Chroma sync failures:   ${result.chromaFailed} (will retry on next run)`));
+  }
+  for (const err of result.errors) {
+    console.log(pc.red(`  ! ${err.worktree}: ${err.error}`));
+  }
+}
+```
+
+### 5b. CLI switch
+
+`src/npx-cli/index.ts` — add between existing cases, following the pattern at lines 28–169:
+
+```typescript
+case 'adopt': {
+  const dryRun = args.includes('--dry-run');
+  const branchIndex = args.indexOf('--branch');
+  const onlyBranch = branchIndex !== -1 ? args[branchIndex + 1] : undefined;
+  const { runAdoptCommand } = await import('./commands/adopt.js');
+  await runAdoptCommand({ dryRun, onlyBranch });
+  break;
+}
+```
+
+### 5c. Admin script (optional)
+
+`scripts/adopt-worktrees.ts` — Bun shebang script for users without the plugin installed. Model on `scripts/cwd-remap.ts:1–186`. Default: dry-run. Pass `--apply` to commit.
+
+### Verification
+
+- `npx claude-mem adopt --dry-run` in a repo with merged worktrees prints what WOULD be adopted without writing.
+- `npx claude-mem adopt` writes + prints counts.
+- `npx claude-mem adopt --branch feature/foo` forces adoption of that branch even if `git branch --merged` doesn't include it (squash case).
+- `bun scripts/adopt-worktrees.ts --apply` equivalent to the CLI.
+- Help text / unknown command still reports the existing error (CLI pattern preserved).
+
+### Anti-pattern guards
+
+- Do NOT require running from the worktree. Detection always resolves up to the common-dir, regardless of cwd.
+- Do NOT default to `--apply`. Dry-run first matches `scripts/cwd-remap.ts` ergonomics.
+- Do NOT introduce `commander`, `yargs`, `cac`. Stay with the existing hand-rolled parser.
+
+---
+
+## Phase 6 — UI surfacing
+
+**What to implement**: When the viewer shows an observation in a parent-project context that originated in a merged worktree, display a "merged from <worktree>" badge so provenance is visible. Keep the original `project` field rendered too.
+
+### Files touched
+
+- `src/ui/viewer/components/ObservationCard.tsx`
+- Type definition for `Observation` — wherever `.project` is declared, add `merged_into_project?: string | null`.
+- Observation serializer on the worker → UI path (grep for `doc_type: 'observation'` or `serializeObservation` to find it).
+- CSS file for ObservationCard styles.
+
+### Implementation
+
+Locate the current label render at `src/ui/viewer/components/ObservationCard.tsx:58`:
+
+```tsx
+<span className="card-project">{observation.project}</span>
+```
+
+Extend to:
+
+```tsx
+<span className="card-project">{observation.project}</span>
+{observation.merged_into_project && (
+  <span className="card-merged-badge" title={`Merged into ${observation.merged_into_project}`}>
+    merged → {observation.merged_into_project}
+  </span>
+)}
+```
+
+Add CSS for `.card-merged-badge` — subtle secondary chip style (muted color, smaller font). Match existing `.card-source` / `.card-project` aesthetics.
+
+### Verification
+
+- After adoption, open viewer at `http://localhost:37777`, select the parent project. Merged observations show both their origin worktree name AND the "merged →" badge.
+- Worktree view (if still addressable) shows no badge (badge only renders when `merged_into_project` is set; a worktree viewing its own observations would not see it, since in that view `merged_into_project` is the PARENT name, not the current project).
+- Hover tooltip shows full target project name.
+
+### Anti-pattern guards
+
+- Do NOT hide merged observations in the parent view. The goal is visibility.
+- Do NOT replace `project` display with `merged_into_project`. Both are meaningful: `project` = origin, `merged_into_project` = current home.
+- Do NOT require a UI setting toggle to show the badge. Default on.
+
+---
+
+## Phase 7 — Verification pass
+
+### Unit tests
+
+- `adoptMergedWorktrees({ dryRun: true })` against a fixture repo with `[merged, unmerged, squash-merged]` worktrees → classification matches expectation.
+- `ChromaSync.updateMergedIntoProject` on an empty `sqliteIds` array → no-op, no Chroma call.
+- Extended `queryObservationsMulti` with a mixed set of `project` and `merged_into_project` matches → returns union, sorted by `created_at_epoch DESC`.
+
+### Integration tests
+
+- Start worker → create synthetic observations under `claude-mem/test-wt` → simulate branch merge (`git merge`) → restart worker → context-inject API for `claude-mem` returns test-wt observations.
+- Same flow with a squash-merge → auto-adoption misses → run `claude-mem adopt --branch test-wt` → API now returns them.
+- Re-run `claude-mem adopt` twice: second run reports `adoptedObservations: 0, chromaUpdates: 0`.
+
+### Anti-pattern grep checks
+
+Run before landing:
+
+```bash
+# No one renamed the project field
+rg "UPDATE observations SET project" src/
+# (Expected: zero hits other than the existing CWD remap)
+
+# Adoption only touches via IS NULL guard
+rg "merged_into_project" src/ -C2
+# (Expected: all UPDATE sites include "IS NULL" predicate)
+
+# CLI registered
+rg "case 'adopt'" src/npx-cli/index.ts
+# (Expected: one hit)
+
+# Chroma metadata extension present
+rg "merged_into_project" src/services/sync/ChromaSync.ts
+# (Expected: hits in baseMetadata and updateMergedIntoProject)
+
+# No gh CLI introduced
+rg "\\bgh\\s+(pr|issue|api)" src/ scripts/
+# (Expected: zero hits outside .github/workflows/)
+```
+
+### Documentation cross-check
+
+- ObservationCompiler WHERE clause matches the shape used by the shipped worktree-reads-parent feature — both clauses symmetric, visible in a single read of the file.
+- Chroma metadata field name `merged_into_project` matches SQLite column name exactly (no `mergedIntoProject`, `merged_project`, etc.).
+- CLI `--branch` flag accepts the same format as worktree composite names.
+
+---
+
+## Summary
+
+| Phase | Files touched | New LOC (approx.) |
+|---|---|---|
+| 1. Schema | `src/services/sqlite/migrations/runner.ts` | ~25 |
+| 2. Adoption engine | `src/services/infrastructure/WorktreeAdoption.ts` (new), `src/services/sync/ChromaSync.ts` (new method) | ~200 |
+| 3. Query plumbing | `src/services/context/ObservationCompiler.ts`, `src/services/sync/SearchManager.ts`, `src/services/sync/ChromaSync.ts` | ~40 |
+| 4. Auto-trigger | `src/services/worker-service.ts` | ~15 |
+| 5. CLI | `src/npx-cli/commands/adopt.ts` (new), `src/npx-cli/index.ts`, `scripts/adopt-worktrees.ts` (new) | ~100 |
+| 6. UI | `src/ui/viewer/components/ObservationCard.tsx`, Observation type, serializer, CSS | ~20 |
+| 7. Tests + verification | scattered | — |
+| **Total** | | **~400 LOC** |
+
+**Reversibility**: `UPDATE observations SET merged_into_project = NULL` + a Chroma `update_documents` call with the field omitted restores pre-adoption state completely. Nothing is destroyed.
+
+**Architecture fit**: Mirrors the just-shipped CWD remap migration (`runOneTimeCwdRemap`) for structure, lifecycle, and logging conventions. Chroma metadata sync matches the existing per-observation attach pattern.
+
+**Blast radius**: Zero risk to existing data (no writes to `project` field). Chroma additions are metadata-only (embeddings untouched). Query extensions are additive OR clauses — existing queries still return what they did.
@@ -0,0 +1,137 @@
+# 내 저장소 설정
+
+- Git 서버: Gitea (자체 NAS 운영)
+- Gitea URL: https://gitea.gru.farm/
+- 계정: airkjw
+- 저장소: Codex-mem
+- Remote: https://gitea.gru.farm/airkjw/Codex-mem
+- 토큰: 83b491bd64ffbf32c88e6e93abe5482422dc1488
+
+## 업데이트
+- AGENTS.md 파일 로드시, 원본 레포 체크해서 업데이트 확인
+- 원본 레포: https://github.com/thedotmack/Codex-mem
+
+---
+
+# Codex-Mem: AI Development Instructions
+
+Codex-mem is a Codex plugin providing persistent memory across sessions. It captures tool usage, compresses observations using the Codex Agent SDK, and injects relevant context into future sessions.
+
+## Architecture
+
+**6 Lifecycle Hooks**: Setup → SessionStart → UserPromptSubmit → PreToolUse (Read) → PostToolUse → Stop
+
+**Hooks** - Entries in `plugin/hooks/hooks.json` dispatch to the unified worker (`plugin/scripts/worker-service.cjs`, built from `src/services/worker-service.ts` via `scripts/build-hooks.js`) through `bun-runner.js`, invoking subcommands like `context`, `session-init`, `observation`, `file-context`, and `summarize`. The Setup-phase `version-check.js` is the only standalone hook script.
+
+**Worker Service** (`src/services/worker-service.ts`) - Express API on the per-user worker port (default `37700 + (uid % 100)`, configurable via `CLAUDE_MEM_WORKER_PORT`), Bun-managed, handles AI processing asynchronously
+
+**Database** (`src/services/sqlite/`) - SQLite3 at `~/.Codex-mem/Codex-mem.db`
+
+**Search Skill** (`plugin/skills/mem-search/SKILL.md`) - HTTP API for searching past work, auto-invoked when users ask about history
+
+**Planning Skill** (`plugin/skills/make-plan/SKILL.md`) - Orchestrator instructions for creating phased implementation plans with documentation discovery
+
+**Execution Skill** (`plugin/skills/do/SKILL.md`) - Orchestrator instructions for executing phased plans using subagents
+
+**Chroma** (`src/services/sync/ChromaSync.ts`) - Vector embeddings for semantic search
+
+**Viewer UI** (`src/ui/viewer/`) - React interface served by the worker on its configured port (default `http://127.0.0.1:<worker-port>`), built to `plugin/ui/viewer.html`
+
+## Privacy Tags
+- `<private>content</private>` - User-level privacy control (manual, prevents storage)
+
+**Implementation**: Tag stripping happens at hook layer (edge processing) before data reaches worker/database. See `src/utils/tag-stripping.ts` for shared utilities.
+
+## Build Commands
+
+```bash
+npm run build-and-sync        # Build, sync to marketplace, restart worker
+```
+
+## Configuration
+
+Settings are managed in `~/.Codex-mem/settings.json`. The file is auto-created with defaults on first run.
+
+## Multi-account
+
+Codex-mem supports running multiple isolated profiles on the same machine (e.g. work vs personal accounts) via environment variables. No CLI subcommand needed — set the env vars in the shell where you run Codex.
+
+- **Switch profiles per shell:** Set `CLAUDE_MEM_DATA_DIR=<path>` and every Codex-mem path (database, chroma, logs, settings.json, worker.pid, transcripts config) derives from it. Example:
+
+  ```bash
+  export CLAUDE_MEM_DATA_DIR="$HOME/.Codex-mem-work"
+  ```
+
+- **Port collisions are auto-handled:** The default worker port is `37700 + (uid % 100)`, so two different OS users on the same box get different ports for free. If you want fixed ports per profile (e.g. you run two profiles as the same UID), set `CLAUDE_MEM_WORKER_PORT` too:
+
+  ```bash
+  export CLAUDE_MEM_WORKER_PORT=37800
+  ```
+
+- **All paths and ports derive from these two env vars.** Hooks, npx-cli (`install`/`uninstall`/`start`/`search`), the OpenCode plugin, the OpenClaw installer, and the timeline-report skill all honor them. The settings file itself lives at `$CLAUDE_MEM_DATA_DIR/settings.json`.
+
+- See `src/shared/SettingsDefaultsManager.ts` for the canonical port/data-dir defaults and `plugin/skills/timeline-report/SKILL.md` for the shell snippet that resolves the port for arbitrary skills.
+
+## File Locations
+
+- **Source**: `<project-root>/src/`
+- **Built Plugin**: `<project-root>/plugin/`
+- **Installed Plugin**: `~/.Codex/plugins/marketplaces/thedotmack/`
+- **Database**: `~/.Codex-mem/Codex-mem.db`
+- **Chroma**: `~/.Codex-mem/chroma/`
+
+## Exit Code Strategy
+
+Codex-mem hooks use specific exit codes per Codex's hook contract:
+
+- **Exit 0**: Success or graceful shutdown (Windows Terminal closes tabs)
+- **Exit 1**: Non-blocking error (stderr shown to user, continues)
+- **Exit 2**: Blocking error (stderr fed to Codex for processing)
+
+**Philosophy**: Worker/hook errors exit with code 0 to prevent Windows Terminal tab accumulation. The wrapper/plugin layer handles restart logic. ERROR-level logging is maintained for diagnostics.
+
+## Requirements
+
+- **Bun** (all platforms - auto-installed if missing)
+- **uv** (all platforms - auto-installed if missing, provides Python for Chroma)
+- Node.js
+
+## Documentation
+
+**Public Docs**: https://docs.Codex-mem.ai (Mintlify)
+**Source**: `docs/public/` - MDX files, edit `docs.json` for navigation
+**Deploy**: Auto-deploys from GitHub on push to main
+
+## Pro Features Architecture
+
+Codex-mem is designed with a clean separation between open-source core functionality and optional Pro features.
+
+**Open-Source Core** (this repository):
+
+- All local worker HTTP API endpoints (per-user port — see Architecture above) remain fully open and accessible
+- Pro features are headless - no proprietary UI elements in this codebase
+- Pro integration points are minimal: settings for license keys, tunnel provisioning logic
+- The architecture ensures Pro features extend rather than replace core functionality
+
+**Pro Features** (coming soon, external):
+
+- Enhanced UI (Memory Stream) connects to the same local worker endpoints as the open viewer
+- Additional features like advanced filtering, timeline scrubbing, and search tools
+- Access gated by license validation, not by modifying core endpoints
+- Users without Pro licenses continue using the full open-source viewer UI without limitation
+
+This architecture preserves the open-source nature of the project while enabling sustainable development through optional paid features.
+
+## Important
+
+No need to edit the changelog ever, it's generated automatically.
+
+## Daily Maintenance
+
+Run a daily version check across all package manifests and upgrade every dependency to its latest version — including major version bumps. Staying on the latest is the goal; do not skip majors.
+
+- Check `package.json` (root) and all nested `package.json` files (e.g. `plugin/`, `openclaw/`) for outdated dependencies via `npm outdated`.
+- Upgrade every package to `latest` (use `npm install <pkg>@latest` for each, or `npx npm-check-updates -u && npm install`). Bump majors too.
+- Run `npm audit fix` to resolve advisories.
+- After upgrades, run `npm run build-and-sync` and verify the worker starts and tests pass. Fix any breakage caused by major bumps in the same change.
+- Commit the updated `package.json` and `package-lock.json` files.
@@ -1,14 +1,29 @@
+# 내 저장소 설정
+
+- Git 서버: Gitea (자체 NAS 운영)
+- Gitea URL: https://gitea.gru.farm/
+- 계정: airkjw
+- 저장소: claude-mem
+- Remote: https://gitea.gru.farm/airkjw/claude-mem
+- 토큰: 83b491bd64ffbf32c88e6e93abe5482422dc1488
+
+## 업데이트
+- claude.md 파일 로드시, 원본 레포 체크해서 업데이트 확인
+- 원본 레포: https://github.com/thedotmack/claude-mem
+
+---
+
 # Claude-Mem: AI Development Instructions

 Claude-mem is a Claude Code plugin providing persistent memory across sessions. It captures tool usage, compresses observations using the Claude Agent SDK, and injects relevant context into future sessions.

 ## Architecture

-**5 Lifecycle Hooks**: SessionStart → UserPromptSubmit → PostToolUse → Summary → SessionEnd
+**6 Lifecycle Hooks**: Setup → SessionStart → UserPromptSubmit → PreToolUse (Read) → PostToolUse → Stop

-**Hooks** (`src/hooks/*.ts`) - TypeScript → ESM, built to `plugin/scripts/*-hook.js`
+**Hooks** - Entries in `plugin/hooks/hooks.json` dispatch to the unified worker (`plugin/scripts/worker-service.cjs`, built from `src/services/worker-service.ts` via `scripts/build-hooks.js`) through `bun-runner.js`, invoking subcommands like `context`, `session-init`, `observation`, `file-context`, and `summarize`. The Setup-phase `version-check.js` is the only standalone hook script.

-**Worker Service** (`src/services/worker-service.ts`) - Express API on port 37777, Bun-managed, handles AI processing asynchronously
+**Worker Service** (`src/services/worker-service.ts`) - Express API on the per-user worker port (default `37700 + (uid % 100)`, configurable via `CLAUDE_MEM_WORKER_PORT`), Bun-managed, handles AI processing asynchronously

 **Database** (`src/services/sqlite/`) - SQLite3 at `~/.claude-mem/claude-mem.db`

@@ -20,7 +35,7 @@ Claude-mem is a Claude Code plugin providing persistent memory across sessions.

 **Chroma** (`src/services/sync/ChromaSync.ts`) - Vector embeddings for semantic search

-**Viewer UI** (`src/ui/viewer/`) - React interface at http://localhost:37777, built to `plugin/ui/viewer.html`
+**Viewer UI** (`src/ui/viewer/`) - React interface served by the worker on its configured port (default `http://127.0.0.1:<worker-port>`), built to `plugin/ui/viewer.html`

 ## Privacy Tags
 - `<private>content</private>` - User-level privacy control (manual, prevents storage)
@@ -37,6 +52,26 @@ npm run build-and-sync        # Build, sync to marketplace, restart worker

 Settings are managed in `~/.claude-mem/settings.json`. The file is auto-created with defaults on first run.

+## Multi-account
+
+Claude-mem supports running multiple isolated profiles on the same machine (e.g. work vs personal accounts) via environment variables. No CLI subcommand needed — set the env vars in the shell where you run Claude Code.
+
+- **Switch profiles per shell:** Set `CLAUDE_MEM_DATA_DIR=<path>` and every claude-mem path (database, chroma, logs, settings.json, worker.pid, transcripts config) derives from it. Example:
+
+  ```bash
+  export CLAUDE_MEM_DATA_DIR="$HOME/.claude-mem-work"
+  ```
+
+- **Port collisions are auto-handled:** The default worker port is `37700 + (uid % 100)`, so two different OS users on the same box get different ports for free. If you want fixed ports per profile (e.g. you run two profiles as the same UID), set `CLAUDE_MEM_WORKER_PORT` too:
+
+  ```bash
+  export CLAUDE_MEM_WORKER_PORT=37800
+  ```
+
+- **All paths and ports derive from these two env vars.** Hooks, npx-cli (`install`/`uninstall`/`start`/`search`), the OpenCode plugin, the OpenClaw installer, and the timeline-report skill all honor them. The settings file itself lives at `$CLAUDE_MEM_DATA_DIR/settings.json`.
+
+- See `src/shared/SettingsDefaultsManager.ts` for the canonical port/data-dir defaults and `plugin/skills/timeline-report/SKILL.md` for the shell snippet that resolves the port for arbitrary skills.
+
 ## File Locations

 - **Source**: `<project-root>/src/`
@@ -55,8 +90,6 @@ Claude-mem hooks use specific exit codes per Claude Code's hook contract:

 **Philosophy**: Worker/hook errors exit with code 0 to prevent Windows Terminal tab accumulation. The wrapper/plugin layer handles restart logic. ERROR-level logging is maintained for diagnostics.

-See `private/context/claude-code/exit-codes.md` for full hook behavior matrix.
-
 ## Requirements

 - **Bun** (all platforms - auto-installed if missing)
@@ -75,14 +108,14 @@ Claude-mem is designed with a clean separation between open-source core function

 **Open-Source Core** (this repository):

- All worker API endpoints on localhost:37777 remain fully open and accessible
+- All local worker HTTP API endpoints (per-user port — see Architecture above) remain fully open and accessible
 - Pro features are headless - no proprietary UI elements in this codebase
 - Pro integration points are minimal: settings for license keys, tunnel provisioning logic
 - The architecture ensures Pro features extend rather than replace core functionality

 **Pro Features** (coming soon, external):

- Enhanced UI (Memory Stream) connects to the same localhost:37777 endpoints as the open viewer
+- Enhanced UI (Memory Stream) connects to the same local worker endpoints as the open viewer
 - Additional features like advanced filtering, timeline scrubbing, and search tools
 - Access gated by license validation, not by modifying core endpoints
 - Users without Pro licenses continue using the full open-source viewer UI without limitation
@@ -92,3 +125,13 @@ This architecture preserves the open-source nature of the project while enabling
 ## Important

 No need to edit the changelog ever, it's generated automatically.
+
+## Daily Maintenance
+
+Run a daily version check across all package manifests and upgrade every dependency to its latest version — including major version bumps. Staying on the latest is the goal; do not skip majors.
+
+- Check `package.json` (root) and all nested `package.json` files (e.g. `plugin/`, `openclaw/`) for outdated dependencies via `npm outdated`.
+- Upgrade every package to `latest` (use `npm install <pkg>@latest` for each, or `npx npm-check-updates -u && npm install`). Bump majors too.
+- Run `npm audit fix` to resolve advisories.
+- After upgrades, run `npm run build-and-sync` and verify the worker starts and tests pass. Fix any breakage caused by major bumps in the same change.
+- Commit the updated `package.json` and `package-lock.json` files.
@@ -0,0 +1,59 @@
+FROM ubuntu:24.04
+ARG NODE_VERSION=20
+
+ENV DEBIAN_FRONTEND=noninteractive
+ENV TERM=xterm-256color
+ENV COLORTERM=truecolor
+
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    curl \
+    ca-certificates \
+    bash \
+    git \
+    build-essential \
+    python3 \
+    unzip \
+    jq \
+    sudo \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN curl -fsSL https://deb.nodesource.com/setup_${NODE_VERSION}.x | bash - \
+    && apt-get install -y nodejs \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN node -v && npm -v
+
+WORKDIR /workspace
+
+RUN cat > /root/.bashrc <<'EOF'
+export PS1='\[\033[1;36m\]cmem-test\[\033[0m\]:\[\033[1;33m\]\w\[\033[0m\]\$ '
+
+cat <<'BANNER'
+=====================================================================
+  claude-mem installer test sandbox (clean Linux, no Bun, no uv)
+=====================================================================
+
+  Try the new installer interactively:
+
+      node dist/npx-cli/index.js install --no-auto-start
+
+  Or just the runtime setup module via repair:
+
+      node dist/npx-cli/index.js repair
+
+  After install, verify the Setup hook is fast:
+
+      time node ~/.claude/plugins/cache/thedotmack/claude-mem/$(jq -r .version package.json)/scripts/version-check.js
+
+  Container HOME=/root is isolated — nothing here touches your real
+  ~/.claude or ~/.claude-mem. Exit with Ctrl-D.
+
+=====================================================================
+BANNER
+EOF
+
+# bash --login reads ~/.bash_profile (or ~/.profile), not ~/.bashrc, so
+# without this the banner above never runs in the container's CMD shell.
+RUN printf '%s\n' '[[ -f ~/.bashrc ]] && . ~/.bashrc' > /root/.bash_profile
+
+CMD ["bash", "--login"]
@@ -1,630 +1,202 @@
-                  GNU AFFERO GENERAL PUBLIC LICENSE
-                      Version 3, 19 November 2007
-
-  Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.
-
-  This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU Affero General Public License as published by
-the Free Software Foundation, either version 3 of the License, or
-(at your option) any later version.
-
-  This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-GNU Affero General Public License for more details.
-
-  You should have received a copy of the GNU Affero General Public License
-along with this program.  If not, see <https://www.gnu.org/licenses/>.
-
-                            Preamble
-
-  The GNU Affero General Public License is a free, copyleft license for
-software and other kinds of works, specifically designed to ensure
-cooperation with the community in the case of network server software.
-
-  The licenses for most software and other practical works are designed
-to take away your freedom to share and change the works.  By contrast,
-our General Public Licenses are intended to guarantee your freedom to
-share and change all versions of a program--to make sure it remains free
-software for all its users.
-
-  When we speak of free software, we are referring to freedom, not
-price.  Our General Public Licenses are designed to make sure that you
-have the freedom to distribute copies of free software (and charge for
-them if you wish), that you receive source code or can get it if you
-want it, that you can change the software or use pieces of it in new
-free programs, and that you know you can do these things.
-
-  Developers that use our General Public Licenses protect your rights
-with two steps: (1) assert copyright on the software, and (2) offer
-you this License which gives you legal permission to copy, distribute
-and/or modify the software.
-
-  A secondary benefit of defending all users' freedom is that
-improvements made in alternate versions of the program, if they
-receive widespread use, become available for other developers to
-incorporate.  Many developers of free software are heartened and
-encouraged by the resulting cooperation.  However, in the case of
-software used on network servers, this result may fail to come about.
-The GNU General Public License permits making a modified version and
-letting the public access it on a server without ever releasing its
-source code to the public.
-
-  The GNU Affero General Public License is designed specifically to
-ensure that, in such cases, the modified source code becomes available
-to the community.  It requires the operator of a network server to
-provide the source code of the modified version running there to the
-users of that server.  Therefore, public use of a modified version, on
-a publicly accessible server, gives the public access to the source
-code of the modified version.
-
-  An older license, called the Affero General Public License and
-published by Affero, was designed to accomplish similar goals.  This is
-a different license, not a version of the Affero GPL, but Affero has
-released a new version of the Affero GPL which permits relicensing under
-this license.
-
-  The precise terms and conditions for copying, distribution and
-modification follow.
-
-                       TERMS AND CONDITIONS
-
-  0. Definitions.
-
-  "This License" refers to version 3 of the GNU Affero General Public License.
-
-  "Copyright" also means copyright-like laws that apply to other kinds of
-works, such as semiconductor masks.
-
-  "The Program" refers to any copyrightable work licensed under this
-License.  Each licensee is addressed as "you".  "Licensees" and
-"recipients" may be individuals or organizations.
-
-  To "modify" a work means to copy from or adapt all or part of the work
-in a fashion requiring copyright permission, other than the making of an
-exact copy.  The resulting work is called a "modified version" of the
-earlier work or a work "based on" the earlier work.
-
-  A "covered work" means either the unmodified Program or a work based
-on the Program.
-
-  To "propagate" a work means to do anything with it that, without
-permission, would make you directly or secondarily liable for
-infringement under applicable copyright law, except executing it on a
-computer or modifying a private copy.  Propagation includes copying,
-distribution (with or without modification), making available to the
-public, and in some countries other activities as well.
-
-  To "convey" a work means any kind of propagation that enables other
-parties to make or receive copies.  Mere interaction with a user through
-a computer network, with no transfer of a copy, is not conveying.
-
-  An interactive user interface displays "Appropriate Legal Notices"
-to the extent that it includes a convenient and prominently visible
-feature that (1) displays an appropriate copyright notice, and (2)
-tells the user that there is no warranty for the work (except to the
-extent that warranties are provided), that licensees may convey the
-work under this License, and how to view a copy of this License.  If
-the interface presents a list of user commands or options, such as a
-menu, a prominent item in the list meets this criterion.
-
-  1. Source Code.
-
-  The "source code" for a work means the preferred form of the work
-for making modifications to it.  "Object code" means any non-source
-form of a work.
-
-  A "Standard Interface" means an interface that either is an official
-standard defined by a recognized standards body, or, in the case of
-interfaces specified for a particular programming language, one that
-is widely used among developers working in that language.
-
-  The "System Libraries" of an executable work include anything, other
-than the work as a whole, that (a) is included in the normal form of
-packaging a Major Component, but which is not part of that Major
-Component, and (b) serves only to enable use of the work with that
-Major Component, or to implement a Standard Interface for which an
-implementation is available to the public in source code form.  A
-"Major Component", in this context, means a major essential component
-(kernel, window system, and so on) of the specific operating system
-(if any) on which the executable work runs, or a compiler used to
-produce the work, or an object code interpreter used to run it.
-
-  The "Corresponding Source" for a work in object code form means all
-the source code needed to generate, install, and (for an executable
-work) run the object code and to modify the work, including scripts to
-control those activities.  However, it does not include the work's
-System Libraries, or general-purpose tools or generally available free
-programs which are used unmodified in performing those activities but
-which are not part of the work.  For example, Corresponding Source
-includes interface definition files associated with source files for
-the work, and the source code for shared libraries and dynamically
-linked subprograms that the work is specifically designed to require,
-such as by intimate data communication or control flow between those
-subprograms and other parts of the work.
-
-  The Corresponding Source need not include anything that users
-can regenerate automatically from other parts of the Corresponding
-Source.
-
-  The Corresponding Source for a work in source code form is that
-same work.
-
-  2. Basic Permissions.
-
-  All rights granted under this License are granted for the term of
-copyright on the Program, and are irrevocable provided the stated
-conditions are met.  This License explicitly affirms your unlimited
-permission to run the unmodified Program.  The output from running a
-covered work is covered by this License only if the output, given its
-content, constitutes a covered work.  This License acknowledges your
-rights of fair use or other equivalent, as provided by copyright law.
-
-  You may make, run and propagate covered works that you do not
-convey, without conditions so long as your license otherwise remains
-in force.  You may convey covered works to others for the sole purpose
-of having them make modifications exclusively for you, or provide you
-with facilities for running those works, provided that you comply with
-the terms of this License in conveying all material for which you do
-not control copyright.  Those thus making or running the covered works
-for you must do so exclusively on your behalf, under your direction
-and control, on terms that prohibit them from making any copies of
-your copyrighted material outside their relationship with you.
-
-  Conveying under any other circumstances is permitted solely under
-the conditions stated below.  Sublicensing is not allowed; section 10
-makes it unnecessary.
-
-  3. Protecting Users' Legal Rights From Anti-Circumvention Law.
-
-  No covered work shall be deemed part of an effective technological
-measure under any applicable law fulfilling obligations under article
-11 of the WIPO copyright treaty adopted on 20 December 1996, or
-similar laws prohibiting or restricting circumvention of such
-measures.
-
-  When you convey a covered work, you waive any legal power to forbid
-circumvention of technological measures to the extent such circumvention
-is effected by exercising rights under this License with respect to
-the covered work, and you disclaim any intention to limit operation or
-modification of the work as a means of enforcing, against the work's
-users, your or third parties' legal rights to forbid circumvention of
-technological measures.
-
-  4. Conveying Verbatim Copies.
-
-  You may convey verbatim copies of the Program's source code as you
-receive it, in any medium, provided that you conspicuously and
-appropriately publish on each copy an appropriate copyright notice;
-keep intact all notices stating that this License and any
-non-permissive terms added in accord with section 7 apply to the code;
-keep intact all notices of the absence of any warranty; and give all
-recipients a copy of this License along with the Program.
-
-  You may charge any price or no price for each copy that you convey,
-and you may offer support or warranty protection for a fee.
-
-  5. Conveying Modified Source Versions.
-
-  You may convey a work based on the Program, or the modifications to
-produce it from the Program, in the form of source code under the
-terms of section 4, provided that you also meet all of these conditions:
-
-    a) The work must carry prominent notices stating that you modified
-    it, and giving a relevant date.
-
-    b) The work must carry prominent notices stating that it is
-    released under this License and any conditions added under section
-    7.  This requirement modifies the requirement in section 4 to
-    "keep intact all notices".
-
-    c) You must license the entire work, as a whole, under this
-    License to anyone who comes into possession of a copy.  This
-    License will therefore apply, along with any applicable section 7
-    additional terms, to the whole of the work, and all its parts,
-    regardless of how they are packaged.  This License gives no
-    permission to license the work in any other way, but it does not
-    invalidate such permission if you have separately received it.
-
-    d) If the work has interactive user interfaces, each must display
-    Appropriate Legal Notices; however, if the Program has interactive
-    interfaces that do not display Appropriate Legal Notices, your
-    work need not make them do so.
-
-  A compilation of a covered work with other separate and independent
-works, which are not by their nature extensions of the covered work,
-and which are not combined with it such as to form a larger program,
-in or on a volume of a storage or distribution medium, is called an
-"aggregate" if the compilation and its resulting copyright are not
-used to limit the access or legal rights of the compilation's users
-beyond what the individual works permit.  Inclusion of a covered work
-in an aggregate does not cause this License to apply to the other
-parts of the aggregate.
-
-  6. Conveying Non-Source Forms.
-
-  You may convey a covered work in object code form under the terms
-of sections 4 and 5, provided that you also convey the
-machine-readable Corresponding Source under the terms of this License,
-in one of these ways:
-
-    a) Convey the object code in, or embodied in, a physical product
-    (including a physical distribution medium), accompanied by the
-    Corresponding Source fixed on a durable physical medium
-    customarily used for software interchange.
-
-    b) Convey the object code in, or embodied in, a physical product
-    (including a physical distribution medium), accompanied by a
-    written offer, valid for at least three years and valid for as
-    long as you offer spare parts or customer support for that product
-    model, to give anyone who possesses the object code either (1) a
-    copy of the Corresponding Source for all the software in the
-    product that is covered by this License, on a durable physical
-    medium customarily used for software interchange, for a price no
-    more than your reasonable cost of physically performing this
-    conveying of source, or (2) access to copy the
-    Corresponding Source from a network server at no charge.
-
-    c) Convey individual copies of the object code with a copy of the
-    written offer to provide the Corresponding Source.  This
-    alternative is allowed only occasionally and noncommercially, and
-    only if you received the object code with such an offer, in accord
-    with subsection 6b.
-
-    d) Convey the object code by offering access from a designated
-    place (gratis or for a charge), and offer equivalent access to the
-    Corresponding Source in the same way through the same place at no
-    further charge.  You need not require recipients to copy the
-    Corresponding Source along with the object code.  If the place to
-    copy the object code is a network server, the Corresponding Source
-    may be on a different server (operated by you or a third party)
-    that supports equivalent copying facilities, provided you maintain
-    clear directions next to the object code saying where to find the
-    Corresponding Source.  Regardless of what server hosts the
-    Corresponding Source, you remain obligated to ensure that it is
-    available for as long as needed to satisfy these requirements.
-
-    e) Convey the object code using peer-to-peer transmission, provided
-    you inform other peers where the object code and Corresponding
-    Source of the work are being offered to the general public at no
-    charge under subsection 6d.
-
-  A separable portion of the object code, whose source code is excluded
-from the Corresponding Source as a System Library, need not be
-included in conveying the object code work.
-
-  A "User Product" is either (1) a "consumer product", which means any
-tangible personal property which is normally used for personal, family,
-or household purposes, or (2) anything designed or sold for incorporation
-into a dwelling.  In determining whether a product is a consumer product,
-doubtful cases shall be resolved in favor of coverage.  For a particular
-product received by a particular user, "normally used" refers to a
-typical or common use of that class of product, regardless of the status
-of the particular user or of the way in which the particular user
-actually uses, or expects or is expected to use, the product.  A product
-is a consumer product regardless of whether the product has substantial
-commercial, industrial or non-consumer uses, unless such uses represent
-the only significant mode of use of the product.
-
-  "Installation Information" for a User Product means any methods,
-procedures, authorization keys, or other information required to install
-and execute modified versions of a covered work in that User Product from
-a modified version of its Corresponding Source.  The information must
-suffice to ensure that the continued functioning of the modified object
-code is in no case prevented or interfered with solely because
-modification has been made.
-
-  If you convey an object code work under this section in, or with, or
-specifically for use in, a User Product, and the conveying occurs as
-part of a transaction in which the right of possession and use of the
-User Product is transferred to the recipient in perpetuity or for a
-fixed term (regardless of how the transaction is characterized), the
-Corresponding Source conveyed under this section must be accompanied
-by the Installation Information.  But this requirement does not apply
-if neither you nor any third party retains the ability to install
-modified object code on the User Product (for example, the work has
-been installed in ROM).
-
-  The requirement to provide Installation Information does not include a
-requirement to continue to provide support service, warranty, or updates
-for a work that has been modified or installed by the recipient, or for
-the User Product in which it has been modified or installed.  Access to a
-network may be denied when the modification itself materially and
-adversely affects the operation of the network or violates the rules and
-protocols for communication across the network.
-
-  Corresponding Source conveyed, and Installation Information provided,
-in accord with this section must be in a format that is publicly
-documented (and with an implementation available to the public in
-source code form), and must require no special password or key for
-unpacking, reading or copying.
-
-  7. Additional Terms.
-
-  "Additional permissions" are terms that supplement the terms of this
-License by making exceptions from one or more of its conditions.
-Additional permissions that are applicable to the entire Program shall
-be treated as though they were included in this License, to the extent
-that they are valid under applicable law.  If additional permissions
-apply only to part of the Program, that part may be used separately
-under those permissions, but the entire Program remains governed by
-this License without regard to the additional permissions.
-
-  When you convey a copy of a covered work, you may at your option
-remove any additional permissions from that copy, or from any part of
-it.  (Additional permissions may be written to require their own
-removal in certain cases when you modify the work.)  You may place
-additional permissions on material, added by you to a covered work,
-for which you have or can give appropriate copyright permission.
-
-  Notwithstanding any other provision of this License, for material you
-add to a covered work, you may (if authorized by the copyright holders of
-that material) supplement the terms of this License with terms:
-
-    a) Disclaiming warranty or limiting liability differently from the
-    terms of sections 15 and 16 of this License; or
-
-    b) Requiring preservation of specified reasonable legal notices or
-    author attributions in that material or in the Appropriate Legal
-    Notices displayed by works containing it; or
-
-    c) Prohibiting misrepresentation of the origin of that material, or
-    requiring that modified versions of such material be marked in
-    reasonable ways as different from the original version; or
-
-    d) Limiting the use for publicity purposes of names of licensors or
-    authors of the material; or
-
-    e) Declining to grant rights under trademark law for use of some
-    trade names, trademarks, or service marks; or
-
-    f) Requiring indemnification of licensors and authors of that
-    material by anyone who conveys the material (or modified versions of
-    it) with contractual assumptions of liability to the recipient, for
-    any liability that these contractual assumptions directly impose on
-    those licensors and authors.
-
-  All other non-permissive additional terms are considered "further
-restrictions" within the meaning of section 10.  If the Program as you
-received it, or any part of it, contains a notice stating that it is
-governed by this License along with a term that is a further
-restriction, you may remove that term.  If a license document contains
-a further restriction but permits relicensing or conveying under this
-License, you may add to a covered work material governed by the terms
-of that license document, provided that the further restriction does
-not survive such relicensing or conveying.
-
-  If you add terms to a covered work in accord with this section, you
-must place, in the relevant source files, a statement of the
-additional terms that apply to those files, or a notice indicating
-where to find the applicable terms.
-
-  Additional terms, permissive or non-permissive, may be stated in the
-form of a separately written license, or stated as exceptions;
-the above requirements apply either way.
-
-  8. Termination.
-
-  You may not propagate or modify a covered work except as expressly
-provided under this License.  Any attempt otherwise to propagate or
-modify it is void, and will automatically terminate your rights under
-this License (including any patent licenses granted under the third
-paragraph of section 11).
-
-  However, if you cease all violation of this License, then your
-license from a particular copyright holder is reinstated (a)
-provisionally, unless and until the copyright holder explicitly and
-finally terminates your license, and (b) permanently, if the copyright
-holder fails to notify you of the violation by some reasonable means
-prior to 60 days after the cessation.
-
-  Moreover, your license from a particular copyright holder is
-reinstated permanently if the copyright holder notifies you of the
-violation by some reasonable means, this is the first time you have
-received notice of violation of this License (for any work) from that
-copyright holder, and you cure the violation prior to 30 days after
-your receipt of the notice.
-
-  Termination of your rights under this section does not terminate the
-licenses of parties who have received copies or rights from you under
-this License.  If your rights have been terminated and not permanently
-reinstated, you do not qualify to receive new licenses for the same
-material under section 10.
-
-  9. Acceptance Not Required for Having Copies.
-
-  You are not required to accept this License in order to receive or
-run a copy of the Program.  Ancillary propagation of a covered work
-occurring solely as a consequence of using peer-to-peer transmission
-to receive a copy likewise does not require acceptance.  However,
-nothing other than this License grants you permission to propagate or
-modify any covered work.  These actions infringe copyright if you do
-not accept this License.  Therefore, by modifying or propagating a
-covered work, you indicate your acceptance of this License to do so.
-
-  10. Automatic Licensing of Downstream Recipients.
-
-  Each time you convey a covered work, the recipient automatically
-receives a license from the original licensors, to run, modify and
-propagate that work, subject to this License.  You are not responsible
-for enforcing compliance by third parties with this License.
-
-  An "entity transaction" is a transaction transferring control of an
-organization, or substantially all assets of one, or subdividing an
-organization, or merging organizations.  If propagation of a covered
-work results from an entity transaction, each party to that
-transaction who receives a copy of the work also receives whatever
-licenses to the work the party's predecessor in interest had or could
-give under the previous paragraph, plus a right to possession of the
-Corresponding Source of the work from the predecessor in interest, if
-the predecessor has it or can get it with reasonable efforts.
-
-  You may not impose any further restrictions on the exercise of the
-rights granted or affirmed under this License.  For example, you may
-not impose a license fee, royalty, or other charge for exercise of
-rights granted under this License, and you may not initiate litigation
-(including a cross-claim or counterclaim in a lawsuit) alleging that
-any patent claim is infringed by making, using, selling, offering for
-sale, or importing the Program or any portion of it.
-
-  11. Patents.
-
-  A "contributor" is a copyright holder who authorizes use under this
-License of the Program or a work on which the Program is based.  The
-work thus licensed is called the contributor's "contributor version".
-
-  A contributor's "essential patent claims" are all patent claims
-owned or controlled by the contributor, whether already acquired or
-hereafter acquired, that would be infringed by some manner, permitted
-by this License, of making, using, or selling its contributor version,
-but do not include claims that would be infringed only as a
-consequence of further modification of the contributor version.  For
-purposes of this definition, "control" includes the right to grant
-patent sublicenses in a manner consistent with the requirements of
-this License.
-
-  Each contributor grants you a non-exclusive, worldwide, royalty-free
-patent license under the contributor's essential patent claims, to
-make, use, sell, offer for sale, import and otherwise run, modify and
-propagate the contents of its contributor version.
-
-  In the following three paragraphs, a "patent license" is any express
-agreement or commitment, however denominated, not to enforce a patent
-(such as an express permission to practice a patent or covenant not to
-sue for patent infringement).  To "grant" such a patent license to a
-party means to make such an agreement or commitment not to enforce a
-patent against the party.
-
-  If you convey a covered work, knowingly relying on a patent license,
-and the Corresponding Source of the work is not available for anyone
-to copy, free of charge and under the terms of this License, through a
-publicly available network server or other readily accessible means,
-then you must either (1) cause the Corresponding Source to be so
-available, or (2) arrange to deprive yourself of the benefit of the
-patent license for this particular work, or (3) arrange, in a manner
-consistent with the requirements of this License, to extend the patent
-license to downstream recipients.  "Knowingly relying" means you have
-actual knowledge that, but for the patent license, your conveying the
-covered work in a country, or your recipient's use of the covered work
-in a country, would infringe one or more identifiable patents in that
-country that you have reason to believe are valid.
-
-  If, pursuant to or in connection with a single transaction or
-arrangement, you convey, or propagate by procuring conveyance of, a
-covered work, and grant a patent license to some of the parties
-receiving the covered work authorizing them to use, propagate, modify
-or convey a specific copy of the covered work, then the patent license
-you grant is automatically extended to all recipients of the covered
-work and works based on it.
-
-  A patent license is "discriminatory" if it does not include within
-the scope of its coverage, prohibits the exercise of, or is
-conditioned on the non-exercise of one or more of the rights that are
-specifically granted under this License.  You may not convey a covered
-work if you are a party to an arrangement with a third party that is
-in the business of distributing software, under which you make payment
-to the third party based on the extent of your activity of conveying
-the work, and under which the third party grants, to any of the
-parties who would receive the covered work from you, a discriminatory
-patent license (a) in connection with copies of the covered work
-conveyed by you (or copies made from those copies), or (b) primarily
-for and in connection with specific products or compilations that
-contain the covered work, unless you entered into that arrangement,
-or that patent license was granted, prior to 28 March 2007.
-
-  Nothing in this License shall be construed as excluding or limiting
-any implied license or other defenses to infringement that may
-otherwise be available to you under applicable patent law.
-
-  12. No Surrender of Others' Freedom.
-
-  If conditions are imposed on you (whether by court order, agreement or
-otherwise) that contradict the conditions of this License, they do not
-excuse you from the conditions of this License.  If you cannot convey a
-covered work so as to satisfy simultaneously your obligations under this
-License and any other pertinent obligations, then as a consequence you may
-not convey it at all.  For example, if you agree to terms that obligate you
-to collect a royalty for further conveying from those to whom you convey
-the Program, the only way you could satisfy both those terms and this
-License would be to refrain entirely from conveying the Program.
-
-  13. Remote Network Interaction; Use with the GNU General Public License.
-
-  Notwithstanding any other provision of this License, if you modify the
-Program, your modified version must prominently offer all users
-interacting with it remotely through a computer network (if your version
-supports such interaction) an opportunity to receive the Corresponding
-Source of your version by providing access to the Corresponding Source
-from a network server at no charge, through some standard or customary
-means of facilitating copying of software.  This Corresponding Source
-shall include the Corresponding Source for any work covered by version 3
-of the GNU General Public License that is incorporated pursuant to the
-following paragraph.
-
-  Notwithstanding any other provision of this License, you have
-permission to link or combine any covered work with a work licensed
-under version 3 of the GNU General Public License into a single
-combined work, and to convey the resulting work.  The terms of this
-License will continue to apply to the part which is the covered work,
-but the work with which it is combined will remain governed by version
-3 of the GNU General Public License.
-
-  14. Revised Versions of this License.
-
-  The Free Software Foundation may publish revised and/or new versions of
-the GNU Affero General Public License from time to time.  Such new versions
-will be similar in spirit to the present version, but may differ in detail to
-address new problems or concerns.
-
-  Each version is given a distinguishing version number.  If the
-Program specifies that a certain numbered version of the GNU Affero General
-Public License "or any later version" applies to it, you have the
-option of following the terms and conditions either of that numbered
-version or of any later version published by the Free Software
-Foundation.  If the Program does not specify a version number of the
-GNU Affero General Public License, you may choose any version ever published
-by the Free Software Foundation.
-
-  If the Program specifies that a proxy can decide which future
-versions of the GNU Affero General Public License can be used, that proxy's
-public statement of acceptance of a version permanently authorizes you
-to choose that version for the Program.
-
-  Later license versions may give you additional or different
-permissions.  However, no additional obligations are imposed on any
-author or copyright holder as a result of your choosing to follow a
-later version.
-
-  15. Disclaimer of Warranty.
-
-  THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
-APPLICABLE LAW.  EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
-HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
-OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
-THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
-IS WITH YOU.  SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
-ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
-
-  16. Limitation of Liability.
-
-  IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
-WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
-THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
-GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
-USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
-DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
-PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
-EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGES.
-
-  17. Interpretation of Sections 15 and 16.
-
-  If the disclaimer of warranty and limitation of liability provided
-above cannot be given local legal effect according to their terms,
-reviewing courts shall apply local law that most closely approximates
-an absolute waiver of all civil liability in connection with the
-Program, unless a warranty or assumption of liability accompanies a
-copy of the Program in return for a fee.
-
-                     END OF TERMS AND CONDITIONS
+
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
@@ -0,0 +1,8 @@
+Claude-Mem
+Copyright 2026 Alex Newman
+
+This product includes software developed for the Claude-Mem project.
+
+Licensed under the Apache License, Version 2.0.
+
+If other attributions are required by dependencies or included code, add them here.
@@ -49,7 +49,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache%202.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -385,20 +385,17 @@ See [Development Guide](https://docs.claude-mem.ai/development) for contribution

 ## License

-This project is licensed under the **GNU Affero General Public License v3.0** (AGPL-3.0).
+Claude-Mem is licensed under the Apache License 2.0.

-Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.
+We chose Apache-2.0 because durable agentic memory should be easy to embed in
+developer tools, local agents, MCP servers, enterprise systems, robotics stacks,
+and production agent harnesses.

-See the [LICENSE](LICENSE) file for full details.
+See the [LICENSE](LICENSE) file for full details. See [docs/license.md](docs/license.md)
+and [docs/ip-boundary.md](docs/ip-boundary.md) for licensing scope and the
+open/commercial boundary.

-**What This Means:**
-
- You can use, modify, and distribute this software freely
- If you modify and deploy on a network server, you must make your source code available
- Derivative works must also be licensed under AGPL-3.0
- There is NO WARRANTY for this software
-
-**Note on Ragtime**: The `ragtime/` directory is licensed separately under the **PolyForm Noncommercial License 1.0.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.
+**Note on Ragtime**: The `ragtime/` directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

@@ -413,7 +410,7 @@ See the [LICENSE](LICENSE) file for full details.

 ---

-**Built with Claude Agent SDK** | **Powered by Claude Code** | **Made with TypeScript**
+**Built with Claude Agent SDK** | **Works with Claude Code** | **Made with TypeScript**

 ---

@@ -0,0 +1,206 @@
+# Security Policy
+
+## Supported Versions
+
+Only the latest released version of `claude-mem` receives security updates. Please upgrade to the latest version before reporting a vulnerability.
+
+| Version | Supported          |
+| ------- | ------------------ |
+| latest  | :white_check_mark: |
+| older   | :x:                |
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability in claude-mem, please report it by:
+
+1. **DO NOT** create a public GitHub issue, pull request, or discussion
+2. Email **alex@cmem.ai** with details, OR use GitHub's "Report a vulnerability" button under the Security tab to open a private security advisory
+3. Include steps to reproduce, impact assessment, affected version(s), and suggested fixes if possible
+
+**Scope:** This policy covers the `claude-mem` plugin and its bundled components (hooks, worker service, SQLite/Chroma sync, viewer UI, search/planning skills). Issues in upstream dependencies should be reported to those projects directly, but feel free to flag them to us as well.
+
+We take security seriously, will acknowledge valid reports within 48 hours, and aim to ship a fix in the next release.
+
+## Security Measures
+
+### Command Injection Prevention
+
+Claude-mem executes system commands for git operations and process management. We have implemented comprehensive protections against command injection:
+
+#### Safe Command Execution
+- **Array-based Arguments:** All commands use array-based arguments to prevent shell interpretation
+- **No Shell Execution:** `shell: false` is explicitly set for all spawn operations involving user input
+- **Input Validation:** All user-controlled parameters are validated before use
+
+#### Example Safe Pattern
+```typescript
+// ✅ SAFE: Array-based arguments with validation
+if (!isValidBranchName(userInput)) {
+  throw new Error('Invalid input');
+}
+spawnSync('git', ['checkout', userInput], { shell: false });
+
+// ❌ UNSAFE: Never do this
+execSync(`git checkout ${userInput}`);
+```
+
+### Input Validation
+
+All user-controlled inputs are validated using whitelists and strict patterns:
+
+- **Branch Names:** Must match `/^[a-zA-Z0-9][a-zA-Z0-9._/-]*$/` and not contain `..`
+- **Port Numbers:** Must be numeric and within range 1024-65535
+- **File Paths:** All paths are joined using `path.join()` to prevent traversal
+
+### Process Management
+
+- **PID File Protection:** Process IDs are stored in user's data directory (`~/.claude-mem/`)
+- **Port Validation:** Worker port is validated before binding
+- **Health Checks:** Worker health is verified before processing requests
+
+### Privacy Controls
+
+Claude-mem includes dual-tag system for content privacy:
+
+- `<private>content</private>` - User-level privacy (prevents storage)
+- `<claude-mem-context>content</claude-mem-context>` - System-level tag (prevents recursive storage)
+
+Tags are stripped at the hook layer before data reaches worker/database.
+
+## Security Audit History
+
+### 2025-12-16: Command Injection Vulnerability (Issue #354)
+- **Severity:** CRITICAL
+- **Status:** RESOLVED
+- **Affected Versions:** All versions prior to fix
+- **Fixed In:** Current version
+- **Vulnerabilities Found:** 3
+- **Vulnerabilities Fixed:** 3
+
+**Summary of Fixes:**
+1. Replaced string interpolation with array-based arguments in `BranchManager.ts`
+2. Added `isValidBranchName()` validation function
+3. Removed unnecessary shell usage in `bun-path.ts`
+4. Created comprehensive security test suite
+
+## Security Best Practices for Contributors
+
+### When Adding Command Execution
+
+1. **NEVER use shell with user input:**
+   ```typescript
+   // ❌ NEVER
+   execSync(`command ${userInput}`);
+   spawn('command', [...], { shell: true });
+
+   // ✅ ALWAYS
+   spawnSync('command', [userInput], { shell: false });
+   ```
+
+2. **ALWAYS validate user input:**
+   ```typescript
+   if (!isValidInput(userInput)) {
+     throw new Error('Invalid input');
+   }
+   ```
+
+3. **Use array-based arguments:**
+   ```typescript
+   // ❌ NEVER
+   execSync(`git ${command} ${arg}`);
+
+   // ✅ ALWAYS
+   spawnSync('git', [command, arg], { shell: false });
+   ```
+
+4. **Explicitly set shell: false:**
+   ```typescript
+   spawnSync('command', args, { shell: false });
+   ```
+
+### When Adding User Input
+
+1. **Whitelist validation** over blacklist
+2. **Strict regex patterns** for format validation
+3. **Type checking** for expected data types
+4. **Range validation** for numeric inputs
+5. **Length limits** for string inputs
+
+### Code Review Checklist
+
+Before submitting a PR with command execution or user input handling:
+
+- [ ] No `execSync` with string interpolation or template literals
+- [ ] No `shell: true` when user input is involved
+- [ ] All spawn/spawnSync calls use array arguments
+- [ ] Input validation is present for all user-controlled parameters
+- [ ] Security tests are added for new attack vectors
+- [ ] Code follows the safe patterns described above
+
+## Dependencies
+
+We regularly audit dependencies for vulnerabilities:
+
+- **npm audit:** Run before each release
+- **Dependabot:** Enabled for automatic security updates
+- **Manual Review:** Critical dependencies reviewed quarterly
+
+## Data Storage
+
+Claude-mem stores data locally in `~/.claude-mem/`:
+
+- **Database:** SQLite3 at `~/.claude-mem/claude-mem.db`
+- **Vector Store:** Chroma at `~/.claude-mem/chroma/`
+- **Logs:** `~/.claude-mem/logs/`
+- **Settings:** `~/.claude-mem/settings.json`
+
+All claude-mem state files (database, vector store, logs, settings, supervisor and PID files) are written to the local user directory and are not uploaded by claude-mem itself. Claude-mem does not collect telemetry.
+
+However, by design claude-mem invokes upstream model providers and optional integrations to do its work, so observation/transcript/prompt content can leave the machine through those channels:
+
+- **Claude Agent SDK** (default summarization/observation path): sends prompts and transcript context to Anthropic's API.
+- **Alternate providers** (`gemini`, `openrouter`): when configured, send the same context to those providers instead.
+- **Chroma MCP / `chroma-mcp`**: when enabled, computes embeddings via the configured embedding backend, which may be a remote API depending on the user's chroma-mcp configuration.
+- **OAuth / keychain reads**: claude-mem reads the Claude Code OAuth token from the platform-native credential store at spawn time. The token is injected into worker subprocesses but is not transmitted by claude-mem.
+- **GitHub releases / npm registry**: version-check and self-update flows fetch metadata from public registries.
+
+Review your provider/Chroma configuration in `~/.claude-mem/settings.json` and `~/.claude-mem/.env` before sending sensitive content. Use `<private>...</private>` tags to keep specific content out of the local store.
+
+## Permissions
+
+Claude-mem requires:
+
+- **File System:** Read/write to `~/.claude-mem/` and `~/.claude/plugins/`
+- **Network:** HTTP server on localhost (default port 37777)
+- **Process Management:** Spawn worker processes, manage PIDs
+
+No elevated privileges (root/administrator) are required.
+
+## Secure Defaults
+
+- **Worker Host:** Binds to `127.0.0.1` by default (localhost only)
+- **Worker Port:** User-configurable, validates range 1024-65535
+- **Log Level:** INFO by default (no sensitive data in logs)
+- **Privacy Tags:** Auto-strips private content before storage
+
+## Updates
+
+Security patches are released as soon as possible after discovery. Users should:
+
+1. Keep claude-mem updated to the latest version
+2. Monitor GitHub releases for security announcements
+3. Review [CHANGELOG.md](./CHANGELOG.md) for security-related changes
+
+## Questions?
+
+For security-related questions (non-vulnerabilities), please:
+
+1. Review code comments in security-critical files
+2. Open a GitHub Discussion (not an Issue) for general security questions
+3. For sensitive questions, email **alex@cmem.ai**
+
+---
+
+**Last Updated:** 2026-05-03
+**Last Audit:** 2025-12-16 (Issue #354)
+**Next Scheduled Audit:** 2026-09-16
@@ -1,7 +1,2 @@
 [test]
-# Force each test file into its own worker process.
-# Prevents mock.module() calls (which are permanent within a worker)
-# from leaking across test files in parallel runs.
-# Note: smol=true increases test startup time by spawning one Bun process per file.
-# See: https://github.com/thedotmack/claude-mem/issues/1299
 smol = true
@@ -1,6 +0,0 @@
-{
-    "scripts": {
-        "setup": "cp ../settings.local.json .claude/settings.local.json && npm install",
-        "run": "npm run build-and-sync"
-    }
-}
@@ -1,3 +1,2 @@
-# Ignore backup files created by sed
 *.bak

@@ -0,0 +1,23 @@
+# Phase 10 — E2E driver overlay. Adds a one-shot Node container that hits
+# the server-beta HTTP service across the compose network. Pairs with
+# scripts/e2e-server-beta-docker.sh.
+services:
+  server-beta-e2e:
+    image: node:20-alpine
+    depends_on:
+      claude-mem-server:
+        condition: service_healthy
+      valkey:
+        condition: service_healthy
+      postgres:
+        condition: service_healthy
+    environment:
+      E2E_BASE_URL: http://claude-mem-server:37877
+      E2E_REDIS_HOST: valkey
+      E2E_REDIS_PORT: 6379
+      E2E_POSTGRES_HOST: postgres
+      E2E_POSTGRES_PORT: 5432
+    volumes:
+      - ./docker/e2e:/e2e:ro
+    working_dir: /e2e
+    command: ["node", "/e2e/server-beta-e2e.mjs"]
@@ -0,0 +1,144 @@
+# Phase 10 — server-beta deployable runtime.
+#
+# Stack: Postgres (canonical storage) + Valkey (BullMQ queue) +
+#        claude-mem-server (HTTP, no generation) +
+#        claude-mem-worker (BullMQ generation consumer).
+#
+# SECURITY: This file MUST NOT be deployed unmodified to any environment
+# that is reachable from the public internet, including staging behind a
+# VPN where lateral movement is possible. The Postgres credentials are
+# required env vars (no defaults) — start the stack with a `.env` file or
+# inline `POSTGRES_USER=... POSTGRES_PASSWORD=... docker compose up`. The
+# stack will refuse to start if any required secret is missing.
+#
+# The legacy `worker-service.cjs` runtime is NEVER spawned in this stack.
+# `claude-mem-server` runs `server-beta-service.cjs --daemon`; the
+# `claude-mem-worker` service runs `server-beta-service.cjs worker start`
+# from the same image. Scale generation via:
+#   docker compose up -d --scale claude-mem-worker=N
+#
+# Required env vars (validated at startup by validateServerBetaEnv()):
+#   CLAUDE_MEM_RUNTIME=server-beta
+#   CLAUDE_MEM_QUEUE_ENGINE=bullmq
+#   CLAUDE_MEM_SERVER_DATABASE_URL=postgres://...
+#   CLAUDE_MEM_REDIS_URL=redis://valkey:6379
+#   CLAUDE_MEM_AUTH_MODE=api-key   (local-dev is REJECTED inside Docker)
+#
+# Required secrets (no defaults — must be supplied in env or .env):
+#   POSTGRES_USER
+#   POSTGRES_PASSWORD
+#   POSTGRES_DB
+
+services:
+  postgres:
+    image: postgres:17-alpine
+    environment:
+      POSTGRES_USER: ${POSTGRES_USER:?POSTGRES_USER is required}
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?POSTGRES_PASSWORD is required}
+      POSTGRES_DB: ${POSTGRES_DB:?POSTGRES_DB is required}
+    volumes:
+      - postgres-data:/var/lib/postgresql/data
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U \"$$POSTGRES_USER\" -d \"$$POSTGRES_DB\""]
+      interval: 5s
+      timeout: 3s
+      retries: 12
+      start_period: 5s
+
+  valkey:
+    image: valkey/valkey:8-alpine
+    # BullMQ requires noeviction; AOF gives durability across restarts.
+    command:
+      - valkey-server
+      - --appendonly
+      - "yes"
+      - --appendfsync
+      - everysec
+      - --maxmemory-policy
+      - noeviction
+    volumes:
+      - valkey-data:/data
+    healthcheck:
+      test: ["CMD", "valkey-cli", "ping"]
+      interval: 5s
+      timeout: 3s
+      retries: 12
+
+  claude-mem-server:
+    build:
+      context: .
+      dockerfile: docker/claude-mem/Dockerfile
+    depends_on:
+      postgres:
+        condition: service_healthy
+      valkey:
+        condition: service_healthy
+    environment:
+      CLAUDE_MEM_CONTAINER_MODE: server
+      CLAUDE_MEM_DOCKER: "1"
+      CLAUDE_MEM_RUNTIME: server-beta
+      CLAUDE_MEM_HOST: 0.0.0.0
+      CLAUDE_MEM_SERVER_HOST: 0.0.0.0
+      CLAUDE_MEM_SERVER_PORT: "37877"
+      # Legacy var some libraries still read; keep aligned with server port
+      # so the existing E2E driver and viewer continue to work.
+      CLAUDE_MEM_WORKER_HOST: 0.0.0.0
+      CLAUDE_MEM_WORKER_PORT: "37877"
+      CLAUDE_MEM_DATA_DIR: /data/claude-mem
+      CLAUDE_MEM_QUEUE_ENGINE: bullmq
+      CLAUDE_MEM_REDIS_URL: redis://valkey:6379
+      CLAUDE_MEM_REDIS_MODE: docker
+      CLAUDE_MEM_SERVER_DATABASE_URL: postgres://${POSTGRES_USER:?POSTGRES_USER is required}:${POSTGRES_PASSWORD:?POSTGRES_PASSWORD is required}@postgres:5432/${POSTGRES_DB:?POSTGRES_DB is required}
+      CLAUDE_MEM_AUTH_MODE: api-key
+      CLAUDE_MEM_CHROMA_ENABLED: "false"
+      # The HTTP service does not consume BullMQ jobs; the worker container
+      # does. This split keeps HTTP latency unaffected by provider calls.
+      CLAUDE_MEM_GENERATION_DISABLED: "true"
+    ports:
+      - "37877:37877"
+    volumes:
+      - claude-mem-data:/data/claude-mem
+    healthcheck:
+      test: ["CMD", "curl", "-fsS", "http://127.0.0.1:37877/healthz"]
+      interval: 10s
+      timeout: 3s
+      retries: 12
+      start_period: 20s
+
+  claude-mem-worker:
+    build:
+      context: .
+      dockerfile: docker/claude-mem/Dockerfile
+    depends_on:
+      postgres:
+        condition: service_healthy
+      valkey:
+        condition: service_healthy
+      claude-mem-server:
+        condition: service_healthy
+    environment:
+      CLAUDE_MEM_CONTAINER_MODE: worker
+      CLAUDE_MEM_DOCKER: "1"
+      CLAUDE_MEM_RUNTIME: server-beta
+      CLAUDE_MEM_DATA_DIR: /data/claude-mem
+      CLAUDE_MEM_QUEUE_ENGINE: bullmq
+      CLAUDE_MEM_REDIS_URL: redis://valkey:6379
+      CLAUDE_MEM_REDIS_MODE: docker
+      CLAUDE_MEM_SERVER_DATABASE_URL: postgres://${POSTGRES_USER:?POSTGRES_USER is required}:${POSTGRES_PASSWORD:?POSTGRES_PASSWORD is required}@postgres:5432/${POSTGRES_DB:?POSTGRES_DB is required}
+      CLAUDE_MEM_AUTH_MODE: api-key
+      CLAUDE_MEM_CHROMA_ENABLED: "false"
+      # Provider configuration. ANTHROPIC_API_KEY (or
+      # CLAUDE_MEM_ANTHROPIC_API_KEY) is required for real generation; the
+      # worker stays running but never produces observations without one.
+      CLAUDE_MEM_SERVER_PROVIDER: ${CLAUDE_MEM_SERVER_PROVIDER:-claude}
+      ANTHROPIC_API_KEY: ${ANTHROPIC_API_KEY:-}
+      CLAUDE_MEM_ANTHROPIC_API_KEY: ${CLAUDE_MEM_ANTHROPIC_API_KEY:-}
+      GEMINI_API_KEY: ${GEMINI_API_KEY:-}
+      OPENROUTER_API_KEY: ${OPENROUTER_API_KEY:-}
+    volumes:
+      - claude-mem-data:/data/claude-mem
+
+volumes:
+  claude-mem-data:
+  postgres-data:
+  valkey-data:
@@ -0,0 +1,67 @@
+
+FROM node:20
+
+ENV DEBIAN_FRONTEND=noninteractive
+
+RUN apt-get update \
+ && apt-get install -y --no-install-recommends \
+      git \
+      curl \
+      ca-certificates \
+      unzip \
+      jq \
+      less \
+      procps \
+      uuid-runtime \
+      sqlite3 \
+ && apt-get clean && rm -rf /var/lib/apt/lists/*
+
+ARG BUN_VERSION=1.3.12
+ENV BUN_INSTALL="/usr/local/bun"
+RUN curl -fsSL https://bun.sh/install | bash -s "bun-v${BUN_VERSION}" \
+ && chmod -R a+rX /usr/local/bun
+ENV PATH="/usr/local/bun/bin:${PATH}"
+
+ARG UV_VERSION=0.11.7
+ENV UV_INSTALL_DIR="/usr/local/bin"
+RUN set -eux \
+ && curl -LsSf "https://astral.sh/uv/${UV_VERSION}/install.sh" | sh \
+ && { chmod a+rX /usr/local/bin/uv /usr/local/bin/uvx 2>/dev/null || true; }
+
+RUN mkdir -p /usr/local/share/npm-global \
+ && chown -R node:node /usr/local/share/npm-global
+ENV NPM_CONFIG_PREFIX=/usr/local/share/npm-global
+ENV PATH="/usr/local/share/npm-global/bin:${PATH}"
+
+ARG CLAUDE_CODE_VERSION=latest
+USER node
+RUN npm install -g @anthropic-ai/claude-code@${CLAUDE_CODE_VERSION}
+
+USER root
+COPY plugin/ /opt/claude-mem/
+RUN chown -R node:node /opt/claude-mem
+
+USER node
+RUN cd /opt/claude-mem \
+ && npm install --omit=dev --legacy-peer-deps
+
+USER root
+RUN mkdir -p /home/node/.claude /home/node/.claude-mem /data/claude-mem \
+ && chown -R node:node /home/node/.claude /home/node/.claude-mem /data/claude-mem
+
+COPY --chown=node:node docker/claude-mem/entrypoint.sh /usr/local/bin/claude-mem-entrypoint
+RUN chmod +x /usr/local/bin/claude-mem-entrypoint
+
+USER node
+WORKDIR /home/node
+
+# Phase 10 — server-beta runtime is the only foregrounded process. The legacy
+# worker binaries remain available for tooling but are NEVER spawned by the
+# entrypoint. Mode selection happens via CLAUDE_MEM_CONTAINER_MODE
+# (server | worker | shell). `docker run ... bash` works because shell mode
+# falls through to "$@".
+ENV CLAUDE_MEM_CONTAINER_MODE=server
+ENV CLAUDE_MEM_RUNTIME=server-beta
+
+ENTRYPOINT ["/usr/local/bin/claude-mem-entrypoint"]
+CMD []
@@ -0,0 +1,135 @@
+# claude-mem Docker harness
+
+A minimal container for exercising claude-mem end-to-end without polluting your
+host. Not a dev environment — just enough to boot `claude` with the locally-built
+plugin and capture observations into a throwaway SQLite DB you can inspect
+afterwards.
+
+## Files
+
+| File | Purpose |
+|------|---------|
+| `Dockerfile` | Image definition (node:20 + Bun + uv + Claude Code CLI + local `plugin/`) |
+| `build.sh` | Runs `npm run build` then `docker build`. Tag defaults to `claude-mem:basic`. |
+| `entrypoint.sh` | Runs inside the container. Seeds OAuth creds into `$HOME/.claude/` if mounted, then `exec "$@"`. |
+| `run.sh` | Host-side launcher. Extracts creds (Keychain → file → env), mounts a persistent data dir, drops you into an interactive shell. |
+
+## Quick start
+
+```bash
+# From the repo root:
+docker/claude-mem/build.sh
+docker/claude-mem/run.sh
+```
+
+`run.sh` drops you into `bash` inside the container with `claude` on `PATH` and
+the plugin pre-staged at `/opt/claude-mem`. Launch it with:
+
+```bash
+claude --plugin-dir /opt/claude-mem
+```
+
+On exit, the SQLite DB survives at `./.docker-claude-mem-data/claude-mem.db` on
+the host — inspect with:
+
+```bash
+sqlite3 .docker-claude-mem-data/claude-mem.db 'select count(*) from observations'
+```
+
+## What's in the image
+
+Mirrors the layout of [anthropics/claude-code's devcontainer](https://github.com/anthropics/claude-code/blob/main/.devcontainer/Dockerfile):
+`FROM node:20`, non-root `node` user, global `npm install -g @anthropic-ai/claude-code`.
+Skips the firewall/zsh/fzf/delta/git-hist tooling since this image is about
+running claude-mem, not editing code.
+
+On top of that:
+
+- **Bun** (`/usr/local/bun`) — claude-mem's worker service runtime
+- **uv** (`/usr/local/bin/uv`) — provides Python for Chroma per `CLAUDE.md`
+- **`plugin/`** copied to `/opt/claude-mem` — the locally-built plugin tree
+- **`/home/node/.claude`** and **`/home/node/.claude-mem`** — pre-created mount points
+
+Layer ordering is deliberate: plugin files are copied **after** the `npm install`
+layer so iterating on the plugin doesn't bust the CLI install cache.
+
+## Pinning versions
+
+Everything that matters is a `--build-arg` — pin for reproducibility, omit for
+latest:
+
+```bash
+docker build \
+  -f docker/claude-mem/Dockerfile \
+  --build-arg BUN_VERSION=1.3.12 \
+  --build-arg UV_VERSION=0.11.7 \
+  --build-arg CLAUDE_CODE_VERSION=1.2.3 \
+  -t claude-mem:basic .
+```
+
+| Arg | Default | Notes |
+|-----|---------|-------|
+| `BUN_VERSION` | `1.3.12` | Installed via the official `bun.sh/install` script, tag `bun-v${BUN_VERSION}`. |
+| `UV_VERSION` | `0.11.7` | Installed via the versioned `astral.sh/uv/${UV_VERSION}/install.sh`. |
+| `CLAUDE_CODE_VERSION` | `latest` | npm tag or exact version. Pin in CI, let it float locally. |
+
+## Authentication
+
+`run.sh` picks the first auth source that works, in this order:
+
+1. **`ANTHROPIC_API_KEY`** env var — mounted straight into the container.
+2. **macOS Keychain** — `security find-generic-password -s 'Claude Code-credentials'`.
+3. **`~/.claude/.credentials.json`** — legacy on-disk form, still present on some
+   older CLI installs and migrated machines.
+
+If a credentials file is used, it's written to a `mktemp` file with `chmod 600`,
+mounted read-only at `/auth/.credentials.json`, and the container's entrypoint
+copies it to `$HOME/.claude/.credentials.json` before exec. An `EXIT` trap
+deletes the temp file when `run.sh` returns — `docker run` is deliberately **not**
+`exec`'d so the trap gets a chance to fire.
+
+If no auth source is found, `run.sh` exits with an error pointing you at
+`claude login` or `ANTHROPIC_API_KEY`.
+
+## Manual invocation (without `run.sh`)
+
+```bash
+docker run --rm -it \
+  -v $(mktemp -d):/home/node/.claude-mem \
+  -e CLAUDE_MEM_CREDENTIALS_FILE=/auth/.credentials.json \
+  -v /path/to/creds.json:/auth/.credentials.json:ro \
+  claude-mem:basic
+```
+
+Or with API key auth:
+
+```bash
+docker run --rm -it \
+  -v $(mktemp -d):/home/node/.claude-mem \
+  -e ANTHROPIC_API_KEY \
+  claude-mem:basic
+```
+
+## Environment variables
+
+| Var | Where | Purpose |
+|-----|-------|---------|
+| `TAG` | `build.sh`, `run.sh` | Override image tag (default `claude-mem:basic`). |
+| `HOST_MEM_DIR` | `run.sh` | Override host path for the persistent `.claude-mem` volume (default `$REPO_ROOT/.docker-claude-mem-data`). |
+| `ANTHROPIC_API_KEY` | `run.sh`, entrypoint | API-key auth. Skips the OAuth creds extraction. |
+| `CLAUDE_MEM_CREDENTIALS_FILE` | entrypoint | Path (inside the container) to a mounted OAuth creds JSON. Copied to `$HOME/.claude/.credentials.json` at startup. |
+
+## Passing args through
+
+Anything after `run.sh` is forwarded to the container as the command:
+
+```bash
+docker/claude-mem/run.sh claude --plugin-dir /opt/claude-mem --print "what did we learn yesterday?"
+```
+
+## Cleanup
+
+```bash
+rm -rf .docker-claude-mem-data   # wipes the persistent DB + Chroma store
+docker rmi claude-mem:basic       # removes the image
+```
@@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+REPO_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
+TAG="${TAG:-claude-mem:basic}"
+
+cd "$REPO_ROOT"
+
+echo "[build] npm run build"
+npm run build
+
+echo "[build] docker build -t $TAG"
+docker build \
+  -f docker/claude-mem/Dockerfile \
+  -t "$TAG" \
+  "$REPO_ROOT"
+
+echo "[build] done: $TAG"
@@ -0,0 +1,61 @@
+#!/usr/bin/env bash
+
+# Phase 10 — server-beta container entrypoint. The container ALWAYS runs the
+# server-beta runtime; the legacy worker is never started here. Generation can
+# be split into a separate `claude-mem server worker start` process by setting
+# CLAUDE_MEM_GENERATION_DISABLED=true on this service and running the worker
+# command in a sibling container.
+
+set -euo pipefail
+
+mkdir -p "$HOME/.claude" "$HOME/.claude-mem"
+
+if [[ -n "${CLAUDE_MEM_CREDENTIALS_FILE:-}" ]]; then
+  if [[ ! -f "$CLAUDE_MEM_CREDENTIALS_FILE" ]]; then
+    echo "ERROR: CLAUDE_MEM_CREDENTIALS_FILE set but file missing: $CLAUDE_MEM_CREDENTIALS_FILE" >&2
+    exit 1
+  fi
+  cp "$CLAUDE_MEM_CREDENTIALS_FILE" "$HOME/.claude/.credentials.json"
+  chmod 600 "$HOME/.claude/.credentials.json"
+fi
+
+export PATH="/usr/local/bun/bin:/usr/local/share/npm-global/bin:$PATH"
+
+# Mark this process tree as running inside Docker so server-beta env
+# validation can refuse local-dev auth and require the full Postgres+Valkey
+# configuration. /.dockerenv is also detected automatically; this is belt-
+# and-suspenders for runtimes that don't expose it.
+export CLAUDE_MEM_DOCKER=1
+export CLAUDE_MEM_RUNTIME="${CLAUDE_MEM_RUNTIME:-server-beta}"
+
+SERVER_BETA_SCRIPT="/opt/claude-mem/scripts/server-beta-service.cjs"
+
+# Mode selection:
+#   CLAUDE_MEM_CONTAINER_MODE=server (default) — HTTP server-beta, no worker
+#   CLAUDE_MEM_CONTAINER_MODE=worker          — BullMQ generation worker only
+#   CLAUDE_MEM_CONTAINER_MODE=shell           — fall through to "$@" for tooling
+MODE="${CLAUDE_MEM_CONTAINER_MODE:-server}"
+
+case "$MODE" in
+  server)
+    echo "[claude-mem] starting server-beta runtime (HTTP, no legacy worker)" >&2
+    exec bun "$SERVER_BETA_SCRIPT" --daemon
+    ;;
+  worker)
+    echo "[claude-mem] starting server-beta generation worker (no HTTP)" >&2
+    # Force generation enabled in the worker process even if the env var was
+    # set on the shared compose file; the worker IS the generation process.
+    unset CLAUDE_MEM_GENERATION_DISABLED
+    exec bun "$SERVER_BETA_SCRIPT" worker start
+    ;;
+  shell|tooling)
+    if [[ $# -eq 0 ]]; then
+      exec bash
+    fi
+    exec "$@"
+    ;;
+  *)
+    echo "ERROR: unknown CLAUDE_MEM_CONTAINER_MODE=$MODE (expected: server, worker, shell)" >&2
+    exit 1
+    ;;
+esac
@@ -0,0 +1,51 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+REPO_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
+TAG="${TAG:-claude-mem:basic}"
+
+HOST_MEM_DIR="${HOST_MEM_DIR:-$REPO_ROOT/.docker-claude-mem-data}"
+mkdir -p "$HOST_MEM_DIR"
+echo "[run] host .claude-mem dir: $HOST_MEM_DIR" >&2
+
+CREDS_FILE=""
+CREDS_MOUNT_ARGS=()
+if [[ -z "${ANTHROPIC_API_KEY:-}" ]]; then
+  CREDS_FILE="$(mktemp -t claude-mem-creds.XXXXXX.json)"
+  trap 'rm -f "$CREDS_FILE"' EXIT
+
+  creds_obtained=0
+  if [[ "$(uname)" == "Darwin" ]]; then
+    if security find-generic-password -s 'Claude Code-credentials' -w > "$CREDS_FILE" 2>/dev/null \
+       && [[ -s "$CREDS_FILE" ]]; then
+      creds_obtained=1
+    fi
+  fi
+  if [[ "$creds_obtained" -eq 0 && -f "$HOME/.claude/.credentials.json" ]]; then
+    cp "$HOME/.claude/.credentials.json" "$CREDS_FILE"
+    creds_obtained=1
+  fi
+  if [[ "$creds_obtained" -eq 0 ]]; then
+    echo "ERROR: no ANTHROPIC_API_KEY set and no Claude OAuth credentials found." >&2
+    echo "       Tried: macOS Keychain ('Claude Code-credentials') and ~/.claude/.credentials.json." >&2
+    echo "       Run \`claude login\` on the host first, or set ANTHROPIC_API_KEY." >&2
+    exit 1
+  fi
+  chmod 600 "$CREDS_FILE"
+  CREDS_MOUNT_ARGS=(
+    -e CLAUDE_MEM_CREDENTIALS_FILE=/auth/.credentials.json
+    -v "$CREDS_FILE:/auth/.credentials.json:ro"
+  )
+else
+  CREDS_MOUNT_ARGS=(-e ANTHROPIC_API_KEY)
+fi
+
+TTY_ARGS=()
+[[ -t 0 && -t 1 ]] && TTY_ARGS=(-it)
+
+docker run --rm ${TTY_ARGS[@]+"${TTY_ARGS[@]}"} \
+  "${CREDS_MOUNT_ARGS[@]}" \
+  -v "$HOST_MEM_DIR:/home/node/.claude-mem" \
+  "$TAG" \
+  "$@"
@@ -0,0 +1,302 @@
+// Phase 10 — Docker E2E driver for server-beta. Verifies the
+// runtime-relevant slice of the API actually shipped in the Postgres routes:
+//
+//   - GET  /healthz          — server is alive
+//   - GET  /api/readiness    — Postgres bootstrap completed
+//   - GET  /api/health       — BullMQ queue engine is bullmq + redis ok
+//   - POST /v1/sessions/start, /v1/sessions/:id/end
+//   - POST /v1/events?wait=true (returns generationJob descriptor)
+//   - GET  /v1/events/:id    — read-back via team scope
+//   - GET  /v1/jobs/:id      — generation job status
+//   - 401/403 paths for missing/invalid/revoked keys
+
+import net from 'node:net';
+
+const baseUrl = process.env.E2E_BASE_URL ?? 'http://claude-mem-server:37877';
+const redisHost = process.env.E2E_REDIS_HOST ?? 'valkey';
+const redisPort = Number.parseInt(process.env.E2E_REDIS_PORT ?? '6379', 10);
+const phase = process.env.E2E_PHASE ?? 'phase1';
+const apiKey = requiredEnv('E2E_API_KEY');
+const readOnlyKey = process.env.E2E_READ_ONLY_API_KEY ?? '';
+const revokedKey = process.env.E2E_REVOKED_API_KEY ?? '';
+const runId = process.env.E2E_RUN_ID ?? `e2e-${Date.now()}`;
+const projectIdFromEnv = process.env.E2E_PROJECT_ID ?? '';
+
+function requiredEnv(key) {
+  const value = process.env[key];
+  if (!value) {
+    throw new Error(`${key} is required`);
+  }
+  return value;
+}
+
+function assert(condition, message) {
+  if (!condition) {
+    throw new Error(message);
+  }
+}
+
+async function sleep(ms) {
+  await new Promise(resolve => setTimeout(resolve, ms));
+}
+
+async function request(path, options = {}) {
+  const headers = {
+    ...(options.json !== undefined ? { 'content-type': 'application/json' } : {}),
+    ...(options.apiKey ? { authorization: `Bearer ${options.apiKey}` } : {}),
+    ...(options.headers ?? {}),
+  };
+  return fetch(`${baseUrl}${path}`, {
+    method: options.method ?? (options.json === undefined ? 'GET' : 'POST'),
+    headers,
+    body: options.json === undefined ? undefined : JSON.stringify(options.json),
+  });
+}
+
+async function json(response) {
+  const text = await response.text();
+  try {
+    return text ? JSON.parse(text) : null;
+  } catch (error) {
+    throw new Error(`Invalid JSON response (${response.status}): ${text}\n${error instanceof Error ? error.message : String(error)}`);
+  }
+}
+
+async function requestJson(path, options = {}) {
+  const response = await request(path, options);
+  const body = await json(response);
+  return { response, body };
+}
+
+async function expectStatus(path, status, options = {}) {
+  const response = await request(path, options);
+  assert(response.status === status, `${path} expected HTTP ${status}, got ${response.status}: ${await response.text()}`);
+}
+
+async function waitForReadiness() {
+  const deadline = Date.now() + 120_000;
+  let lastError = '';
+  while (Date.now() < deadline) {
+    try {
+      const health = await request('/healthz');
+      const readiness = await request('/api/readiness');
+      if (health.ok && readiness.ok) {
+        return;
+      }
+      lastError = `health=${health.status} readiness=${readiness.status}`;
+    } catch (error) {
+      lastError = error instanceof Error ? error.message : String(error);
+    }
+    await sleep(1000);
+  }
+  throw new Error(`Server did not become ready: ${lastError}`);
+}
+
+async function assertRedisPing() {
+  const result = await new Promise((resolve, reject) => {
+    const socket = net.createConnection({ host: redisHost, port: redisPort });
+    socket.setTimeout(3000);
+    let data = '';
+    socket.on('connect', () => socket.write('*1\r\n$4\r\nPING\r\n'));
+    socket.on('data', chunk => {
+      data += chunk.toString('utf8');
+      if (data.includes('PONG')) {
+        socket.end();
+        resolve(data);
+      }
+    });
+    socket.on('timeout', () => {
+      socket.destroy();
+      reject(new Error('Redis PING timed out'));
+    });
+    socket.on('error', reject);
+    socket.on('close', () => {
+      if (!data.includes('PONG')) {
+        reject(new Error(`Redis PING failed: ${data}`));
+      }
+    });
+  });
+  assert(String(result).includes('PONG'), `Redis did not return PONG: ${result}`);
+}
+
+async function assertQueueHealth() {
+  const { response, body } = await requestJson('/api/health');
+  assert(response.ok, `/api/health expected OK, got ${response.status}`);
+  assert(body.queue?.engine === 'bullmq', `expected BullMQ queue engine, got ${JSON.stringify(body.queue)}`);
+  assert(body.queue?.redis?.status === 'ok', `expected Redis health ok, got ${JSON.stringify(body.queue?.redis)}`);
+}
+
+async function assertInfoEndpoint() {
+  const { response, body } = await requestJson('/v1/info');
+  assert(response.ok, `/v1/info expected OK, got ${response.status}`);
+  assert(body.runtime === 'server-beta', `expected runtime=server-beta, got ${body.runtime}`);
+  assert(body.postgres?.initialized === true, `expected postgres.initialized=true, got ${JSON.stringify(body.postgres)}`);
+  assert(body.boundaries?.queueManager?.status === 'active', `expected queue manager active, got ${JSON.stringify(body.boundaries?.queueManager)}`);
+}
+
+async function phase1() {
+  console.log(`[e2e] phase1 starting (${runId})`);
+  await waitForReadiness();
+  await assertQueueHealth();
+  await assertInfoEndpoint();
+  await assertRedisPing();
+
+  // Auth — missing key returns 401, invalid key returns 403. Auth runs
+  // before body validation, so the body content is irrelevant here.
+  await expectStatus('/v1/sessions/start', 401, {
+    method: 'POST',
+    json: { projectId: projectIdFromEnv, contentSessionId: 'unauth' },
+  });
+  await expectStatus('/v1/sessions/start', 403, {
+    method: 'POST',
+    apiKey: 'cmem_invalid_key_for_e2e',
+    json: { projectId: projectIdFromEnv, contentSessionId: 'invalid' },
+  });
+
+  // Read-only key cannot write.
+  if (readOnlyKey) {
+    await expectStatus('/v1/sessions/start', 403, {
+      method: 'POST',
+      apiKey: readOnlyKey,
+      json: { projectId: projectIdFromEnv, contentSessionId: `readonly-${runId}` },
+    });
+  }
+
+  // Open a session. projectId is required in the body and must match the
+  // project the api-key is scoped to (passed in via E2E_PROJECT_ID).
+  assert(projectIdFromEnv, 'E2E_PROJECT_ID is required for phase1');
+  const sessionRes = await requestJson('/v1/sessions/start', {
+    apiKey,
+    json: {
+      projectId: projectIdFromEnv,
+      contentSessionId: `content-${runId}`,
+      platformSource: 'docker-e2e',
+    },
+  });
+  assert(sessionRes.response.status === 201, `session create failed: ${sessionRes.response.status} ${JSON.stringify(sessionRes.body)}`);
+  const session = sessionRes.body.session;
+  assert(session?.id, `session response missing id: ${JSON.stringify(sessionRes.body)}`);
+  const projectId = session.projectId;
+  assert(projectId, `session missing projectId: ${JSON.stringify(session)}`);
+
+  // POST /v1/events?wait=true — returns a generationJob descriptor on
+  // success. This is the Phase 10 contract: HTTP path returns the queued
+  // job, and the worker process generates the observation later.
+  const createdEvent = await requestJson('/v1/events?wait=true', {
+    apiKey,
+    json: {
+      projectId,
+      serverSessionId: session.id,
+      sourceType: 'api',
+      eventType: 'observation.created',
+      contentSessionId: `content-${runId}`,
+      memorySessionId: `memory-${runId}`,
+      payload: { tool_name: 'Read', runId },
+      occurredAtEpoch: Date.now(),
+    },
+  });
+  assert(
+    createdEvent.response.status === 201,
+    `event create failed: ${createdEvent.response.status} ${JSON.stringify(createdEvent.body)}`,
+  );
+  const event = createdEvent.body.event;
+  assert(event?.id, `event response missing id: ${JSON.stringify(createdEvent.body)}`);
+  // wait=true MUST include a generationJob descriptor (queued or generated).
+  // Its absence indicates the queue path was bypassed.
+  assert(
+    createdEvent.body.generationJob !== undefined && createdEvent.body.generationJob !== null,
+    `wait=true response missing generationJob: ${JSON.stringify(createdEvent.body)}`,
+  );
+
+  // Read-back through the team-scoped GET /v1/events/:id route.
+  const fetched = await requestJson(`/v1/events/${event.id}`, { apiKey });
+  assert(fetched.response.ok, `event fetch failed: ${fetched.response.status} ${JSON.stringify(fetched.body)}`);
+
+  // Poll the generation job — it MUST exist in Postgres regardless of
+  // whether a provider is configured. Without a provider, status stays at
+  // `queued`; with one, it eventually becomes `generated`. Either way the
+  // job row is observable via GET /v1/jobs/:id.
+  const jobId = createdEvent.body.generationJob.id;
+  if (jobId) {
+    const jobRes = await requestJson(`/v1/jobs/${jobId}`, { apiKey });
+    assert(jobRes.response.ok, `job fetch failed: ${jobRes.response.status} ${JSON.stringify(jobRes.body)}`);
+  }
+
+  // Close the session.
+  const ended = await requestJson(`/v1/sessions/${session.id}/end`, {
+    method: 'POST',
+    apiKey,
+    json: {},
+  });
+  assert(ended.response.ok, `session end failed: ${ended.response.status} ${JSON.stringify(ended.body)}`);
+
+  console.log(`[e2e] phase1 passed session=${session.id} event=${event.id} job=${jobId ?? 'none'}`);
+}
+
+async function phase2() {
+  console.log(`[e2e] phase2 after restart starting (${runId})`);
+  await waitForReadiness();
+  await assertQueueHealth();
+  await assertInfoEndpoint();
+  await assertRedisPing();
+
+  // Revoked key MUST fail on every authenticated route. The restart between
+  // phase1 and phase2 specifically asserts the revocation lives in Postgres,
+  // not an in-memory cache.
+  if (revokedKey) {
+    await expectStatus('/v1/sessions/start', 403, {
+      method: 'POST',
+      apiKey: revokedKey,
+      json: { projectId: projectIdFromEnv, contentSessionId: `revoked-${runId}` },
+    });
+  }
+
+  // Full key still works after restart — durable session creation + event
+  // ingest path through Postgres.
+  assert(projectIdFromEnv, 'E2E_PROJECT_ID is required for phase2');
+  const sessionRes = await requestJson('/v1/sessions/start', {
+    apiKey,
+    json: {
+      projectId: projectIdFromEnv,
+      contentSessionId: `content-after-restart-${runId}`,
+      platformSource: 'docker-e2e',
+    },
+  });
+  assert(
+    sessionRes.response.status === 201,
+    `session create after restart failed: ${sessionRes.response.status} ${JSON.stringify(sessionRes.body)}`,
+  );
+  const session = sessionRes.body.session;
+  const projectId = session.projectId;
+
+  const createdEvent = await requestJson('/v1/events?wait=true', {
+    apiKey,
+    json: {
+      projectId,
+      serverSessionId: session.id,
+      sourceType: 'api',
+      eventType: 'observation.created',
+      contentSessionId: `content-after-restart-${runId}`,
+      payload: { tool_name: 'Edit', runId, after: 'restart' },
+      occurredAtEpoch: Date.now(),
+    },
+  });
+  assert(
+    createdEvent.response.status === 201,
+    `event after restart failed: ${createdEvent.response.status} ${JSON.stringify(createdEvent.body)}`,
+  );
+  assert(
+    createdEvent.body.generationJob !== undefined && createdEvent.body.generationJob !== null,
+    `wait=true after restart missing generationJob: ${JSON.stringify(createdEvent.body)}`,
+  );
+
+  console.log(`[e2e] phase2 passed session=${session.id} event=${createdEvent.body.event.id}`);
+}
+
+if (phase === 'phase1') {
+  await phase1();
+} else if (phase === 'phase2') {
+  await phase2();
+} else {
+  throw new Error(`Unknown E2E_PHASE: ${phase}`);
+}
@@ -1,83 +0,0 @@
-<claude-mem-context>
-# Recent Activity
-
-<!-- This section is auto-generated by claude-mem. Edit content outside the tags. -->
-
-### Nov 6, 2025
-
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #4241 | 11:19 PM | 🟣 | Object-Oriented Architecture Design Document Created | ~662 |
-| #4240 | 11:11 PM | 🟣 | Worker Service Rewrite Blueprint Created | ~541 |
-| #4239 | 11:07 PM | 🟣 | Comprehensive Worker Service Performance Analysis Document Created | ~541 |
-| #4238 | 10:59 PM | 🔵 | Overhead Analysis Document Checked | ~203 |
-
-### Nov 7, 2025
-
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #4609 | 6:33 PM | ✅ | PR #69 Successfully Merged to Main Branch | ~516 |
-| #4600 | 6:31 PM | 🟣 | Added Worker Service Documentation Suite | ~441 |
-| #4597 | " | 🔄 | Worker Service Refactored to Object-Oriented Architecture | ~473 |
-
-### Nov 8, 2025
-
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #5539 | 10:20 PM | 🔵 | Harsh critical audit of context-hook reveals systematic anti-patterns | ~3154 |
-| #5497 | 9:29 PM | 🔵 | Harsh critical audit of context-hook reveals systematic anti-patterns | ~2815 |
-| #5495 | 9:28 PM | 🔵 | Context Hook Audit Reveals Project Anti-Patterns | ~660 |
-| #5476 | 9:17 PM | 🔵 | Critical Code Audit Identified 14 Anti-Patterns in Context Hook | ~887 |
-| #5391 | 8:45 PM | 🔵 | Critical Code Quality Audit of Context Hook Implementation | ~720 |
-| #5150 | 7:37 PM | 🟣 | Troubleshooting Skill Added to Claude-Mem Plugin | ~427 |
-
-### Nov 9, 2025
-
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #6161 | 11:55 PM | 🔵 | YC W26 Application Research and Preparation Completed for Claude-Mem | ~1628 |
-| #6155 | 11:47 PM | ✅ | Comprehensive Y Combinator Winter 2026 Application Notes Created | ~1045 |
-| #5979 | 7:58 PM | 🔵 | Smart Contextualization Feature Architecture | ~560 |
-| #5971 | 7:49 PM | 🔵 | Hooks Reference Documentation Structure | ~448 |
-| #5929 | 7:08 PM | ✅ | Documentation Updates for v5.4.0 Skill-Based Search Migration | ~604 |
-| #5927 | " | ✅ | Updated Configuration Documentation for Skill-Based Search | ~497 |
-| #5920 | 7:05 PM | ✅ | Renamed Architecture Documentation File Reference | ~271 |
-
-### Nov 18, 2025
-
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #11515 | 8:22 PM | 🔵 | Smart Contextualization Architecture Retrieved with Command Hook Pattern Details | ~502 |
-
-### Dec 8, 2025
-
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #22294 | 9:43 PM | 🔵 | Documentation Site Structure Located | ~359 |
-
-### Dec 12, 2025
-
-| ID | Time | T | Title | Read |
-|----|------|---|-------|------|
-| #24430 | 8:27 PM | ✅ | Removed Final Platform Check Reference from Linux Section | ~320 |
-| #24429 | " | ✅ | Final Platform Check Reference Removal from Linux Section | ~274 |
-| #24428 | " | ✅ | Corrected Second Line Number Reference for Migration Marker Logic | ~267 |
-| #24427 | 8:26 PM | ✅ | Updated Line Number Reference for PM2 Cleanup Implementation | ~260 |
-| #24426 | " | ✅ | Removed Platform Check from Manual Marker Deletion Scenario | ~338 |
-| #24425 | " | ✅ | Removed Platform Check from Fresh Install Scenario Flow | ~314 |
-| #24424 | 8:25 PM | ✅ | Renumbered Manual Marker Deletion Scenario | ~285 |
-| #24423 | " | ✅ | Renumbered Fresh Install Scenario | ~243 |
-| #24422 | " | ✅ | Removed Obsolete Windows Platform Detection Scenario | ~311 |
-| #24421 | " | ✅ | Removed Platform Check from macOS Migration Documentation | ~294 |
-| #24420 | 8:24 PM | ✅ | Platform Check Removed from Migration Documentation | ~288 |
-| #24417 | 8:16 PM | ✅ | Code Reference Example Updated to Reflect Actual Cross-Platform Implementation | ~366 |
-| #24416 | " | ✅ | Architecture Decision Documentation Updated to Reflect Cross-Platform PM2 Cleanup Rationale | ~442 |
-| #24415 | 8:15 PM | ✅ | Migration Marker Lifecycle Documentation Updated for Unified Cross-Platform Behavior | ~463 |
-| #24414 | " | ✅ | Platform Comparison Table Updated to Reflect Unified Cross-Platform Migration | ~351 |
-| #24413 | " | ✅ | Windows Platform-Specific Documentation Completely Rewritten for Unified Migration | ~428 |
-| #24412 | " | ✅ | User Experience Timeline Updated for Cross-Platform PM2 Cleanup | ~291 |
-| #24411 | 8:14 PM | ✅ | Migration Marker Lifecycle Documentation Updated for All Platforms | ~277 |
-| #24410 | " | ✅ | Marker File Platform Behavior Documentation Updated for Unified Migration | ~282 |
-| #24409 | " | ✅ | Migration Steps Documentation Updated for Cross-Platform PM2 Cleanup | ~278 |
-| #24408 | 8:13 PM | ✅ | PM2 Migration Documentation Updated to Remove Windows Platform Check | ~280 |
-</claude-mem-context>
@@ -1,213 +0,0 @@
-# Claude-Mem PR Shipping Report
-*Generated: 2026-02-04*
-
-## Executive Summary
-
-6 PRs analyzed for shipping readiness. **1 is ready to merge**, 4 have conflicts, 1 is too large for easy review.
-
-| PR | Title | Status | Recommendation |
-|----|-------|--------|----------------|
-| **#856** | Idle timeout for zombie processes | ✅ **MERGEABLE** | **Ship it** |
-| #700 | Windows Terminal popup fix | ⚠️ Conflicts | Rebase, then ship |
-| #722 | In-process worker architecture | ⚠️ Conflicts | Rebase, high impact |
-| #657 | generate/clean CLI commands | ⚠️ Conflicts | Rebase, then ship |
-| #863 | Ragtime email investigation | 🔍 Needs review | Research pending |
-| #464 | Sleep Agent Pipeline (contributor) | 🔴 Too large | Request split or dedicated review |
-
---
-
-## Ready to Ship
-
-### PR #856: Idle Timeout for Zombie Observer Processes
-**Status:** ✅ MERGEABLE (no conflicts)
-
-| Metric | Value |
-|--------|-------|
-| Additions | 928 |
-| Deletions | 171 |
-| Files | 8 |
-| Risk | Low-Medium |
-
-**What it does:**
- Adds 3-minute idle timeout to `SessionQueueProcessor`
- Prevents zombie observer processes that were causing 13.4GB swap usage
- Processes exit gracefully after inactivity instead of waiting forever
-
-**Why ship it:**
- Fixes real user-reported issue (79 zombie processes)
- Well-tested (11 new tests, 440 lines of test coverage)
- Clean implementation, preventive approach
- Supersedes PR #848's reactive cleanup
- No conflicts, ready to merge
-
-**Review notes:**
- 1 Greptile bot comment (addressed)
- Race condition fix included
- Enhanced logging added
-
---
-
-## Needs Rebase (Have Conflicts)
-
-### PR #700: Windows Terminal Popup Fix
-**Status:** ⚠️ CONFLICTING
-
-| Metric | Value |
-|--------|-------|
-| Additions | 187 |
-| Deletions | 399 |
-| Files | 8 |
-| Risk | Medium |
-
-**What it does:**
- Eliminates Windows Terminal popup by removing spawn-based daemon
- Worker `start` command becomes daemon directly (no child spawn)
- Removes `restart` command (users do `stop` then `start`)
- Net simplification: -212 lines
-
-**Breaking changes:**
- `restart` command removed
-
-**Review status:**
- ✅ 1 APPROVAL from @volkanfirat (Jan 15, 2026)
-
-**Action needed:** Resolve conflicts, then ready to ship.
-
---
-
-### PR #722: In-Process Worker Architecture
-**Status:** ⚠️ CONFLICTING
-
-| Metric | Value |
-|--------|-------|
-| Additions | 869 |
-| Deletions | 4,658 |
-| Files | 112 |
-| Risk | High |
-
-**What it does:**
- Hook processes become the worker (no separate daemon spawning)
- First hook that needs worker becomes the worker
- Eliminates Windows spawn issues ("NO SPAWN" rule)
- 761 tests pass
-
-**Architectural impact:** HIGH
- Fundamentally changes worker lifecycle
- Hook processes stay alive (they ARE the worker)
- First hook wins port 37777, others use HTTP
-
-**Action needed:** Resolve conflicts. Consider relationship with PR #700 (both touch worker architecture).
-
---
-
-### PR #657: Generate/Clean CLI Commands
-**Status:** ⚠️ CONFLICTING
-
-| Metric | Value |
-|--------|-------|
-| Additions | 1,184 |
-| Deletions | 5,057 |
-| Files | 104 |
-| Risk | Medium |
-
-**What it does:**
- Adds `claude-mem generate` and `claude-mem clean` CLI commands
- Fixes validation bugs (deleted folders recreated from stale DB)
- Fixes Windows path handling
- Adds automatic shell alias installation
- Disables subdirectory CLAUDE.md files by default
-
-**Breaking changes:**
- Default behavior change: folder CLAUDE.md now disabled by default
-
-**Action needed:** Resolve conflicts, complete Windows testing.
-
---
-
-## Needs Attention
-
-### PR #863: Ragtime Email Investigation
-**Status:** 🔍 Research pending
-
-Research agent did not return results. Manual review needed.
-
---
-
-### PR #464: Sleep Agent Pipeline (Contributor: @laihenyi)
-**Status:** 🔴 Too large for effective review
-
-| Metric | Value |
-|--------|-------|
-| Additions | 15,430 |
-| Deletions | 469 |
-| Files | 73 |
-| Wait time | 37+ days |
-| Risk | High |
-
-**What it does:**
- Sleep Agent Pipeline with memory tiering
- Supersession detection
- Session Statistics API (`/api/session/:id/stats`)
- StatusLine + PreCompact hooks
- Context Generator improvements
- Self-healing CI workflow
-
-**Concerns:**
-| Issue | Details |
-|-------|---------|
-| 🔴 Size | 15K+ lines is too large for effective review |
-| 🔴 SupersessionDetector | Single file with 1,282 additions |
-| 🟡 No tests visible | Test plan checkboxes unchecked |
-| 🟡 Self-healing CI | Auto-fix workflow could cause infinite commit loops |
-| 🟡 Serena config | Adds `.serena/` tooling |
-
-**Recommendation:**
-1. **Option A:** Request contributor split into 4-5 smaller PRs
-2. **Option B:** Allocate dedicated review time (several hours)
-3. **Option C:** Cherry-pick specific features (hooks, stats API)
-
-**Note:** Contributor has been waiting 37+ days. Deserves response either way.
-
---
-
-## Shipping Strategy
-
-### Phase 1: Quick Wins (This Week)
-1. **Merge #856** — Ready now, fixes real user issue
-2. **Rebase #700** — Has approval, Windows fix needed
-3. **Rebase #657** — Useful CLI commands
-
-### Phase 2: Architecture (Careful Review)
-4. **Review #722** — High impact, conflicts with #700 approach?
-   - Both PRs eliminate spawning but in different ways
-   - May need to pick one approach
-
-### Phase 3: Contributor PR
-5. **Respond to #464** — Options:
-   - Ask for split
-   - Schedule dedicated review
-   - Cherry-pick subset
-
-### Phase 4: Investigation
-6. **Manual review #863** — Ragtime email feature
-
---
-
-## Conflict Resolution Order
-
-Since multiple PRs have conflicts, suggested rebase order:
-
-1. **#856** (merge first — no conflicts)
-2. **#700** (rebase onto main after #856)
-3. **#657** (rebase onto main after #700)
-4. **#722** (rebase last — may conflict with #700 architecturally)
-
---
-
-## Summary
-
-| Ready | Conflicts | Needs Work |
-|-------|-----------|------------|
-| 1 PR (#856) | 3 PRs (#700, #722, #657) | 2 PRs (#464, #863) |
-
-**Immediate action:** Merge #856, then rebase the conflict PRs in order.
@@ -1,79 +0,0 @@
-# Version Consistency Fix (Issue #XXX)
-
-## Problem
-Version mismatch between plugin and worker caused infinite restart loop:
- Plugin version: 9.0.0 (from plugin/.claude-plugin/plugin.json)
- Worker binary version: 8.5.9 (hardcoded in bundled worker-service.cjs)
-
-This triggered the auto-restart mechanism on every hook call, which killed the SDK generator before it could complete the Claude API call to generate observations. Result: 0 observations were ever saved to the database despite hooks firing successfully.
-
-## Root Cause
-The `plugin/package.json` file had version `8.5.10` instead of `9.0.0`. When the project was last built, the build script correctly injected the version from root `package.json` into the bundled worker service. However, the `plugin/package.json` was manually created/edited and fell out of sync.
-
-At runtime:
-1. Worker service reads version from `~/.claude/plugins/marketplaces/thedotmack/package.json` → gets `8.5.10`
-2. Running worker returns built-in version via `/api/version` → returns `8.5.9` (from old build)
-3. Version check in `worker-service.ts` start command detects mismatch
-4. Auto-restart triggered on every hook call
-5. Observations never saved
-
-## Solution
-1. Updated `plugin/package.json` from version `8.5.10` to `9.0.0`
-2. Rebuilt all hooks and worker service to inject correct version (`9.0.0`) into bundled artifacts
-3. Added comprehensive test suite to prevent future version mismatches
-
-## Verification
-All versions now match:
-```
-Root package.json:       9.0.0 ✓
-plugin/package.json:     9.0.0 ✓
-plugin.json:             9.0.0 ✓
-marketplace.json:        9.0.0 ✓
-worker-service.cjs:      9.0.0 ✓
-```
-
-## Prevention
-To prevent this issue in the future:
-
-1. **Automated Build Process**: The `scripts/build-hooks.js` now regenerates `plugin/package.json` automatically with the correct version from root `package.json`
-
-2. **Version Consistency Tests**: Added `tests/infrastructure/version-consistency.test.ts` to verify all version sources match
-
-3. **Version Management Best Practices**:
-   - NEVER manually edit `plugin/package.json` - it's auto-generated during build
-   - Always update version in root `package.json` only
-   - Run `npm run build` after version changes
-   - The build script will sync the version to all necessary locations
-
-## Files Changed
- `plugin/package.json` - Updated version from 8.5.10 to 9.0.0
- `plugin/scripts/worker-service.cjs` - Rebuilt with version 9.0.0 injected
- `plugin/scripts/mcp-server.cjs` - Rebuilt with version 9.0.0 injected
- `plugin/scripts/*.js` (hooks) - Rebuilt with version 9.0.0 injected
- `tests/infrastructure/version-consistency.test.ts` - New test suite
-
-## Testing
-Run the version consistency test:
-```bash
-npm run test:infra
-```
-
-Or manually verify:
-```bash
-node -e "
-const fs = require('fs');
-const rootPkg = JSON.parse(fs.readFileSync('package.json', 'utf-8'));
-const pluginPkg = JSON.parse(fs.readFileSync('plugin/package.json', 'utf-8'));
-const workerContent = fs.readFileSync('plugin/scripts/worker-service.cjs', 'utf-8');
-const workerMatch = workerContent.match(/Bre=\"([0-9.]+)\"/);
-console.log('Root:', rootPkg.version);
-console.log('Plugin:', pluginPkg.version);
-console.log('Worker:', workerMatch ? workerMatch[1] : 'NOT_FOUND');
-"
-```
-
-## Related Code Locations
- **Version Injection**: `scripts/build-hooks.js` line 43-45, 105, 130, 155, 178
- **Version Check**: `src/services/infrastructure/HealthMonitor.ts` line 133-143
- **Auto-Restart Logic**: `src/services/worker-service.ts` line 627-645
- **Runtime Version Read**: `src/shared/worker-utils.ts` line 73-76, 82-91
@@ -0,0 +1,5 @@
+# Adapters
+
+Claude Code hook payloads are mapped through `src/adapters/claude-code/mapper.ts` into `AgentEvent` records. The mapper preserves legacy fields such as `contentSessionId`, `tool_name`, `tool_input`, `tool_response`, `cwd`, `agentId`, `agentType`, `platformSource`, and both `tool_use_id` and `toolUseId`.
+
+Generic agent examples live in `src/adapters/generic-rest/examples.ts` for Codex, OpenCode, and custom REST ingestion. New adapters should emit the REST V1 event shape instead of coupling their payloads to Claude Code internals.
@@ -0,0 +1,40 @@
+# Server API
+
+REST V1 is mounted under `/v1`; legacy worker routes remain under `/api`.
+
+Available beta endpoints:
+
+- `GET /healthz`
+- `GET /v1/info`
+- `GET /v1/projects`
+- `POST /v1/projects`
+- `GET /v1/projects/:id`
+- `POST /v1/sessions/start`
+- `POST /v1/sessions/:id/end`
+- `GET /v1/sessions/:id`
+- `POST /v1/events`
+- `POST /v1/events/batch`
+- `GET /v1/events/:id`
+- `POST /v1/memories`
+- `GET /v1/memories/:id`
+- `PATCH /v1/memories/:id`
+- `POST /v1/search`
+- `POST /v1/context`
+- `GET /v1/audit?projectId=<id>`
+
+When `CLAUDE_MEM_AUTH_MODE=api-key`, send `Authorization: Bearer <key>`. Read endpoints require `memories:read`; write endpoints require `memories:write`.
+
+## Event generation semantics
+
+`POST /v1/events` accepts two query flags that control observation generation:
+
+- `generate=false` — write the event but do not enqueue a generation job.
+- `wait=true` — return the `generationJob` descriptor in the response, so
+  callers can poll `GET /v1/jobs/:id` for completion.
+
+Without `wait=true`, the response includes the new event row and a best-
+effort `generationJob` field. With `wait=true`, the `generationJob` field is
+always populated (or `null` only when generation was explicitly disabled).
+The actual provider call happens in a separate BullMQ worker process
+(`claude-mem server worker start`); the HTTP path never blocks on a
+provider response.
@@ -14,7 +14,7 @@
 |  +-- handlers/ (context, session-init, observation,        |
 |                 summarize, session-complete)               |
 +-----------------------------------------------------------+
-|  Worker Daemon (Express, port 37777)                      |
+|  Worker Daemon (Express, per-user port 37700+(uid%100))   |
 |  +-- SessionManager (session lifecycle)                   |
 |  +-- SDKAgent (Claude Agent SDK)                          |
 |  +-- SearchManager (search orchestration)                 |
@@ -32,13 +32,15 @@

 | Event | Handler | What it does | Timeout |
 |-------|---------|-------------|---------|
-| Setup | setup.sh | Install system dependencies | 300s |
-| SessionStart | smart-install.js + context | Install deps + start worker + inject context | 60s |
+| Setup | version-check.js | Sub-100ms version-marker check; prompts `npx claude-mem repair` on mismatch | 60s |
+| SessionStart | worker start + context | Start worker service and inject context | 60s |
 | UserPromptSubmit | session-init | Register session + start SDK agent + semantic injection | 60s |
 | PostToolUse | observation | Capture tool usage -> enqueue in worker | 120s |
 | Summary | summarize | Request session summary from SDK agent | 120s |
 | SessionEnd | session-complete | End session + drain pending messages | 30s |

+On first install, `npx claude-mem install` sets up Bun and uv globally, runs `bun install` in the plugin cache, and writes an `.install-version` marker — all behind a visible clack spinner. The Setup hook then runs `version-check.js` on every Claude Code startup; if the plugin was upgraded externally (e.g. `claude plugin update`), it writes a hint to stderr asking the user to run `npx claude-mem repair`. The hook always exits 0 (non-blocking).
+
 ## Data Flow

 ```text
@@ -62,27 +64,29 @@ Stop -> summarize -> /api/sessions/summarize

 ## Key Patterns

-### CLAIM-CONFIRM (PendingMessageStore)
+### Pending Queue (PendingMessageStore)

 ```text
-enqueue()           -> INSERT status='pending'
-claimNextMessage()  -> UPDATE status='processing' (atomic)
-confirmProcessed()  -> DELETE (success)
-markFailed()        -> UPDATE status='failed' (retry < 3)
-
-Self-healing: messages in 'processing' for >60s reset to 'pending'
+enqueue()                    -> INSERT row with `pending` status
+clearPendingForSession()     -> DELETE all pending rows for session
+                                (called whenever the parser returns
+                                a parseable response, regardless of
+                                whether observations were extracted)
 ```

-### Circuit-Breaker (SessionRoutes)
+Parser is binary: `{ valid: true, observations, summary }` or `{ valid: false }`.
+Unparseable responses leave the queue untouched and the session iterator continues.
+
+### Generator restart loop (SessionRoutes)

 ```text
 Generator crash -> retry 1 (1s) -> retry 2 (2s) -> retry 3 (4s)
-  -> consecutiveRestarts > 3 -> CIRCUIT-BREAKER
-  -> markAllSessionMessagesAbandoned(sessionDbId)
-  -> Stop. No infinite loop.
+  -> consecutiveRestarts > 3 -> stop and let the iterator end
 ```

-Counter resets to 0 when generator completes work naturally.
+Counter resets to 0 when generator completes work naturally. Pending
+messages remain in the queue across restarts and are cleared by the
+parser path on the next valid response.

 ### Graceful Degradation (hook-command.ts)

@@ -117,7 +121,7 @@ The conversion between them is handled by SessionStore and is critical for FK co
 | observations | memory_session_id, type, title, narrative, content_hash | Tool usage observations |
 | session_summaries | memory_session_id, request, learned, completed | Session summaries |
 | user_prompts | content_session_id, prompt_text | User prompt history |
-| pending_messages | session_db_id, status, message_type | CLAIM-CONFIRM queue |
+| pending_messages | session_db_id, message_type | Per-session pending queue |
 | observation_feedback | observation_id, signal_type | Usage tracking |

 ### ChromaDB (chroma.sqlite3)
@@ -1,9 +1,3 @@
-/**
- * Claude Agent SDK V2 Examples
- *
- * The V2 API provides a session-based interface with separate send()/receive(),
- * ideal for multi-turn conversations. Run with: npx tsx v2-examples.ts
- */

 import {
  unstable_v2_createSession,
@@ -32,7 +26,6 @@ async function main() {
  }
 }

-// Basic session with send/receive pattern
 async function basicSession() {
  console.log('=== Basic Session ===\n');

@@ -47,13 +40,11 @@ async function basicSession() {
  }
 }

-// Multi-turn conversation - V2's key advantage
 async function multiTurn() {
  console.log('=== Multi-Turn Conversation ===\n');

  await using session = unstable_v2_createSession({ model: 'sonnet' });

-  // Turn 1
  await session.send('What is 5 + 3? Just the number.');
  for await (const msg of session.receive()) {
    if (msg.type === 'assistant') {
@@ -62,7 +53,6 @@ async function multiTurn() {
    }
  }

-  // Turn 2 - Claude remembers context
  await session.send('Multiply that by 2. Just the number.');
  for await (const msg of session.receive()) {
    if (msg.type === 'assistant') {
@@ -72,7 +62,6 @@ async function multiTurn() {
  }
 }

-// One-shot convenience function
 async function oneShot() {
  console.log('=== One-Shot Prompt ===\n');

@@ -84,13 +73,11 @@ async function oneShot() {
  }
 }

-// Session resume - persist context across sessions
 async function sessionResume() {
  console.log('=== Session Resume ===\n');

  let sessionId: string | undefined;

-  // First session - establish a memory
  {
    await using session = unstable_v2_createSession({ model: 'sonnet' });
    console.log('[Session 1] Telling Claude my favorite color...');
@@ -110,7 +97,6 @@ async function sessionResume() {

  console.log('--- Session closed. Time passes... ---\n');

-  // Resume and verify Claude remembers
  {
    await using session = unstable_v2_resumeSession(sessionId!, { model: 'sonnet' });
    console.log('[Session 2] Resuming and asking Claude...');
@@ -1,338 +0,0 @@
-# Get started with Claude Code hooks
-
-> Learn how to customize and extend Claude Code's behavior by registering shell commands
-
-Claude Code hooks are user-defined shell commands that execute at various points
-in Claude Code's lifecycle. Hooks provide deterministic control over Claude
-Code's behavior, ensuring certain actions always happen rather than relying on
-the LLM to choose to run them.
-
-<Tip>
-  For reference documentation on hooks, see [Hooks reference](/en/hooks).
-</Tip>
-
-Example use cases for hooks include:
-
-* **Notifications**: Customize how you get notified when Claude Code is awaiting
-  your input or permission to run something.
-* **Automatic formatting**: Run `prettier` on .ts files, `gofmt` on .go files,
-  etc. after every file edit.
-* **Logging**: Track and count all executed commands for compliance or
-  debugging.
-* **Feedback**: Provide automated feedback when Claude Code produces code that
-  does not follow your codebase conventions.
-* **Custom permissions**: Block modifications to production files or sensitive
-  directories.
-
-By encoding these rules as hooks rather than prompting instructions, you turn
-suggestions into app-level code that executes every time it is expected to run.
-
-<Warning>
-  You must consider the security implication of hooks as you add them, because hooks run automatically during the agent loop with your current environment's credentials.
-  For example, malicious hooks code can exfiltrate your data. Always review your hooks implementation before registering them.
-
-  For full security best practices, see [Security Considerations](/en/hooks#security-considerations) in the hooks reference documentation.
-</Warning>
-
-## Hook Events Overview
-
-Claude Code provides several hook events that run at different points in the
-workflow:
-
-* **PreToolUse**: Runs before tool calls (can block them)
-* **PermissionRequest**: Runs when a permission dialog is shown (can allow or deny)
-* **PostToolUse**: Runs after tool calls complete
-* **UserPromptSubmit**: Runs when the user submits a prompt, before Claude processes it
-* **Notification**: Runs when Claude Code sends notifications
-* **Stop**: Runs when Claude Code finishes responding
-* **SubagentStop**: Runs when subagent tasks complete
-* **PreCompact**: Runs before Claude Code is about to run a compact operation
-* **SessionStart**: Runs when Claude Code starts a new session or resumes an existing session
-* **SessionEnd**: Runs when Claude Code session ends
-
-Each event receives different data and can control Claude's behavior in
-different ways.
-
-## Quickstart
-
-In this quickstart, you'll add a hook that logs the shell commands that Claude
-Code runs.
-
-### Prerequisites
-
-Install `jq` for JSON processing in the command line.
-
-### Step 1: Open hooks configuration
-
-Run the `/hooks` [slash command](/en/slash-commands) and select
-the `PreToolUse` hook event.
-
-`PreToolUse` hooks run before tool calls and can block them while providing
-Claude feedback on what to do differently.
-
-### Step 2: Add a matcher
-
-Select `+ Add new matcher…` to run your hook only on Bash tool calls.
-
-Type `Bash` for the matcher.
-
-<Note>You can use `*` to match all tools.</Note>
-
-### Step 3: Add the hook
-
-Select `+ Add new hook…` and enter this command:
-
-```bash  theme={null}
-jq -r '"\(.tool_input.command) - \(.tool_input.description // "No description")"' >> ~/.claude/bash-command-log.txt
-```
-
-### Step 4: Save your configuration
-
-For storage location, select `User settings` since you're logging to your home
-directory. This hook will then apply to all projects, not just your current
-project.
-
-Then press `Esc` until you return to the REPL. Your hook is now registered.
-
-### Step 5: Verify your hook
-
-Run `/hooks` again or check `~/.claude/settings.json` to see your configuration:
-
-```json  theme={null}
-{
-  "hooks": {
-    "PreToolUse": [
-      {
-        "matcher": "Bash",
-        "hooks": [
-          {
-            "type": "command",
-            "command": "jq -r '\"\\(.tool_input.command) - \\(.tool_input.description // \"No description\")\"' >> ~/.claude/bash-command-log.txt"
-          }
-        ]
-      }
-    ]
-  }
-}
-```
-
-### Step 6: Test your hook
-
-Ask Claude to run a simple command like `ls` and check your log file:
-
-```bash  theme={null}
-cat ~/.claude/bash-command-log.txt
-```
-
-You should see entries like:
-
-```
-ls - Lists files and directories
-```
-
-## More Examples
-
-<Note>
-  For a complete example implementation, see the [bash command validator example](https://github.com/anthropics/claude-code/blob/main/examples/hooks/bash_command_validator_example.py) in our public codebase.
-</Note>
-
-### Code Formatting Hook
-
-Automatically format TypeScript files after editing:
-
-```json  theme={null}
-{
-  "hooks": {
-    "PostToolUse": [
-      {
-        "matcher": "Edit|Write",
-        "hooks": [
-          {
-            "type": "command",
-            "command": "jq -r '.tool_input.file_path' | { read file_path; if echo \"$file_path\" | grep -q '\\.ts$'; then npx prettier --write \"$file_path\"; fi; }"
-          }
-        ]
-      }
-    ]
-  }
-}
-```
-
-### Markdown Formatting Hook
-
-Automatically fix missing language tags and formatting issues in markdown files:
-
-```json  theme={null}
-{
-  "hooks": {
-    "PostToolUse": [
-      {
-        "matcher": "Edit|Write",
-        "hooks": [
-          {
-            "type": "command",
-            "command": "\"$CLAUDE_PROJECT_DIR\"/.claude/hooks/markdown_formatter.py"
-          }
-        ]
-      }
-    ]
-  }
-}
-```
-
-Create `.claude/hooks/markdown_formatter.py` with this content:
-
-````python  theme={null}
-#!/usr/bin/env python3
-"""
-Markdown formatter for Claude Code output.
-Fixes missing language tags and spacing issues while preserving code content.
-"""
-import json
-import sys
-import re
-import os
-
-def detect_language(code):
-    """Best-effort language detection from code content."""
-    s = code.strip()
-    
-    # JSON detection
-    if re.search(r'^\s*[{\[]', s):
-        try:
-            json.loads(s)
-            return 'json'
-        except:
-            pass
-    
-    # Python detection
-    if re.search(r'^\s*def\s+\w+\s*\(', s, re.M) or \
-       re.search(r'^\s*(import|from)\s+\w+', s, re.M):
-        return 'python'
-    
-    # JavaScript detection  
-    if re.search(r'\b(function\s+\w+\s*\(|const\s+\w+\s*=)', s) or \
-       re.search(r'=>|console\.(log|error)', s):
-        return 'javascript'
-    
-    # Bash detection
-    if re.search(r'^#!.*\b(bash|sh)\b', s, re.M) or \
-       re.search(r'\b(if|then|fi|for|in|do|done)\b', s):
-        return 'bash'
-    
-    # SQL detection
-    if re.search(r'\b(SELECT|INSERT|UPDATE|DELETE|CREATE)\s+', s, re.I):
-        return 'sql'
-        
-    return 'text'
-
-def format_markdown(content):
-    """Format markdown content with language detection."""
-    # Fix unlabeled code fences
-    def add_lang_to_fence(match):
-        indent, info, body, closing = match.groups()
-        if not info.strip():
-            lang = detect_language(body)
-            return f"{indent}```{lang}\n{body}{closing}\n"
-        return match.group(0)
-    
-    fence_pattern = r'(?ms)^([ \t]{0,3})```([^\n]*)\n(.*?)(\n\1```)\s*$'
-    content = re.sub(fence_pattern, add_lang_to_fence, content)
-    
-    # Fix excessive blank lines (only outside code fences)
-    content = re.sub(r'\n{3,}', '\n\n', content)
-    
-    return content.rstrip() + '\n'
-
-# Main execution
-try:
-    input_data = json.load(sys.stdin)
-    file_path = input_data.get('tool_input', {}).get('file_path', '')
-    
-    if not file_path.endswith(('.md', '.mdx')):
-        sys.exit(0)  # Not a markdown file
-    
-    if os.path.exists(file_path):
-        with open(file_path, 'r', encoding='utf-8') as f:
-            content = f.read()
-        
-        formatted = format_markdown(content)
-        
-        if formatted != content:
-            with open(file_path, 'w', encoding='utf-8') as f:
-                f.write(formatted)
-            print(f"✓ Fixed markdown formatting in {file_path}")
-    
-except Exception as e:
-    print(f"Error formatting markdown: {e}", file=sys.stderr)
-    sys.exit(1)
-````
-
-Make the script executable:
-
-```bash  theme={null}
-chmod +x .claude/hooks/markdown_formatter.py
-```
-
-This hook automatically:
-
-* Detects programming languages in unlabeled code blocks
-* Adds appropriate language tags for syntax highlighting
-* Fixes excessive blank lines while preserving code content
-* Only processes markdown files (`.md`, `.mdx`)
-
-### Custom Notification Hook
-
-Get desktop notifications when Claude needs input:
-
-```json  theme={null}
-{
-  "hooks": {
-    "Notification": [
-      {
-        "matcher": "",
-        "hooks": [
-          {
-            "type": "command",
-            "command": "notify-send 'Claude Code' 'Awaiting your input'"
-          }
-        ]
-      }
-    ]
-  }
-}
-```
-
-### File Protection Hook
-
-Block edits to sensitive files:
-
-```json  theme={null}
-{
-  "hooks": {
-    "PreToolUse": [
-      {
-        "matcher": "Edit|Write",
-        "hooks": [
-          {
-            "type": "command",
-            "command": "python3 -c \"import json, sys; data=json.load(sys.stdin); path=data.get('tool_input',{}).get('file_path',''); sys.exit(2 if any(p in path for p in ['.env', 'package-lock.json', '.git/']) else 0)\""
-          }
-        ]
-      }
-    ]
-  }
-}
-```
-
-## Learn more
-
-* For reference documentation on hooks, see [Hooks reference](/en/hooks).
-* For comprehensive security best practices and safety guidelines, see [Security Considerations](/en/hooks#security-considerations) in the hooks reference documentation.
-* For troubleshooting steps and debugging techniques, see [Debugging](/en/hooks#debugging) in the hooks reference
-  documentation.
-
-
---
-
-> To find navigation and other pages in this documentation, fetch the llms.txt file at: https://code.claude.com/docs/llms.txt
@@ -0,0 +1,18 @@
+# Docker
+
+The root `docker-compose.yml` starts Claude-Mem Server beta with a persistent Valkey sidecar.
+
+```sh
+docker compose up --build
+curl http://127.0.0.1:37777/healthz
+```
+
+The server container uses:
+
+- `CLAUDE_MEM_WORKER_HOST=0.0.0.0`
+- `CLAUDE_MEM_DATA_DIR=/data/claude-mem`
+- `CLAUDE_MEM_QUEUE_ENGINE=bullmq`
+- `CLAUDE_MEM_REDIS_URL=redis://valkey:6379`
+- `CLAUDE_MEM_AUTH_MODE=api-key`
+
+Create an API key inside the container before using protected V1 write routes.
@@ -49,7 +49,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -82,7 +82,6 @@
  </a>
 </p>

-
 <p align="center">
  <a href="#بداية-سريعة">بداية سريعة</a> •
  <a href="#كيف-يعمل">كيف يعمل</a> •
@@ -276,25 +275,21 @@ npm run bug-report

 ---

-## الترخيص (License)
+## License

-هذا المشروع مرخص بموجب **ترخيص GNU Affero العام الإصدار 3.0** (AGPL-3.0).
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

-حقوق النشر (C) 2025 Alex Newman (@thedotmack). جميع الحقوق محفوظة.
+Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-انظر ملف [LICENSE](LICENSE) للتفاصيل الكاملة.
+See the [LICENSE](LICENSE) file for full details.

-**ماذا يعني هذا:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- يمكنك استخدام وتعديل وتوزيع هذا البرنامج بحرية
- إذا قمت بتعديل ونشر على خادم شبكة، يجب أن تتيح كود المصدر الخاص بك
- الأعمال المشتقة يجب أن تكون مرخصة أيضًا تحت AGPL-3.0
- لا يوجد ضمان لهذا البرنامج
-
-**ملاحظة حول Ragtime**: دليل `ragtime/` مرخص بشكل منفصل تحت **ترخيص PolyForm Noncommercial 1.0.0**. انظر [ragtime/LICENSE](ragtime/LICENSE) للتفاصيل.
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## الدعم

 - **التوثيق**: [docs/](docs/)
@@ -50,7 +50,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -273,25 +273,21 @@ npm run bug-report

 ---

-## লাইসেন্স
+## License

-এই প্রকল্পটি **GNU Affero General Public License v3.0** (AGPL-3.0) এর অধীনে লাইসেন্সপ্রাপ্ত।
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

-Copyright (C) 2025 Alex Newman (@thedotmack). সর্বস্বত্ব সংরক্ষিত।
+Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-সম্পূর্ণ বিবরণের জন্য [LICENSE](LICENSE) ফাইল দেখুন।
+See the [LICENSE](LICENSE) file for full details.

-**এর অর্থ কী:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- আপনি এই সফটওয়্যারটি অবাধে ব্যবহার, পরিবর্তন এবং বিতরণ করতে পারেন
- যদি আপনি পরিবর্তন করেন এবং একটি নেটওয়ার্ক সার্ভারে ডিপ্লয় করেন, তাহলে আপনাকে আপনার সোর্স কোড উপলব্ধ করতে হবে
- ডেরিভেটিভ কাজগুলিও AGPL-3.0 এর অধীনে লাইসেন্সপ্রাপ্ত হতে হবে
- এই সফটওয়্যারের জন্য কোনও ওয়ারেন্টি নেই
-
-**Ragtime সম্পর্কে নোট**: `ragtime/` ডিরেক্টরি আলাদাভাবে **PolyForm Noncommercial License 1.0.0** এর অধীনে লাইসেন্সপ্রাপ্ত। বিস্তারিত জানতে [ragtime/LICENSE](ragtime/LICENSE) দেখুন।
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## সাপোর্ট

 - **ডকুমেন্টেশন**: [docs/](docs/)
@@ -50,7 +50,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -273,25 +273,21 @@ Pracovní postup pro přispívání najdete v [Průvodci vývojem](https://docs.

 ---

-## Licence
+## License

-Tento projekt je licencován pod **GNU Affero General Public License v3.0** (AGPL-3.0).
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

-Copyright (C) 2025 Alex Newman (@thedotmack). Všechna práva vyhrazena.
+Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-Úplné podrobnosti najdete v souboru [LICENSE](LICENSE).
+See the [LICENSE](LICENSE) file for full details.

-**Co to znamená:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- Software můžete volně používat, upravovat a distribuovat
- Pokud jej upravíte a nasadíte na síťovém serveru, musíte zpřístupnit svůj zdrojový kód
- Odvozená díla musí být také licencována pod AGPL-3.0
- Pro tento software neexistuje ŽÁDNÁ ZÁRUKA
-
-**Poznámka k Ragtime**: Adresář `ragtime/` je licencován samostatně pod **PolyForm Noncommercial License 1.0.0**. Podrobnosti najdete v [ragtime/LICENSE](ragtime/LICENSE).
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## Podpora

 - **Dokumentace**: [docs/](docs/)
@@ -50,7 +50,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -273,25 +273,21 @@ Se [Udviklingsguide](https://docs.claude-mem.ai/development) for bidragsworkflow

 ---

-## Licens
+## License

-Dette projekt er licenseret under **GNU Affero General Public License v3.0** (AGPL-3.0).
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

-Copyright (C) 2025 Alex Newman (@thedotmack). Alle rettigheder forbeholdes.
+Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-Se [LICENSE](LICENSE)-filen for fulde detaljer.
+See the [LICENSE](LICENSE) file for full details.

-**Hvad Dette Betyder:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- Du kan bruge, modificere og distribuere denne software frit
- Hvis du modificerer og implementerer på en netværksserver, skal du gøre din kildekode tilgængelig
- Afledte værker skal også licenseres under AGPL-3.0
- Der er INGEN GARANTI for denne software
-
-**Bemærkning om Ragtime**: `ragtime/`-kataloget er licenseret separat under **PolyForm Noncommercial License 1.0.0**. Se [ragtime/LICENSE](ragtime/LICENSE) for detaljer.
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## Support

 - **Dokumentation**: [docs/](docs/)
@@ -50,7 +50,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -273,25 +273,21 @@ Siehe [Entwicklungsanleitung](https://docs.claude-mem.ai/development) für den B

 ---

-## Lizenz
+## License

-Dieses Projekt ist unter der **GNU Affero General Public License v3.0** (AGPL-3.0) lizenziert.
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

-Copyright (C) 2025 Alex Newman (@thedotmack). Alle Rechte vorbehalten.
+Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-Siehe die [LICENSE](LICENSE)-Datei für vollständige Details.
+See the [LICENSE](LICENSE) file for full details.

-**Was das bedeutet:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- Sie können diese Software frei verwenden, modifizieren und verteilen
- Wenn Sie sie modifizieren und auf einem Netzwerkserver bereitstellen, müssen Sie Ihren Quellcode verfügbar machen
- Abgeleitete Werke müssen ebenfalls unter AGPL-3.0 lizenziert werden
- Es gibt KEINE GARANTIE für diese Software
-
-**Hinweis zu Ragtime**: Das `ragtime/`-Verzeichnis ist separat unter der **PolyForm Noncommercial License 1.0.0** lizenziert. Siehe [ragtime/LICENSE](ragtime/LICENSE) für Details.
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## Support

 - **Dokumentation**: [docs/](docs/)
@@ -301,4 +297,4 @@ Siehe die [LICENSE](LICENSE)-Datei für vollständige Details.

 ---

-**Erstellt mit Claude Agent SDK** | **Powered by Claude Code** | **Made with TypeScript**
+**Erstellt mit Claude Agent SDK** | **Works with Claude Code** | **Made with TypeScript**
@@ -50,7 +50,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -273,25 +273,21 @@ npm run bug-report

 ---

-## Άδεια Χρήσης
+## License

-Αυτό το έργο διατίθεται με άδεια **GNU Affero General Public License v3.0** (AGPL-3.0).
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

-Copyright (C) 2025 Alex Newman (@thedotmack). Με επιφύλαξη παντός δικαιώματος.
+Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-Δείτε το αρχείο [LICENSE](LICENSE) για πλήρεις λεπτομέρειες.
+See the [LICENSE](LICENSE) file for full details.

-**Τι Σημαίνει Αυτό:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- Μπορείτε να χρησιμοποιήσετε, να τροποποιήσετε και να διανείμετε ελεύθερα αυτό το λογισμικό
- Εάν τροποποιήσετε και αναπτύξετε σε διακομιστή δικτύου, πρέπει να καταστήσετε διαθέσιμο τον πηγαίο κώδικά σας
- Τα παράγωγα έργα πρέπει επίσης να διατίθενται με άδεια AGPL-3.0
- ΔΕΝ υπάρχει ΕΓΓΥΗΣΗ για αυτό το λογισμικό
-
-**Σημείωση για το Ragtime**: Ο κατάλογος `ragtime/` διατίθεται χωριστά με άδεια **PolyForm Noncommercial License 1.0.0**. Δείτε το [ragtime/LICENSE](ragtime/LICENSE) για λεπτομέρειες.
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## Υποστήριξη

 - **Τεκμηρίωση**: [docs/](docs/)
@@ -51,7 +51,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -274,25 +274,21 @@ Ver [Guía de Desarrollo](https://docs.claude-mem.ai/development) para el flujo

 ---

-## Licencia
+## License

-Este proyecto está licenciado bajo la **GNU Affero General Public License v3.0** (AGPL-3.0).
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

-Copyright (C) 2025 Alex Newman (@thedotmack). Todos los derechos reservados.
+Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-Ver el archivo [LICENSE](LICENSE) para detalles completos.
+See the [LICENSE](LICENSE) file for full details.

-**Lo Que Esto Significa:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- Puedes usar, modificar y distribuir este software libremente
- Si modificas y despliegas en un servidor de red, debes hacer tu código fuente disponible
- Los trabajos derivados también deben estar licenciados bajo AGPL-3.0
- NO hay GARANTÍA para este software
-
-**Nota sobre Ragtime**: El directorio `ragtime/` está licenciado por separado bajo la **PolyForm Noncommercial License 1.0.0**. Ver [ragtime/LICENSE](ragtime/LICENSE) para detalles.
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## Soporte

 - **Documentación**: [docs/](docs/)
@@ -49,7 +49,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -272,25 +272,21 @@ Katso [Kehitysopas](https://docs.claude-mem.ai/development) osallistumisen työn

 ---

-## Lisenssi
+## License

-Tämä projekti on lisensoitu **GNU Affero General Public License v3.0** (AGPL-3.0) -lisenssillä.
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

-Copyright (C) 2025 Alex Newman (@thedotmack). Kaikki oikeudet pidätetään.
+Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-Katso [LICENSE](LICENSE)-tiedosto täydellisistä yksityiskohdista.
+See the [LICENSE](LICENSE) file for full details.

-**Mitä tämä tarkoittaa:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- Voit käyttää, muokata ja jakaa tätä ohjelmistoa vapaasti
- Jos muokkaat ja otat käyttöön verkkopalvelimella, sinun on asetettava lähdekoodisi saataville
- Johdannaisten teosten on myös oltava AGPL-3.0-lisensoituja
- Tälle ohjelmistolle EI OLE TAKUUTA
-
-**Huomautus Ragtimesta**: `ragtime/`-hakemisto on erikseen lisensoitu **PolyForm Noncommercial License 1.0.0** -lisenssillä. Katso [ragtime/LICENSE](ragtime/LICENSE) yksityiskohdista.
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## Tuki

 - **Dokumentaatio**: [docs/](docs/)
@@ -50,7 +50,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -273,25 +273,21 @@ Voir le [Guide de développement](https://docs.claude-mem.ai/development) pour l

 ---

-## Licence
+## License

-Ce projet est sous licence **GNU Affero General Public License v3.0** (AGPL-3.0).
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

-Copyright (C) 2025 Alex Newman (@thedotmack). Tous droits réservés.
+Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-Voir le fichier [LICENSE](LICENSE) pour tous les détails.
+See the [LICENSE](LICENSE) file for full details.

-**Ce que cela signifie :**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- Vous pouvez utiliser, modifier et distribuer ce logiciel librement
- Si vous modifiez et déployez sur un serveur réseau, vous devez rendre votre code source disponible
- Les œuvres dérivées doivent également être sous licence AGPL-3.0
- Il n'y a AUCUNE GARANTIE pour ce logiciel
-
-**Note sur Ragtime** : Le répertoire `ragtime/` est sous licence séparée sous la **PolyForm Noncommercial License 1.0.0**. Voir [ragtime/LICENSE](ragtime/LICENSE) pour plus de détails.
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## Support

 - **Documentation** : [docs/](docs/)
@@ -49,7 +49,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -272,25 +272,21 @@ npm run bug-report

 ---

-## רישיון
+## License

-פרויקט זה מורשה תחת **GNU Affero General Public License v3.0** (AGPL-3.0).
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

-זכויות יוצרים (C) 2025 Alex Newman (@thedotmack). כל הזכויות שמורות.
+Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-ראה את קובץ [LICENSE](LICENSE) לפרטים מלאים.
+See the [LICENSE](LICENSE) file for full details.

-**משמעות הדבר:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- אתה יכול לשימוש, שינוי והפצה של תוכנה זו בחופשיות
- אם אתה משנה ופורס על שרת רשת, עליך להנגיש את קוד המקור שלך
- עבודות נגזרות חייבות להיות מורשות גם כן תחת AGPL-3.0
- אין אחריות לתוכנה זו
-
-**הערה על Ragtime**: ספריית `ragtime/` מורשית בנפרד תחת **PolyForm Noncommercial License 1.0.0**. ראה [ragtime/LICENSE](ragtime/LICENSE) לפרטים.
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## תמיכה

 - **תיעוד**: [docs/](docs/)
@@ -50,7 +50,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -273,25 +273,21 @@ npm run bug-report

 ---

-## लाइसेंस
+## License

-यह प्रोजेक्ट **GNU Affero General Public License v3.0** (AGPL-3.0) के तहत लाइसेंस प्राप्त है।
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

-Copyright (C) 2025 Alex Newman (@thedotmack)। सर्वाधिकार सुरक्षित।
+Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-पूर्ण विवरण के लिए [LICENSE](LICENSE) फ़ाइल देखें।
+See the [LICENSE](LICENSE) file for full details.

-**इसका क्या अर्थ है:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- आप इस सॉफ़्टवेयर को स्वतंत्र रूप से उपयोग, संशोधित और वितरित कर सकते हैं
- यदि आप नेटवर्क सर्वर पर संशोधित और तैनात करते हैं, तो आपको अपना स्रोत कोड उपलब्ध कराना होगा
- व्युत्पन्न कार्यों को भी AGPL-3.0 के तहत लाइसेंस प्राप्त होना चाहिए
- इस सॉफ़्टवेयर के लिए कोई वारंटी नहीं है
-
-**Ragtime पर नोट**: `ragtime/` डायरेक्टरी को **PolyForm Noncommercial License 1.0.0** के तहत अलग से लाइसेंस प्राप्त है। विवरण के लिए [ragtime/LICENSE](ragtime/LICENSE) देखें।
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## समर्थन

 - **दस्तावेज़ीकरण**: [docs/](docs/)
@@ -50,7 +50,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -273,25 +273,21 @@ A hozzájárulási munkafolyamatért lásd a [Fejlesztési útmutatót](https://

 ---

-## Licenc
+## License

-Ez a projekt a **GNU Affero General Public License v3.0** (AGPL-3.0) alatt licencelt.
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

-Copyright (C) 2025 Alex Newman (@thedotmack). Minden jog fenntartva.
+Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-A teljes részletekért lásd a [LICENSE](LICENSE) fájlt.
+See the [LICENSE](LICENSE) file for full details.

-**Mit jelent ez:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- Szabadon használhatja, módosíthatja és terjesztheti ezt a szoftvert
- Ha módosítja és hálózati szerveren telepíti, elérhetővé kell tennie a forráskódot
- A származékos munkáknak szintén AGPL-3.0 alatt kell licencelve lenniük
- Ehhez a szoftverhez NINCS GARANCIA
-
-**Megjegyzés a Ragtime-ról**: A `ragtime/` könyvtár külön licencelt a **PolyForm Noncommercial License 1.0.0** alatt. Részletekért lásd a [ragtime/LICENSE](ragtime/LICENSE) fájlt.
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## Támogatás

 - **Dokumentáció**: [docs/](docs/)
@@ -50,7 +50,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -273,25 +273,21 @@ Lihat [Panduan Pengembangan](https://docs.claude-mem.ai/development) untuk alur

 ---

-## Lisensi
+## License

-Proyek ini dilisensikan di bawah **GNU Affero General Public License v3.0** (AGPL-3.0).
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

 Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-Lihat file [LICENSE](LICENSE) untuk detail lengkap.
+See the [LICENSE](LICENSE) file for full details.

-**Apa Artinya:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- Anda dapat menggunakan, memodifikasi, dan mendistribusikan perangkat lunak ini dengan bebas
- Jika Anda memodifikasi dan men-deploy di server jaringan, Anda harus membuat kode sumber Anda tersedia
- Karya turunan juga harus dilisensikan di bawah AGPL-3.0
- TIDAK ADA JAMINAN untuk perangkat lunak ini
-
-**Catatan tentang Ragtime**: Direktori `ragtime/` dilisensikan secara terpisah di bawah **PolyForm Noncommercial License 1.0.0**. Lihat [ragtime/LICENSE](ragtime/LICENSE) untuk detail.
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## Dukungan

 - **Dokumentasi**: [docs/](docs/)
@@ -301,6 +297,6 @@ Lihat file [LICENSE](LICENSE) untuk detail lengkap.

 ---

-**Built with Claude Agent SDK** | **Powered by Claude Code** | **Made with TypeScript**
+**Built with Claude Agent SDK** | **Works with Claude Code** | **Made with TypeScript**

 ---
@@ -50,7 +50,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -273,25 +273,21 @@ Vedi [Guida allo Sviluppo](https://docs.claude-mem.ai/development) per il flusso

 ---

-## Licenza
+## License

-Questo progetto è rilasciato sotto la **GNU Affero General Public License v3.0** (AGPL-3.0).
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

-Copyright (C) 2025 Alex Newman (@thedotmack). Tutti i diritti riservati.
+Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-Vedi il file [LICENSE](LICENSE) per i dettagli completi.
+See the [LICENSE](LICENSE) file for full details.

-**Cosa Significa:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- Puoi usare, modificare e distribuire questo software liberamente
- Se modifichi e distribuisci su un server di rete, devi rendere disponibile il tuo codice sorgente
- Le opere derivate devono anche essere rilasciate sotto AGPL-3.0
- NON c'è GARANZIA per questo software
-
-**Nota su Ragtime**: La directory `ragtime/` è rilasciata separatamente sotto la **PolyForm Noncommercial License 1.0.0**. Vedi [ragtime/LICENSE](ragtime/LICENSE) per i dettagli.
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## Supporto

 - **Documentazione**: [docs/](docs/)
@@ -50,7 +50,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -273,25 +273,21 @@ npm run bug-report

 ---

-## ライセンス
+## License

-このプロジェクトは**GNU Affero General Public License v3.0**(AGPL-3.0)の下でライセンスされています。
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

 Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-詳細は[LICENSE](LICENSE)ファイルを参照してください。
+See the [LICENSE](LICENSE) file for full details.

-**これが意味すること:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- このソフトウェアを自由に使用、変更、配布できます
- ネットワークサーバーで変更して展開する場合、ソースコードを利用可能にする必要があります
- 派生作品もAGPL-3.0の下でライセンスする必要があります
- このソフトウェアには保証がありません
-
-**Ragtimeに関する注意**: `ragtime/`ディレクトリは **PolyForm Noncommercial License 1.0.0** の下で個別にライセンスされています。詳細は[ragtime/LICENSE](ragtime/LICENSE)を参照してください。
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## サポート

 - **ドキュメント**: [docs/](docs/)
@@ -50,7 +50,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -273,25 +273,21 @@ npm run bug-report

 ---

-## 라이선스
+## License

-이 프로젝트는 **GNU Affero General Public License v3.0** (AGPL-3.0)에 따라 라이선스가 부여됩니다.
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

 Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-전체 세부 정보는 [LICENSE](LICENSE) 파일을 참조하세요.
+See the [LICENSE](LICENSE) file for full details.

-**의미:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- 이 소프트웨어를 자유롭게 사용, 수정 및 배포할 수 있습니다
- 수정하여 네트워크 서버에 배포하는 경우 소스 코드를 공개해야 합니다
- 파생 작업물도 AGPL-3.0에 따라 라이선스가 부여되어야 합니다
- 이 소프트웨어에는 보증이 없습니다
-
-**Ragtime에 대한 참고 사항**: `ragtime/` 디렉토리는 **PolyForm Noncommercial License 1.0.0**에 따라 별도로 라이선스가 부여됩니다. 자세한 내용은 [ragtime/LICENSE](ragtime/LICENSE)를 참조하세요.
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## 지원

 - **문서**: [docs/](docs/)
@@ -49,7 +49,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -272,25 +272,21 @@ Zie [Ontwikkelingsgids](https://docs.claude-mem.ai/development) voor bijdragewor

 ---

-## Licentie
+## License

-Dit project is gelicentieerd onder de **GNU Affero General Public License v3.0** (AGPL-3.0).
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

-Copyright (C) 2025 Alex Newman (@thedotmack). Alle rechten voorbehouden.
+Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-Zie het [LICENSE](LICENSE) bestand voor volledige details.
+See the [LICENSE](LICENSE) file for full details.

-**Wat Dit Betekent:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- Je kunt deze software vrijelijk gebruiken, aanpassen en distribueren
- Als je aanpast en implementeert op een netwerkserver, moet je je broncode beschikbaar maken
- Afgeleide werken moeten ook gelicentieerd zijn onder AGPL-3.0
- Er is GEEN GARANTIE voor deze software
-
-**Opmerking over Ragtime**: De `ragtime/` directory is afzonderlijk gelicentieerd onder de **PolyForm Noncommercial License 1.0.0**. Zie [ragtime/LICENSE](ragtime/LICENSE) voor details.
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## Ondersteuning

 - **Documentatie**: [docs/](docs/)
@@ -50,7 +50,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -273,25 +273,21 @@ Se [Utviklingsveiledning](https://docs.claude-mem.ai/development) for bidragsfly

 ---

-## Lisens
+## License

-Dette prosjektet er lisensiert under **GNU Affero General Public License v3.0** (AGPL-3.0).
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

-Copyright (C) 2025 Alex Newman (@thedotmack). Alle rettigheter reservert.
+Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-Se [LICENSE](LICENSE)-filen for fullstendige detaljer.
+See the [LICENSE](LICENSE) file for full details.

-**Hva Dette Betyr:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- Du kan bruke, modifisere og distribuere denne programvaren fritt
- Hvis du modifiserer og distribuerer på en nettverkstjener, må du gjøre kildekoden din tilgjengelig
- Avledede verk må også være lisensiert under AGPL-3.0
- Det er INGEN GARANTI for denne programvaren
-
-**Merknad om Ragtime**: `ragtime/`-katalogen er lisensiert separat under **PolyForm Noncommercial License 1.0.0**. Se [ragtime/LICENSE](ragtime/LICENSE) for detaljer.
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## Støtte

 - **Dokumentasjon**: [docs/](docs/)
@@ -49,7 +49,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -272,25 +272,21 @@ Zobacz [Przewodnik Rozwoju](https://docs.claude-mem.ai/development) dla przepły

 ---

-## Licencja
+## License

-Ten projekt jest licencjonowany na podstawie **GNU Affero General Public License v3.0** (AGPL-3.0).
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

-Copyright (C) 2025 Alex Newman (@thedotmack). Wszelkie prawa zastrzeżone.
+Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-Zobacz plik [LICENSE](LICENSE) dla pełnych szczegółów.
+See the [LICENSE](LICENSE) file for full details.

-**Co To Oznacza:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- Możesz używać, modyfikować i dystrybuować to oprogramowanie swobodnie
- Jeśli zmodyfikujesz i wdrożysz na serwerze sieciowym, musisz udostępnić swój kod źródłowy
- Dzieła pochodne muszą być również licencjonowane na podstawie AGPL-3.0
- Nie ma GWARANCJI dla tego oprogramowania
-
-**Uwaga o Ragtime**: Katalog `ragtime/` jest licencjonowany osobno na podstawie **PolyForm Noncommercial License 1.0.0**. Zobacz [ragtime/LICENSE](ragtime/LICENSE) dla szczegółów.
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## Wsparcie

 - **Dokumentacja**: [docs/](docs/)
@@ -50,7 +50,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -273,25 +273,21 @@ Veja [Guia de Desenvolvimento](https://docs.claude-mem.ai/development) para o fl

 ---

-## Licença
+## License

-Este projeto está licenciado sob a **GNU Affero General Public License v3.0** (AGPL-3.0).
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

-Copyright (C) 2025 Alex Newman (@thedotmack). Todos os direitos reservados.
+Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-Veja o arquivo [LICENSE](LICENSE) para detalhes completos.
+See the [LICENSE](LICENSE) file for full details.

-**O Que Isso Significa:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- Você pode usar, modificar e distribuir este software livremente
- Se você modificar e implantar em um servidor de rede, você deve disponibilizar seu código-fonte
- Trabalhos derivados também devem ser licenciados sob AGPL-3.0
- NÃO HÁ GARANTIA para este software
-
-**Nota sobre Ragtime**: O diretório `ragtime/` é licenciado separadamente sob a **PolyForm Noncommercial License 1.0.0**. Veja [ragtime/LICENSE](ragtime/LICENSE) para detalhes.
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## Suporte

 - **Documentação**: [docs/](docs/)
@@ -50,7 +50,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -273,25 +273,21 @@ Consultați [Ghidul de Dezvoltare](https://docs.claude-mem.ai/development) pentr

 ---

-## Licență
+## License

-Acest proiect este licențiat sub **GNU Affero General Public License v3.0** (AGPL-3.0).
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

-Copyright (C) 2025 Alex Newman (@thedotmack). Toate drepturile rezervate.
+Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-Consultați fișierul [LICENSE](LICENSE) pentru detalii complete.
+See the [LICENSE](LICENSE) file for full details.

-**Ce Înseamnă Asta:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- Puteți folosi, modifica și distribui acest software liber
- Dacă modificați și implementați pe un server de rețea, trebuie să faceți disponibil codul sursă
- Lucrările derivate trebuie să fie licențiate și ele sub AGPL-3.0
- NU EXISTĂ NICIO GARANȚIE pentru acest software
-
-**Notă despre Ragtime**: Directorul `ragtime/` este licențiat separat sub **PolyForm Noncommercial License 1.0.0**. Consultați [ragtime/LICENSE](ragtime/LICENSE) pentru detalii.
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## Suport

 - **Documentație**: [docs/](docs/)
@@ -50,7 +50,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -273,25 +273,21 @@ npm run bug-report

 ---

-## Лицензия
+## License

-Этот проект лицензирован под **GNU Affero General Public License v3.0** (AGPL-3.0).
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

-Copyright (C) 2025 Alex Newman (@thedotmack). Все права защищены.
+Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-Полные сведения см. в файле [LICENSE](LICENSE).
+See the [LICENSE](LICENSE) file for full details.

-**Что это означает:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- Вы можете свободно использовать, модифицировать и распространять это программное обеспечение
- Если вы модифицируете и развертываете на сетевом сервере, вы должны сделать свой исходный код доступным
- Производные работы также должны быть лицензированы под AGPL-3.0
- Для этого программного обеспечения НЕТ ГАРАНТИЙ
-
-**Примечание о Ragtime**: Директория `ragtime/` лицензирована отдельно под **PolyForm Noncommercial License 1.0.0**. Подробности см. в [ragtime/LICENSE](ragtime/LICENSE).
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## Поддержка

 - **Документация**: [docs/](docs/)
@@ -50,7 +50,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -273,25 +273,21 @@ Se [Utvecklingsguide](https://docs.claude-mem.ai/development) för bidragsarbets

 ---

-## Licens
+## License

-Detta projekt är licensierat under **GNU Affero General Public License v3.0** (AGPL-3.0).
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

-Copyright (C) 2025 Alex Newman (@thedotmack). Alla rättigheter förbehållna.
+Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-Se [LICENSE](LICENSE)-filen för fullständiga detaljer.
+See the [LICENSE](LICENSE) file for full details.

-**Vad detta betyder:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- Du kan använda, modifiera och distribuera denna programvara fritt
- Om du modifierar och distribuerar på en nätverksserver måste du göra din källkod tillgänglig
- Härledda verk måste också licensieras under AGPL-3.0
- Det finns INGEN GARANTI för denna programvara
-
-**Notering om Ragtime**: Katalogen `ragtime/` är licensierad separat under **PolyForm Noncommercial License 1.0.0**. Se [ragtime/LICENSE](ragtime/LICENSE) för detaljer.
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## Support

 - **Dokumentation**: [docs/](docs/)
@@ -49,7 +49,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -272,25 +272,21 @@ npm run bug-report

 ---

-## ใบอนุญาต
+## License

-โปรเจกต์นี้ได้รับอนุญาตภายใต้ **GNU Affero General Public License v3.0** (AGPL-3.0)
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

-Copyright (C) 2025 Alex Newman (@thedotmack) สงวนลิขสิทธิ์ทั้งหมด
+Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-ดูไฟล์ [LICENSE](LICENSE) สำหรับรายละเอียดทั้งหมด
+See the [LICENSE](LICENSE) file for full details.

-**ความหมาย:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- คุณสามารถใช้ ดัดแปลง และแจกจ่ายซอฟต์แวร์นี้ได้อย่างอิสระ
- หากคุณดัดแปลงและปรับใช้บนเซิร์ฟเวอร์เครือข่าย คุณต้องทำให้ซอร์สโค้ดของคุณพร้อมใช้งาน
- งานที่เป็นอนุพันธ์ต้องได้รับอนุญาตภายใต้ AGPL-3.0 ด้วย
- ไม่มีการรับประกันสำหรับซอฟต์แวร์นี้
-
-**หมายเหตุเกี่ยวกับ Ragtime**: ไดเรกทอรี `ragtime/` ได้รับอนุญาตแยกต่างหากภายใต้ **PolyForm Noncommercial License 1.0.0** ดู [ragtime/LICENSE](ragtime/LICENSE) สำหรับรายละเอียด
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## การสนับสนุน

 - **เอกสาร**: [docs/](docs/)
@@ -51,7 +51,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -297,25 +297,21 @@ Tingnan ang [Gabay nang pagbuo](https://docs.claude-mem.ai/development) para sa

 ---

-## Lisensya
+## License

-Ang proyektong ito ay licensed sa ilalim ng **GNU Affero General Public License v3.0** (AGPL-3.0).
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

 Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-Tingnan ang [LICENSE](LICENSE) file para sa buong detalye.
+See the [LICENSE](LICENSE) file for full details.

-**Ano ang ibig sabihin nito:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- Maaari mong gamitin, baguhin, at ipamahagi ang software na ito nang libre
- Kung babaguhin mo at i-deploy sa isang network server, kailangan mong gawing available ang iyong source code
- Dapat ding naka-license sa AGPL-3.0 ang mga derivative works
- WALANG WARRANTY para sa software na ito
-
-**Tala tungkol sa Ragtime**: Ang `ragtime/` directory ay may hiwalay na lisensya sa ilalim ng **PolyForm Noncommercial License 1.0.0**. Tingnan ang [ragtime/LICENSE](ragtime/LICENSE) para sa detalye.
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## Suporta

 - **Dokumentasyon**: [docs/](docs/)
@@ -325,4 +321,4 @@ Tingnan ang [LICENSE](LICENSE) file para sa buong detalye.

 ---

-**Built with Claude Agent SDK** | **Powered by Claude Code** | **Made with TypeScript**
+**Built with Claude Agent SDK** | **Works with Claude Code** | **Made with TypeScript**
@@ -49,7 +49,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -272,25 +272,21 @@ Katkı iş akışı için [Geliştirme Kılavuzu](https://docs.claude-mem.ai/dev

 ---

-## Lisans
+## License

-Bu proje **GNU Affero General Public License v3.0** (AGPL-3.0) altında lisanslanmıştır.
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

-Telif Hakkı (C) 2025 Alex Newman (@thedotmack). Tüm hakları saklıdır.
+Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-Tam detaylar için [LICENSE](LICENSE) dosyasına bakın.
+See the [LICENSE](LICENSE) file for full details.

-**Bu Ne Anlama Gelir:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- Bu yazılımı özgürce kullanabilir, değiştirebilir ve dağıtabilirsiniz
- Değiştirip bir ağ sunucusunda dağıtırsanız, kaynak kodunuzu kullanılabilir hale getirmelisiniz
- Türev çalışmalar da AGPL-3.0 altında lisanslanmalıdır
- Bu yazılım için HİÇBİR GARANTİ yoktur
-
-**Ragtime Hakkında Not**: `ragtime/` dizini ayrı olarak **PolyForm Noncommercial License 1.0.0** altında lisanslanmıştır. Detaylar için [ragtime/LICENSE](ragtime/LICENSE) dosyasına bakın.
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## Destek

 - **Dokümantasyon**: [docs/](docs/)
@@ -50,7 +50,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -273,25 +273,21 @@ npm run bug-report

 ---

-## Ліцензія
+## License

-Цей проєкт ліцензовано під **GNU Affero General Public License v3.0** (AGPL-3.0).
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

-Авторське право (C) 2025 Alex Newman (@thedotmack). Всі права захищені.
+Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-Дивіться файл [LICENSE](LICENSE) для повних деталей.
+See the [LICENSE](LICENSE) file for full details.

-**Що це означає:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- Ви можете використовувати, модифікувати та поширювати це програмне забезпечення вільно
- Якщо ви модифікуєте та розгортаєте на мережевому сервері, ви повинні зробити свій вихідний код доступним
- Похідні роботи також повинні бути ліцензовані під AGPL-3.0
- Для цього програмного забезпечення НЕМАЄ ГАРАНТІЇ
-
-**Примітка про Ragtime**: Каталог `ragtime/` ліцензовано окремо під **PolyForm Noncommercial License 1.0.0**. Дивіться [ragtime/LICENSE](ragtime/LICENSE) для деталей.
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## Підтримка

 - **Документація**: [docs/](docs/)
@@ -50,7 +50,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -278,25 +278,21 @@ npm run bug-report

 ---

-## لائسنس
+## License

-یہ منصوبہ **GNU Affero General Public License v3.0** (AGPL-3.0) کے تحت لائسنس ہے۔
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

-Copyright (C) 2025 Alex Newman (@thedotmack)۔ تمام حقوق محفوظ ہیں۔
+Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-مکمل تفصیلات کے لیے [LICENSE](LICENSE) فائل دیکھیں۔
+See the [LICENSE](LICENSE) file for full details.

-**اس کا مطلب کیا ہے:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- آپ اس سافٹ ویئر کو آزادی سے استعمال، تبدیل اور تقسیم کر سکتے ہیں
- اگر آپ اسے تبدیل کریں اور نیٹ ورک سرور میں نشر کریں تو آپ کو اپنا سورس کوڈ دستیاب کرنا ہوگا
- ماخوذ کام بھی AGPL-3.0 کے تحت لائسنس ہونے چاہیں
- اس سافٹ ویئر کے لیے کوئی وارنٹی نہیں
-
-**Ragtime کے بارے میں نوٹ**: `ragtime/` ڈائریکٹری الگ سے **PolyForm Noncommercial License 1.0.0** کے تحت لائسنس ہے۔ تفصیلات کے لیے [ragtime/LICENSE](ragtime/LICENSE) دیکھیں۔
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## معاونت

 - **دستاویزات**: [docs/](docs/)
@@ -50,7 +50,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -273,25 +273,21 @@ Xem [Hướng Dẫn Phát Triển](https://docs.claude-mem.ai/development) để

 ---

-## Giấy Phép
+## License

-Dự án này được cấp phép theo **GNU Affero General Public License v3.0** (AGPL-3.0).
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

-Copyright (C) 2025 Alex Newman (@thedotmack). Bảo lưu mọi quyền.
+Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-Xem tệp [LICENSE](LICENSE) để biết chi tiết đầy đủ.
+See the [LICENSE](LICENSE) file for full details.

-**Điều Này Có Nghĩa Là:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- Bạn có thể sử dụng, sửa đổi và phân phối phần mềm này tự do
- Nếu bạn sửa đổi và triển khai trên máy chủ mạng, bạn phải cung cấp mã nguồn của mình
- Các tác phẩm phái sinh cũng phải được cấp phép theo AGPL-3.0
- KHÔNG CÓ BẢO HÀNH cho phần mềm này
-
-**Lưu Ý Về Ragtime**: Thư mục `ragtime/` được cấp phép riêng theo **PolyForm Noncommercial License 1.0.0**. Xem [ragtime/LICENSE](ragtime/LICENSE) để biết chi tiết.
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## Hỗ Trợ

 - **Tài Liệu**: [docs/](docs/)
@@ -49,7 +49,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -278,25 +278,21 @@ npm run bug-report

 ---

-## 授權條款
+## License

-本專案採用 **GNU Affero 通用公共授權條款 v3.0**（AGPL-3.0）授權。
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

 Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-完整詳情請參閱 [LICENSE](LICENSE) 檔案。
+See the [LICENSE](LICENSE) file for full details.

-**這代表什麼：**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- 您可以自由使用、修改與散佈此軟體
- 如果您修改並部署於網路伺服器上，您必須公開您的原始碼
- 衍生作品也必須採用 AGPL-3.0 授權
- 本軟體不提供任何擔保
-
-**關於 Ragtime 的說明**：`ragtime/` 目錄採用 **PolyForm Noncommercial License 1.0.0** 另行授權。詳情請參閱 [ragtime/LICENSE](ragtime/LICENSE)。
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## 支援

 - **文件**：[docs/](docs/)
@@ -50,7 +50,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -273,25 +273,21 @@ npm run bug-report

 ---

-## 许可证
+## License

-本项目采用 **GNU Affero General Public License v3.0** (AGPL-3.0) 许可。
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

-Copyright (C) 2025 Alex Newman (@thedotmack)。保留所有权利。
+Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-详见 [LICENSE](LICENSE) 文件了解完整详情。
+See the [LICENSE](LICENSE) file for full details.

-**这意味着什么:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- 您可以自由使用、修改和分发本软件
- 如果您修改并部署到网络服务器上,必须公开您的源代码
- 衍生作品也必须采用 AGPL-3.0 许可
- 本软件不提供任何保证
-
-**关于 Ragtime 的说明**: `ragtime/` 目录单独采用 **PolyForm Noncommercial License 1.0.0** 许可。详见 [ragtime/LICENSE](ragtime/LICENSE)。
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## 支持

 - **文档**: [docs/](docs/)
@@ -51,7 +51,7 @@

 <p align="center">
  <a href="LICENSE">
-    <img src="https://img.shields.io/badge/License-AGPL%203.0-blue.svg" alt="License">
+    <img src="https://img.shields.io/badge/License-Apache--2.0-blue.svg" alt="License">
  </a>
  <a href="package.json">
    <img src="https://img.shields.io/badge/version-6.5.0-green.svg" alt="Version">
@@ -274,25 +274,21 @@ Veja [Guia de Desenvolvimento](https://docs.claude-mem.ai/development) para o fl

 ---

-## Licença
+## License

-Este projeto está licenciado sob a **GNU Affero General Public License v3.0** (AGPL-3.0).
+This project is licensed under the **Apache License 2.0** (Apache-2.0).

-Copyright (C) 2025 Alex Newman (@thedotmack). Todos os direitos reservados.
+Copyright (C) 2025 Alex Newman (@thedotmack). All rights reserved.

-Veja o arquivo [LICENSE](LICENSE) para detalhes completos.
+See the [LICENSE](LICENSE) file for full details.

-**O Que Isso Significa:**
+Apache-2.0 allows broad use, modification, distribution, and commercial use, subject to its terms.

- Você pode usar, modificar e distribuir este software livremente
- Se você modificar e implantar em um servidor de rede, você deve disponibilizar seu código-fonte
- Trabalhos derivados também devem ser licenciados sob AGPL-3.0
- NÃO HÁ GARANTIA para este software
-
-**Nota sobre Ragtime**: O diretório `ragtime/` é licenciado separadamente sob a **PolyForm Noncommercial License 1.0.0**. Veja [ragtime/LICENSE](ragtime/LICENSE) para detalhes.
+**Ragtime note**: The ragtime/ directory is licensed under the **Apache License 2.0**. See [ragtime/LICENSE](ragtime/LICENSE) for details.

 ---

+
 ## Suporte

 - **Documentação**: [docs/](docs/)
@@ -0,0 +1,45 @@
+# IP Boundary
+
+Claude-Mem uses an open-core structure.
+
+## Apache-2.0 components
+
+- Core memory engine
+- Claude-Mem Server
+- CLI
+- SDKs
+- REST API schemas
+- MCP tools/resources/prompts
+- Claude Code adapter
+- Generic agent adapters
+- Storage adapters
+- Reference knowledge agents
+- Tests
+- Examples
+- Public documentation
+
+## Reserved commercial/private areas
+
+These areas are not shipped by Claude-Mem Server v0.1 and should remain outside
+the Apache-2.0 public implementation unless maintainers explicitly open-source
+them later.
+
+- Magic Recall hosted cloud
+- Team/org memory sync
+- Admin dashboard
+- SSO/SAML/SCIM
+- Enterprise RBAC
+- Enterprise audit log UI
+- DLP/policy engine
+- Premium knowledge agents
+- Managed evals
+- Customer deployment tooling
+- Enterprise observability
+- Support/SLA workflows
+- Internal eval datasets
+- Private customer connectors
+
+## Rule
+
+Do not put commercial/private implementation code into the Apache-2.0 public repo
+unless the maintainers intentionally decide to open-source it.
@@ -0,0 +1,29 @@
+# License
+
+Claude-Mem is licensed under the Apache License 2.0.
+
+The Apache-2.0 license applies to the open-source core, including the memory
+engine, Claude-Mem Server, CLI, SDKs, adapters, MCP tools, schemas, tests,
+examples, and public documentation.
+
+Apache-2.0 allows broad use, modification, distribution, and commercial use,
+subject to the license terms.
+
+## Why Apache-2.0?
+
+Claude-Mem is intended to be embedded broadly inside developer tools, local
+agents, MCP clients, enterprise systems, robotics stacks, and production agent
+harnesses. Apache-2.0 supports that goal while preserving attribution and
+including explicit patent license terms.
+
+## Reserved commercial/private areas
+
+Claude-Mem Server v0.1 does not ship hosted cloud, team sync, enterprise
+features, premium knowledge agents, private evals, or customer deployment
+tooling. Those areas are reserved outside the Apache-2.0 public implementation
+unless maintainers explicitly open-source them later.
+
+## Third-party marks
+
+Apache-2.0 licenses code. It does not grant rights to third-party trademarks or
+brand names.
@@ -0,0 +1,13 @@
+# Worker To Server Migration
+
+Claude-Mem 13 keeps the worker path in place. Server beta is an additional runtime option for teams, deployable containers, API keys, and BullMQ/Valkey queues.
+
+Compatibility commands remain available:
+
+```sh
+claude-mem start
+claude-mem worker start
+claude-mem server start
+```
+
+The server storage boundary reads legacy worker data while adding server-owned projects, sessions, agent events, memory items, teams, API keys, and audit logs. Migrate adapters gradually by writing to `/v1/events` and `/v1/memories`; keep existing `/api/*` hook routes enabled until all clients move.
@@ -1,88 +0,0 @@
-# Claude-Mem Public Documentation
-
-## What This Folder Is
-
-This `docs/public/` folder contains the **Mintlify documentation site** - the official user-facing documentation for claude-mem. It's a structured documentation platform with a specific file format and organization.
-
-## Folder Structure
-
-```
-docs/
-├── public/          ← You are here (Mintlify MDX files)
-│   ├── *.mdx       - User-facing documentation pages
-│   ├── docs.json   - Mintlify configuration and navigation
-│   ├── architecture/ - Technical architecture docs
-│   ├── usage/      - User guides and workflows
-│   └── *.webp, *.gif - Assets (logos, screenshots)
-└── context/        ← Internal documentation (DO NOT put here)
-    └── *.md        - Planning docs, audits, references
-```
-
-## File Requirements
-
-### Mintlify Documentation Files (.mdx)
-All official documentation files must be:
- Written in `.mdx` format (Markdown with JSX support)
- Listed in `docs.json` navigation structure
- Follow Mintlify's schema and conventions
-
-The documentation is organized into these sections:
- **Get Started**: Introduction, installation, usage guides
- **Best Practices**: Context engineering, progressive disclosure
- **Configuration & Development**: Settings, dev workflow, troubleshooting
- **Architecture**: System design, components, technical details
-
-### Configuration File
-`docs.json` defines:
- Site metadata (name, description, theme)
- Navigation structure
- Branding (logos, colors)
- Footer links and social media
-
-## What Does NOT Belong Here
-
-**Planning documents, design docs, and reference materials go in `/docs/context/` instead:**
-
-Files that belong in `/docs/context/` (NOT here):
- Planning documents (`*-plan.md`, `*-outline.md`)
- Implementation analysis (`*-audit.md`, `*-code-reference.md`)
- Error tracking (`typescript-errors.md`)
- Internal design documents
- PR review responses
- Reference materials (like `agent-sdk-ref.md`)
- Work-in-progress documentation
-
-## How to Add Official Documentation
-
-1. Create a new `.mdx` file in the appropriate subdirectory
-2. Add the file path to `docs.json` navigation
-3. Use Mintlify's frontmatter and components
-4. Follow the existing documentation style
-5. Test locally: `npx mintlify dev`
-
-## Development Workflow
-
-**For contributors working on claude-mem:**
- Read `/CLAUDE.md` in the project root for development instructions
- Place planning/design docs in `/docs/context/`
- Only add user-facing documentation to `/docs/public/`
- Test documentation locally with Mintlify CLI before committing
-
-## Testing Documentation
-
-```bash
-# Validate docs structure
-npx mintlify validate
-
-# Check for broken links
-npx mintlify broken-links
-
-# Run local dev server
-npx mintlify dev
-```
-
-## Summary
-
-**Simple Rule**:
- `/docs/public/` = Official user documentation (Mintlify .mdx files) ← YOU ARE HERE
- `/docs/context/` = Internal docs, plans, references, audits
@@ -190,13 +190,16 @@ Hooks are configured in `plugin/hooks/hooks.json`:
 ```json
 {
  "hooks": {
+    "Setup": [{
+      "hooks": [{
+        "type": "command",
+        "command": "node ${CLAUDE_PLUGIN_ROOT}/scripts/version-check.js",
+        "timeout": 60
+      }]
+    }],
    "SessionStart": [{
      "matcher": "startup|clear|compact",
      "hooks": [{
-        "type": "command",
-        "command": "node ${CLAUDE_PLUGIN_ROOT}/scripts/smart-install.js",
-        "timeout": 300
-      }, {
        "type": "command",
        "command": "bun ${CLAUDE_PLUGIN_ROOT}/scripts/worker-service.cjs start",
        "timeout": 60
@@ -246,9 +249,10 @@ Hooks are configured in `plugin/hooks/hooks.json`:
 **Timing**: When user opens Claude Code or resumes session

 **Hooks Triggered** (in order):
-1. `smart-install.js` - Ensures dependencies are installed
-2. `worker-service.cjs start` - Starts the worker service
-3. `context-hook.js` - Fetches and silently injects prior session context
+1. `worker-service.cjs start` - Starts the worker service
+2. `context-hook.js` - Fetches and silently injects prior session context
+
+(Runtime setup is handled out-of-band by `npx claude-mem install` / `npx claude-mem repair`. The Setup phase runs a sub-100ms `version-check.js` that prompts the user to repair if the `.install-version` marker is stale.)

 <Note>
 As of Claude Code 2.1.0 (ultrathink update), SessionStart hooks no longer display user-visible messages. Context is silently injected via `hookSpecificOutput.additionalContext`.
@@ -7,30 +7,29 @@ description: "System components and data flow in Claude-Mem"

 ## System Components

-Claude-Mem operates as a Claude Code plugin with five core components:
+Claude-Mem operates as a Claude Code plugin with the following core components:

-1. **Plugin Hooks** - Capture lifecycle events (6 hook files)
-2. **Smart Install** - Cached dependency checker (pre-hook script, runs before context-hook)
-3. **Worker Service** - Process observations via Claude Agent SDK + HTTP API (10 search endpoints)
-4. **Database Layer** - Store sessions and observations (SQLite + FTS5 + ChromaDB)
-5. **mem-search Skill** - Skill-based search with progressive disclosure (v5.4.0+)
-6. **Viewer UI** - Web-based real-time memory stream visualization
+1. **Plugin Hooks** - Lifecycle events (Setup version-check + 5 lifecycle hooks: SessionStart, UserPromptSubmit, PreToolUse for `Read`, PostToolUse, Stop)
+2. **Worker Service** - Express HTTP API on a per-user port; processes observations via the Claude Agent SDK (or Gemini / OpenRouter)
+3. **Database Layer** - SQLite + FTS5 (and optional Chroma for semantic search)
+4. **Search Tools** - HTTP API + the `mem-search` skill / MCP server for progressive disclosure search
+5. **Viewer UI** - React-based real-time memory stream served by the worker

 ## Technology Stack

 | Layer                  | Technology                                |
 |------------------------|-------------------------------------------|
 | **Language**           | TypeScript (ES2022, ESNext modules)       |
-| **Runtime**            | Node.js 18+                               |
+| **Runtime**            | Node.js 20+ and Bun ≥ 1.0                 |
 | **Database**           | SQLite 3 with bun:sqlite driver           |
-| **Vector Store**       | ChromaDB (optional, for semantic search)  |
-| **HTTP Server**        | Express.js 4.18                           |
+| **Vector Store**       | Chroma (optional, for semantic search)    |
+| **HTTP Server**        | Express.js 5                              |
 | **Real-time**          | Server-Sent Events (SSE)                  |
 | **UI Framework**       | React + TypeScript                        |
-| **AI SDK**             | @anthropic-ai/claude-agent-sdk            |
+| **AI SDK**             | @anthropic-ai/claude-agent-sdk (or Gemini / OpenRouter) |
 | **Build Tool**         | esbuild (bundles TypeScript)              |
 | **Process Manager**    | Bun                                       |
-| **Testing**            | Node.js built-in test runner              |
+| **Testing**            | `bun test`                                 |

 ## Data Flow

@@ -63,13 +62,13 @@ Uses 3-layer progressive disclosure: search → timeline → get_observations

 ```
 ┌─────────────────────────────────────────────────────────────────┐
-│ 0. Smart Install Pre-Hook Fires                                 │
-│    Checks dependencies (cached), only runs on version changes   │
-│    Not a lifecycle hook - runs before context-hook starts       │
+│ 0. Setup Hook Fires (version-check.js)                          │
+│    Sub-100ms read of .install-version; on mismatch prints       │
+│    "run: npx claude-mem repair" to stderr. Always exits 0.      │
 └─────────────────────────────────────────────────────────────────┘
                              ↓
 ┌─────────────────────────────────────────────────────────────────┐
-│ 1. Session Starts → Context Hook Fires                          │
+│ 1. Session Starts → Worker-start, then Context Hook             │
 │    Starts Bun worker if needed, injects context from previous   │
 │    sessions (configurable observation count)                    │
 └─────────────────────────────────────────────────────────────────┘
@@ -106,99 +105,60 @@ Uses 3-layer progressive disclosure: search → timeline → get_observations
 ```
 claude-mem/
 ├── src/
-│   ├── hooks/                  # Hook implementations (6 hooks)
-│   │   ├── context-hook.ts     # SessionStart
-│   │   ├── user-message-hook.ts # UserMessage (for debugging)
-│   │   ├── new-hook.ts         # UserPromptSubmit
-│   │   ├── save-hook.ts        # PostToolUse
-│   │   ├── summary-hook.ts     # Stop
-│   │   ├── cleanup-hook.ts     # SessionEnd
-│   │   └── hook-response.ts    # Hook response utilities
-│   │
+│   ├── hooks/                  # TypeScript hook implementations (built via esbuild)
 │   ├── sdk/                    # Claude Agent SDK integration
-│   │   ├── prompts.ts          # XML prompt builders
-│   │   ├── parser.ts           # XML response parser
-│   │   └── worker.ts           # Main SDK agent loop
-│   │
 │   ├── services/
-│   │   ├── worker-service.ts   # Express HTTP + SSE service
-│   │   └── sqlite/             # Database layer
-│   │       ├── SessionStore.ts # CRUD operations
-│   │       ├── SessionSearch.ts # FTS5 search service
-│   │       ├── migrations.ts
-│   │       └── types.ts
-│   │
-│   ├── ui/                     # Viewer UI
-│   │   └── viewer/             # React + TypeScript web interface
-│   │       ├── components/     # UI components
-│   │       ├── hooks/          # React hooks
-│   │       ├── utils/          # Utilities
-│   │       └── assets/         # Fonts, logos
-│   │
-│   ├── shared/                 # Shared utilities
-│   │   ├── config.ts
-│   │   ├── paths.ts
-│   │   └── storage.ts
-│   │
-│   └── utils/
-│       ├── logger.ts
-│       ├── platform.ts
-│       └── port-allocator.ts
+│   │   ├── worker-service.ts   # Express HTTP + SSE service (worker entry point)
+│   │   ├── sync/ChromaSync.ts  # Optional Chroma vector index
+│   │   └── sqlite/             # SQLite + FTS5 storage layer
+│   ├── ui/viewer/              # React + TypeScript web viewer
+│   ├── shared/                 # Shared utilities (paths, settings defaults)
+│   └── utils/                  # Logging, platform, tag-stripping helpers
 │
-├── scripts/                    # Build and utility scripts
-│   └── smart-install.js        # Cached dependency checker (pre-hook)
+├── scripts/                    # Build + utility scripts
 │
-├── plugin/                     # Plugin distribution
-│   ├── .claude-plugin/
-│   │   └── plugin.json
-│   ├── hooks/
-│   │   └── hooks.json
+├── plugin/                     # Plugin distribution (synced to marketplace)
+│   ├── .claude-plugin/plugin.json
+│   ├── hooks/hooks.json        # Hook registration (Setup + 5 lifecycle hooks)
 │   ├── scripts/                # Built executables
-│   │   ├── context-hook.js
-│   │   ├── user-message-hook.js
-│   │   ├── new-hook.js
-│   │   ├── save-hook.js
-│   │   ├── summary-hook.js
-│   │   ├── cleanup-hook.js
-│   │   └── worker-service.cjs  # Background worker + HTTP API
-│   │
-│   ├── skills/                 # Agent skills (v5.4.0+)
-│   │   ├── mem-search/         # Search skill with progressive disclosure (v5.5.0)
-│   │   │   ├── SKILL.md        # Skill frontmatter (~250 tokens)
-│   │   │   ├── operations/     # 12 detailed operation docs
-│   │   │   └── principles/     # 2 principle guides
-│   │   ├── troubleshoot/       # Troubleshooting skill
-│   │   │   ├── SKILL.md
-│   │   │   └── operations/     # 6 operation docs
-│   │   └── version-bump/       # Version management skill (deprecated)
-│   │
-│   └── ui/                     # Built viewer UI
-│       └── viewer.html         # Self-contained bundle
+│   │   ├── version-check.js    # Setup-phase marker check (sub-100ms)
+│   │   ├── bun-runner.js       # Resolves Bun and runs worker-service.cjs
+│   │   ├── worker-service.cjs  # Worker daemon + lifecycle hook dispatcher
+│   │   ├── worker-cli.js       # CLI shim
+│   │   ├── worker-wrapper.cjs  # Process wrapper
+│   │   ├── mcp-server.cjs      # MCP search server
+│   │   ├── statusline-counts.js
+│   │   └── context-generator.cjs
+│   ├── skills/                 # Agent skills (mem-search, make-plan, do, etc.)
+│   └── ui/viewer.html          # Self-contained React bundle
 │
-├── tests/                      # Test suite
-├── docs/                       # Documentation
-└── ecosystem.config.cjs        # Process configuration (deprecated)
+├── tests/                      # Test suite (`bun test`)
+├── docs/                       # Mintlify documentation
+└── openclaw/                   # OpenClaw integration plugin
 ```

 ## Component Details

-### 1. Plugin Hooks (6 Hooks)
- **context-hook.js** - SessionStart: Starts Bun worker, injects context
- **user-message-hook.js** - UserMessage: Debugging hook
- **new-hook.js** - UserPromptSubmit: Creates session, saves prompt
- **save-hook.js** - PostToolUse: Captures tool executions
- **summary-hook.js** - Stop: Generates session summary
- **cleanup-hook.js** - SessionEnd: Marks session complete
+### 1. Plugin Hooks

-**Note**: smart-install.js is a pre-hook dependency checker (not a lifecycle hook). It's called before context-hook via command chaining in hooks.json and only runs when dependencies need updating.
+The plugin registers a Setup-phase `version-check.js` plus five lifecycle hooks. Each lifecycle event invokes `bun-runner.js` to spawn `worker-service.cjs` with a `hook claude-code <event>` argument; the worker process is the single dispatcher for all hook logic. Events:
+
+- **Setup** → `version-check.js` (sub-100ms marker check; never installs anything)
+- **SessionStart** → start worker, then `hook claude-code context` (context injection)
+- **UserPromptSubmit** → `hook claude-code session-init`
+- **PreToolUse** (matcher `Read`) → `hook claude-code file-context`
+- **PostToolUse** (matcher `*`) → `hook claude-code observation`
+- **Stop** → `hook claude-code summarize` (summary generation)
+
+The actual runtime install (Bun, uv, `bun install`) is performed by `npx claude-mem install` / `npx claude-mem repair` with a visible installer spinner; the Setup hook itself only reads the `.install-version` marker.

 See [Plugin Hooks](/architecture/hooks) for detailed hook documentation.

 ### 2. Worker Service
-Express.js HTTP server on port 37777 (configurable) with:
- 10 search HTTP API endpoints (v5.4.0+)
- 8 viewer UI HTTP/SSE endpoints
- Async observation processing via Claude Agent SDK
+Express.js HTTP server on a per-user port (default `37700 + (uid % 100)`, override via `CLAUDE_MEM_WORKER_PORT`) with:
+- Search HTTP API endpoints
+- Viewer UI HTTP/SSE endpoints
+- Async observation processing via the Claude Agent SDK (or Gemini / OpenRouter)
 - Real-time updates via Server-Sent Events
 - Auto-managed by Bun

@@ -230,7 +190,7 @@ Skill-based search with progressive disclosure providing 10 search operations:
 See [Search Architecture](/architecture/search-architecture) for technical details and examples.

 ### 5. Viewer UI
-React + TypeScript web interface at http://localhost:37777 featuring:
+React + TypeScript web interface served by the worker on its configured port (default `http://127.0.0.1:<worker-port>`) featuring:
 - Real-time memory stream via Server-Sent Events
 - Infinite scroll pagination with automatic deduplication
 - Project filtering and settings persistence
@@ -12,10 +12,10 @@ The worker service is a long-running HTTP API built with Express.js and managed
 - **Technology**: Express.js HTTP server
 - **Runtime**: Bun (auto-installed if missing)
 - **Process Manager**: Native Bun process management via ProcessManager
- **Port**: Fixed port 37777 (configurable via `CLAUDE_MEM_WORKER_PORT`)
+- **Port**: Per-user default `37700 + (uid % 100)` (override with `CLAUDE_MEM_WORKER_PORT`). The active port is stored in `~/.claude-mem/settings.json` and reported by `GET /api/health`.
 - **Location**: `src/services/worker-service.ts`
 - **Built Output**: `plugin/scripts/worker-service.cjs`
- **Model**: Configurable via `CLAUDE_MEM_MODEL` environment variable (default: sonnet)
+- **Model**: Configurable via `CLAUDE_MEM_MODEL` (default: `claude-haiku-4-5-20251001`)

 ## REST API Endpoints

@@ -51,10 +51,12 @@ GET /health
 {
  "status": "ok",
  "uptime": 12345,
-  "port": 37777
+  "port": 37742
 }
 ```

+The `port` value is the actual worker port for the current user — per-user default `37700 + (uid % 100)`, or whatever `CLAUDE_MEM_WORKER_PORT` is set to. The example above is illustrative; your value will differ.
+
 #### 3. Server-Sent Events Stream
 ```
 GET /stream
@@ -612,7 +614,7 @@ The worker service auto-starts when the SessionStart hook fires. Manual start is

 ### Bun Requirement

-Bun is required to run the worker service. If Bun is not installed, the smart-install script will automatically install it on first run:
+Bun is required to run the worker service. If Bun is not installed, `npx claude-mem install` (and `npx claude-mem repair`) installs it globally during setup, with a visible clack spinner:

 - **Windows**: `powershell -c "irm bun.sh/install.ps1 | iex"`
 - **macOS/Linux**: `curl -fsSL https://bun.sh/install | bash`
@@ -640,26 +642,26 @@ The worker service routes observations to the Claude Agent SDK for AI-powered pr

 ### Model Configuration

-Set the AI model used for processing via environment variable:
+Set the Claude model used for compression via environment variable or `~/.claude-mem/settings.json`:

 ```bash
-export CLAUDE_MEM_MODEL=sonnet
+export CLAUDE_MEM_MODEL=claude-haiku-4-5-20251001
 ```

-Available shorthand models (forward to latest version):
- `haiku` - Fast, cost-efficient
- `sonnet` - Balanced (default)
- `opus` - Most capable
+Allowed values:
+- `claude-haiku-4-5-20251001` - default, fast and cheap (best for compression)
+- `claude-sonnet-4-6` - balanced quality and cost
+- `claude-opus-4-7` - highest quality, most expensive

 ## Port Allocation

-The worker uses a fixed port (37777 by default) for consistent communication:
+The worker uses a per-user default port so different OS users on the same machine never collide:

- **Default**: Port 37777
- **Override**: Set `CLAUDE_MEM_WORKER_PORT` environment variable
- **Port File**: `${CLAUDE_PLUGIN_ROOT}/data/worker.port` tracks current port
+- **Default**: `37700 + (uid % 100)` (set in `src/shared/SettingsDefaultsManager.ts`)
+- **Override**: Set `CLAUDE_MEM_WORKER_PORT` (env or `~/.claude-mem/settings.json`)
+- **Discovery**: `GET /api/health` returns the active port; `~/.claude-mem/settings.json` stores the configured value

-If port 37777 is in use, the worker will fail to start. Set a custom port via environment variable.
+If the chosen port is occupied, the worker fails to start — pin a different port via `CLAUDE_MEM_WORKER_PORT` and restart.

 ## Data Storage

@@ -13,11 +13,11 @@ Claude-Mem offers a beta channel for users who want to try experimental features

 ## Version Channel Switching

-You can switch between stable and beta versions directly from the web viewer UI at http://localhost:37777.
+You can switch between stable and beta versions directly from the web viewer UI (the worker prints its URL on startup; default `http://127.0.0.1:<worker-port>`).

 ### How to Access

-1. Open the Claude-Mem viewer at http://localhost:37777
+1. Open the Claude-Mem viewer (the worker prints its URL on startup)
 2. Click the **Settings** gear icon in the top-right
 3. Find the **Version Channel** section
 4. Click **Try Beta (Endless Mode)** to switch to beta, or **Switch to Stable** to return
@@ -13,12 +13,14 @@ Settings are managed in `~/.claude-mem/settings.json`. The file is auto-created

 | Setting                       | Default                         | Description                           |
 |-------------------------------|---------------------------------|---------------------------------------|
-| `CLAUDE_MEM_MODEL`            | `sonnet`                        | AI model for processing observations (when using Claude) |
+| `CLAUDE_MEM_MODEL`            | `claude-haiku-4-5-20251001`     | Claude model used to compress observations (when using the Claude provider) |
 | `CLAUDE_MEM_PROVIDER`         | `claude`                        | AI provider: `claude`, `gemini`, or `openrouter` |
+| `CLAUDE_MEM_CLAUDE_AUTH_METHOD` | `subscription`                | Claude provider auth mode: `subscription`, `api-key`, or `gateway` |
 | `CLAUDE_MEM_MODE`             | `code`                          | Active mode profile (e.g., `code--es`, `email-investigation`) |
 | `CLAUDE_MEM_CONTEXT_OBSERVATIONS` | `50`                        | Number of observations to inject      |
-| `CLAUDE_MEM_WORKER_PORT`      | `37777`                         | Worker service port                   |
+| `CLAUDE_MEM_WORKER_PORT`      | `37700 + (uid % 100)`           | Worker service port (per-user default; override for fixed port) |
 | `CLAUDE_MEM_WORKER_HOST`      | `127.0.0.1`                     | Worker service host address           |
+| `CLAUDE_MEM_DATA_DIR`         | `~/.claude-mem`                 | Data root — every other path (database, chroma, logs, settings.json, worker.pid) derives from this |
 | `CLAUDE_MEM_SKIP_TOOLS`       | `ListMcpResourcesTool,SlashCommand,Skill,TodoWrite,AskUserQuestion` | Comma-separated tools to exclude from observations |

 ### Gemini Provider Settings
@@ -43,6 +45,18 @@ See [Gemini Provider](usage/gemini-provider) for detailed configuration and free

 See [OpenRouter Provider](usage/openrouter-provider) for detailed configuration, free model list, and usage guide.

+### Claude Gateway Settings
+
+Gateway credentials live in `~/.claude-mem/.env`, not `settings.json`.
+
+| Env var | Default | Description |
+|---------|---------|-------------|
+| `ANTHROPIC_BASE_URL` | none | LiteLLM or Anthropic-compatible gateway URL for the Claude Agent SDK path |
+| `ANTHROPIC_AUTH_TOKEN` | none | Optional LiteLLM master key or virtual key |
+| `ANTHROPIC_API_KEY` | none | Direct Anthropic API key; normally omit this in LiteLLM gateway mode |
+
+Use [LiteLLM Gateway](configuration/litellm-gateway) when you want `CLAUDE_MEM_PROVIDER=claude` to route through LiteLLM while preserving the Claude Agent SDK worker path.
+
 ### System Configuration

 | Setting                       | Default                         | Description                           |
@@ -54,23 +68,19 @@ See [OpenRouter Provider](usage/openrouter-provider) for detailed configuration,

 ## Model Configuration

-Configure which AI model processes your observations.
+Configure which Claude model compresses your observations (only applies when `CLAUDE_MEM_PROVIDER=claude`).

 ### Available Models

-Shorthand model names automatically forward to the latest version:
+| Value | Notes |
+|-------|-------|
+| `claude-haiku-4-5-20251001` | Default — fast and cheap, ideal for compression |
+| `claude-sonnet-4-6` | Balanced quality and cost |
+| `claude-opus-4-7` | Highest quality, most expensive |

- `haiku` - Fast, cost-efficient
- `sonnet` - Balanced (default)
- `opus` - Most capable
+### Picking via the Installer

-### Using the Interactive Script
-
-```bash
-./claude-mem-settings.sh
-```
-
-This script manages settings in `~/.claude-mem/settings.json`.
+`npx claude-mem install` prompts for the Claude model (when the Claude provider is selected) and persists the choice to `~/.claude-mem/settings.json`.

 ### Manual Configuration

@@ -78,7 +88,7 @@ Edit `~/.claude-mem/settings.json`:

 ```json
 {
-  "CLAUDE_MEM_MODEL": "sonnet"
+  "CLAUDE_MEM_MODEL": "claude-haiku-4-5-20251001"
 }
 ```

@@ -119,8 +129,8 @@ The data directory location depends on the environment:
 ```
 ~/.claude-mem/
 ├── claude-mem.db           # SQLite database
-├── .install-version        # Cached version for smart installer
-├── worker.port             # Current worker port file
+├── .install-version        # Version marker written by `npx claude-mem install`/`repair`
+├── settings.json           # Worker port + provider/model settings
 └── logs/
    ├── worker-out.log      # Worker stdout logs
    └── worker-error.log    # Worker stderr logs
@@ -136,7 +146,7 @@ ${CLAUDE_PLUGIN_ROOT}/
 ├── hooks/
 │   └── hooks.json          # Hook configuration
 ├── scripts/                # Built executables
-│   ├── smart-install.js    # Smart installer script
+│   ├── version-check.js    # Sub-100ms Setup-hook version marker check
 │   ├── context-hook.js     # Context injection hook
 │   ├── new-hook.js         # Session creation hook
 │   ├── save-hook.js        # Observation capture hook
@@ -151,44 +161,16 @@ ${CLAUDE_PLUGIN_ROOT}/

 ### Hooks Configuration

-Hooks are configured in `plugin/hooks/hooks.json`:
+Hooks are registered in `plugin/hooks/hooks.json`. The current shape uses a single dispatcher (`worker-service.cjs hook claude-code <event>`) launched through `bun-runner.js`, plus a fast Setup-phase `version-check.js`. The events wired up are:

-```json
-{
-  "description": "Claude-mem memory system hooks",
-  "hooks": {
-    "SessionStart": [{
-      "hooks": [{
-        "type": "command",
-        "command": "node ${CLAUDE_PLUGIN_ROOT}/scripts/smart-install.js && node ${CLAUDE_PLUGIN_ROOT}/scripts/context-hook.js",
-        "timeout": 120
-      }]
-    }],
-    "UserPromptSubmit": [{
-      "hooks": [{
-        "type": "command",
-        "command": "node ${CLAUDE_PLUGIN_ROOT}/scripts/new-hook.js",
-        "timeout": 120
-      }]
-    }],
-    "PostToolUse": [{
-      "matcher": "*",
-      "hooks": [{
-        "type": "command",
-        "command": "node ${CLAUDE_PLUGIN_ROOT}/scripts/save-hook.js",
-        "timeout": 120
-      }]
-    }],
-    "Stop": [{
-      "hooks": [{
-        "type": "command",
-        "command": "node ${CLAUDE_PLUGIN_ROOT}/scripts/summary-hook.js",
-        "timeout": 120
-      }]
-    }]
-  }
-}
-```
+- `Setup` → `version-check.js` (sub-100ms `.install-version` check)
+- `SessionStart` → start the worker, then `hook claude-code context` (context injection)
+- `UserPromptSubmit` → `hook claude-code session-init`
+- `PreToolUse` (matcher `Read`) → `hook claude-code file-context`
+- `PostToolUse` (matcher `*`) → `hook claude-code observation`
+- `Stop` → `hook claude-code summarize`
+
+The exact `hooks.json` entries are written by the installer; do not hand-edit them in the marketplace copy unless you know what you're doing.

 ### Search Configuration

@@ -198,7 +180,7 @@ Claude-Mem provides MCP search tools for querying your project history.

 Search operations are provided via:
 - **MCP Server**: 3 tools (search, timeline, get_observations) with progressive disclosure
- **HTTP API**: 10 endpoints on worker service port 37777
+- **HTTP API**: 10 endpoints on the worker service port (per-user, default `37700 + (uid % 100)`; see `~/.claude-mem/settings.json`)
 - **Auto-Invocation**: Claude recognizes natural language queries about past work

 ## Version Channel
@@ -207,7 +189,7 @@ Claude-Mem supports switching between stable and beta versions via the web viewe

 ### Accessing Version Channel

-1. Open the viewer at http://localhost:37777
+1. Open the viewer at the worker URL (default `http://127.0.0.1:<worker-port>`; the active port is the value of `CLAUDE_MEM_WORKER_PORT` in `~/.claude-mem/settings.json`)
 2. Click the Settings gear icon
 3. Find the **Version Channel** section

@@ -243,7 +225,7 @@ Claude-Mem injects past observations into each new session, giving Claude awaren

 ### Context Settings Modal

-Access the settings modal from the web viewer at http://localhost:37777:
+Access the settings modal from the web viewer (the worker prints its URL on startup; default is `http://127.0.0.1:<worker-port>`):

 1. Click the **gear icon** in the header
 2. Adjust settings in the right panel
@@ -315,7 +297,7 @@ Token economics help you understand the value of cached observations vs. re-read
 | Setting | Default | Description |
 |---------|---------|-------------|
 | **Model** | sonnet | AI model for generating observations |
-| **Worker Port** | 37777 | Port for background worker service |
+| **Worker Port** | `37700 + (uid % 100)` | Port for background worker service (override with `CLAUDE_MEM_WORKER_PORT`) |
 | **MCP search server** | true | Enable Model Context Protocol search tools |
 | **Include last summary** | false | Add previous session's summary to context |
 | **Include last message** | false | Add previous session's final message |
@@ -340,7 +322,7 @@ Settings are stored in `~/.claude-mem/settings.json`:
 }
 ```

-**Note**: The Context Settings Modal (at http://localhost:37777) is the recommended way to configure these settings, as it provides live preview of changes.
+**Note**: The Context Settings Modal (in the web viewer) is the recommended way to configure these settings, as it provides live preview of changes.

 ## Customization

@@ -411,22 +393,16 @@ Changes take effect on the next tool execution (no worker restart needed).

 ### Hook Timeouts

-Modify timeouts in `plugin/hooks/hooks.json`:
+Hook timeouts are written into `plugin/hooks/hooks.json` by the installer. The current defaults match the shape of the workload at each lifecycle stage:

-```json
-{
-  "timeout": 120  // Default: 120 seconds
-}
-```
-
-Recommended values:
- SessionStart: 120s (needs time for smart install check and context retrieval)
+- Setup (`version-check.js`): 300s ceiling but normally < 100ms — only reads `.install-version`
+- SessionStart (worker-start + context): 60s
 - UserPromptSubmit: 60s
- PostToolUse: 120s (can process many observations)
- Stop: 60s
- SessionEnd: 60s
+- PreToolUse (file-context, Read matcher): 60s
+- PostToolUse (observation): 120s
+- Stop (summary): 120s

-**Note**: With smart install caching (v5.0.3+), SessionStart is typically very fast (10ms) unless dependencies need installation.
+The Setup hook never installs anything — runtime install (Bun, uv, `bun install`) happens in `npx claude-mem install` / `npx claude-mem repair` outside the session lifecycle.

 ### Worker Memory Limit

@@ -472,16 +448,15 @@ npm run worker:logs

 ### Invalid Model Name

-If you specify an invalid model name, the worker will fall back to `sonnet` and log a warning.
+If you specify an invalid Claude model name, the worker logs a warning and uses the default. Valid Claude models for `CLAUDE_MEM_MODEL`:

-Valid shorthand models (forward to latest version):
- haiku
- sonnet
- opus
+- `claude-haiku-4-5-20251001` (default)
+- `claude-sonnet-4-6`
+- `claude-opus-4-7`

 ### Port Already in Use

-If port 37777 is already in use:
+The default worker port is `37700 + (uid % 100)`, so different OS users on the same machine get different ports automatically. If you still hit a collision (e.g. running multiple profiles as the same UID), set a fixed port:

 1. Set custom port:
   ```bash
@@ -495,7 +470,7 @@ If port 37777 is already in use:

 3. Verify new port:
   ```bash
-   cat ~/.claude-mem/worker.port
+   curl -s http://127.0.0.1:$CLAUDE_MEM_WORKER_PORT/api/health | jq .port
   ```

 ## Next Steps
@@ -0,0 +1,113 @@
+---
+title: "Custom Anthropic-Compatible Backends"
+description: "Point claude-mem at bridged or self-hosted Anthropic-compatible API endpoints with ANTHROPIC_BASE_URL"
+---
+
+# Custom Anthropic-Compatible Backends
+
+When you use the `claude` provider, claude-mem talks to the Anthropic API through the Claude Agent SDK. By default, the SDK targets the official Anthropic endpoint, but it honors the standard `ANTHROPIC_BASE_URL` environment variable. That means you can route claude-mem at any Anthropic-protocol-compatible backend — for example a corporate gateway, a regional bridge, or a third-party provider that exposes an Anthropic-shaped API — without changing any claude-mem source code.
+
+<Note>
+This page documents how to **persist a custom base URL** so claude-mem's worker uses it consistently. For OpenAI-compatible upstream providers, use a gateway such as LiteLLM and follow the [LiteLLM Gateway](litellm-gateway) guide.
+</Note>
+
+## When to Use This
+
+Use `ANTHROPIC_BASE_URL` if you need claude-mem's observation worker to talk to:
+
+- A **corporate Anthropic gateway** (proxy in front of `api.anthropic.com`)
+- A **regional Anthropic deployment** (e.g. AWS Bedrock or GCP Vertex via an Anthropic-compatible shim)
+- A **third-party provider** that bridges its API to the Anthropic protocol
+
+If your provider only speaks the OpenAI chat-completions protocol, put a gateway such as LiteLLM in front of it and point claude-mem's Claude Agent SDK path at that gateway. See [LiteLLM Gateway](litellm-gateway) for the full routing model.
+
+## How the Plumbing Works
+
+The flow is intentionally simple:
+
+1. **You write the credential** to `~/.claude-mem/.env`.
+2. **`EnvManager.loadClaudeMemEnv()`** reads that file (`src/shared/EnvManager.ts:67`).
+3. **`buildIsolatedEnv()`** copies `ANTHROPIC_BASE_URL` into the worker's spawn environment alongside explicit gateway or API credentials (`src/shared/EnvManager.ts:164`).
+4. **`ClaudeProvider.startSession()`** spawns the Claude Agent SDK with that isolated env (`src/services/worker/ClaudeProvider.ts:115`). The SDK reads `ANTHROPIC_BASE_URL` natively — claude-mem does not parse or rewrite it.
+
+Because the variable is isolated to the worker process, your interactive Claude Code sessions are unaffected; only the background memory agent uses the override.
+
+## Configuration
+
+### Step 1: Edit `~/.claude-mem/.env`
+
+The credentials file is a plain `KEY=VALUE` env file at `~/.claude-mem/.env` (mode `0600`). Add or update the `ANTHROPIC_BASE_URL` line:
+
+```bash
+# ~/.claude-mem/.env
+ANTHROPIC_API_KEY=sk-ant-...
+ANTHROPIC_BASE_URL=https://your-gateway.example.com/v1
+```
+
+If the file does not yet exist, create it. The directory permissions are enforced to `0700` and the file to `0600` automatically on the next worker write.
+
+### Step 2: Pick a Compatible Model
+
+`CLAUDE_MEM_MODEL` (in `~/.claude-mem/settings.json`) is passed straight through to the SDK. The model name **must be one your bridge accepts** — claude-mem does not translate names.
+
+```json
+{
+  "CLAUDE_MEM_MODEL": "claude-haiku-4-5-20251001"
+}
+```
+
+If your bridge expects a non-Anthropic model name (for example, a Bedrock inference profile), set that string here instead.
+
+### Step 3: Restart the Worker
+
+Credentials are loaded when the worker spawns the SDK, so a restart is required after you edit `.env`:
+
+```bash
+npm run worker:restart
+```
+
+## Worked Example: Corporate Gateway
+
+Suppose your team runs `https://anthropic-proxy.internal.example.com` in front of `api.anthropic.com` for audit and rate-limit purposes. The proxy accepts the same protocol and the same model names.
+
+`~/.claude-mem/.env`:
+
+```bash
+ANTHROPIC_API_KEY=sk-corp-...
+ANTHROPIC_BASE_URL=https://anthropic-proxy.internal.example.com
+```
+
+`~/.claude-mem/settings.json`:
+
+```json
+{
+  "CLAUDE_MEM_PROVIDER": "claude",
+  "CLAUDE_MEM_MODEL": "claude-haiku-4-5-20251001"
+}
+```
+
+Restart, and the next observation will be routed through your gateway.
+
+## Verifying
+
+After restarting, watch the worker logs for the next observation flush:
+
+```bash
+npm run worker:logs
+```
+
+A successful request through your gateway shows the standard `SDK Starting SDK query` line followed by `Response received`. If the gateway rejects the request, the SDK error surfaces verbatim in `worker-error.log` — there is no silent fallback to the public Anthropic endpoint.
+
+## Limitations and Gotchas
+
+- **No model-name translation.** If your bridge expects `glm-4.7` and `CLAUDE_MEM_MODEL` is `claude-haiku-4-5-20251001`, the request will fail. Pin `CLAUDE_MEM_MODEL` to a name your bridge recognizes.
+- **Gateway auth usually uses `ANTHROPIC_AUTH_TOKEN`.** For LiteLLM gateway mode, store the gateway key or virtual key as `ANTHROPIC_AUTH_TOKEN`. Use `ANTHROPIC_API_KEY` for direct Anthropic API-key mode or gateways that explicitly expect it.
+- **`ANTHROPIC_BASE_URL` from your shell is not inherited.** `ANTHROPIC_API_KEY` is in the BLOCKED_ENV_VARS list (`src/shared/EnvManager.ts:10`) to prevent accidental billing on a shell-leaked key — `ANTHROPIC_BASE_URL` is not blocked, but it must still be set in `~/.claude-mem/.env` for the worker to pick it up reliably across restarts. Do not rely on shell exports.
+- **No auto-detection.** If you have already configured `ANTHROPIC_BASE_URL`, `ANTHROPIC_DEFAULT_HAIKU_MODEL`, etc. for Claude Code itself, claude-mem will **not** read those today. Mirror the relevant values into `~/.claude-mem/.env` and `~/.claude-mem/settings.json`.
+
+## Related
+
+- [Configuration](../configuration) — All claude-mem settings
+- [LiteLLM Gateway](litellm-gateway): Route the Claude Agent SDK path through LiteLLM
+- [OpenRouter Provider](../usage/openrouter-provider) — OpenAI-compatible bridge for non-Anthropic protocols
+- [Gemini Provider](../usage/gemini-provider) — Native Gemini API alternative
@@ -0,0 +1,307 @@
+---
+title: "LiteLLM Gateway"
+description: "Route claude-mem's Claude Agent SDK worker through LiteLLM while keeping one agentic execution path"
+---
+
+# LiteLLM Gateway
+
+claude-mem can route its background memory agent through a LiteLLM proxy. This lets teams keep claude-mem's Claude Agent SDK workflow while using LiteLLM for model routing, centralized credentials, usage tracking, budgets, audit logs, and provider failover.
+
+The important detail: claude-mem does **not** call LiteLLM with the OpenAI client directly. claude-mem still uses the Claude Agent SDK, and the SDK sends Anthropic-format requests to LiteLLM. LiteLLM then translates those requests to the upstream model provider you configured.
+
+```text
+Claude Code session
+  -> claude-mem hooks
+  -> claude-mem worker
+  -> Claude Agent SDK subprocess
+  -> ANTHROPIC_BASE_URL=http://localhost:4000
+  -> LiteLLM proxy
+  -> OpenAI / Azure / Vertex / Bedrock / OpenRouter / local model
+```
+
+This keeps the memory agent on one implementation path. The Claude provider, knowledge agents, session resume behavior, XML observation prompts, and queue retry logic all continue to use the same SDK code path whether the upstream model is Anthropic or routed through LiteLLM.
+
+## When to Use This
+
+Use LiteLLM gateway mode when you want:
+
+- A single organization-level LLM gateway for claude-mem traffic
+- Provider routing without changing claude-mem source code
+- Centralized API keys instead of storing provider keys in each developer's claude-mem settings
+- LiteLLM budgets, rate limits, logging, fallback routing, or virtual keys
+- A non-Anthropic upstream model while preserving the Claude Agent SDK execution path used by claude-mem
+
+Use the native [OpenRouter Provider](../usage/openrouter-provider) or [Gemini Provider](../usage/gemini-provider) instead if you want claude-mem's REST providers directly and do not need the Claude Agent SDK path.
+
+## Architecture
+
+### One Agent Path
+
+The LiteLLM integration is intentionally small. There is no custom LiteLLM provider, no Python handler, and no OpenAI-compatible server embedded in claude-mem.
+
+At runtime:
+
+1. The installer or user writes gateway settings to `~/.claude-mem/.env`.
+2. `~/.claude-mem/settings.json` keeps `CLAUDE_MEM_PROVIDER` set to `claude`.
+3. The worker starts the Claude Agent SDK with an isolated environment.
+4. The SDK reads `ANTHROPIC_BASE_URL` and `ANTHROPIC_AUTH_TOKEN`.
+5. LiteLLM receives the SDK's Anthropic-format request.
+6. LiteLLM maps the request to the upstream provider and model configured in LiteLLM.
+7. The SDK response is parsed by the normal claude-mem observation pipeline.
+
+The code paths involved are:
+
+| Layer | Responsibility |
+| --- | --- |
+| `src/npx-cli/commands/install.ts` | Prompts for "LiteLLM or custom gateway", stores the gateway URL/token, and allows custom gateway model names |
+| `src/shared/EnvManager.ts` | Stores credentials in `~/.claude-mem/.env`, blocks shell-leaked auth vars, and injects only explicit claude-mem credentials |
+| `src/services/worker/ClaudeProvider.ts` | Starts the Claude Agent SDK for observation extraction with the isolated environment |
+| `src/services/worker/knowledge/KnowledgeAgent.ts` | Uses the same isolated SDK path for knowledge corpus Q&A |
+
+### Why `CLAUDE_MEM_PROVIDER` Stays `claude`
+
+LiteLLM is a gateway for the Claude Agent SDK path, not a fourth claude-mem provider.
+
+```json
+{
+  "CLAUDE_MEM_PROVIDER": "claude",
+  "CLAUDE_MEM_CLAUDE_AUTH_METHOD": "gateway",
+  "CLAUDE_MEM_MODEL": "claude-haiku-4-5-20251001"
+}
+```
+
+Keeping the provider as `claude` matters because the worker should continue to use `ClaudeProvider`, not the native Gemini or OpenRouter REST providers. The gateway URL changes where the SDK sends model traffic; it does not change how claude-mem manages memory sessions.
+
+## Configure LiteLLM
+
+LiteLLM must expose an Anthropic-compatible endpoint for Claude Code / Claude Agent SDK traffic. Anthropic's gateway guidance recommends the unified LiteLLM endpoint as the normal setup:
+
+```bash
+export ANTHROPIC_BASE_URL=http://localhost:4000
+```
+
+For claude-mem, that value goes in `~/.claude-mem/.env`, not your shell, so the background worker uses it consistently across restarts.
+
+### Minimal LiteLLM Example
+
+Create a LiteLLM config that defines the model name claude-mem will request:
+
+```yaml
+# litellm-config.yaml
+model_list:
+  - model_name: claude-haiku-4-5-20251001
+    litellm_params:
+      model: openai/gpt-4o-mini
+      api_key: os.environ/OPENAI_API_KEY
+
+litellm_settings:
+  master_key: sk-litellm-local
+```
+
+Start LiteLLM:
+
+```bash
+OPENAI_API_KEY=sk-your-openai-key \
+litellm --config litellm-config.yaml --host 127.0.0.1 --port 4000
+```
+
+In this example, claude-mem asks the SDK for `claude-haiku-4-5-20251001`, LiteLLM accepts that model alias, and LiteLLM forwards the request to `openai/gpt-4o-mini`.
+
+<Note>
+The alias in `model_name` must match `CLAUDE_MEM_MODEL`, or `CLAUDE_MEM_MODEL` must be changed to match your LiteLLM alias. claude-mem does not translate model names.
+</Note>
+
+## Configure claude-mem
+
+### Option 1: Installer
+
+Run the installer:
+
+```bash
+npx claude-mem install
+```
+
+Choose:
+
+1. `Claude Agent SDK`
+2. `API key or gateway`
+3. `LiteLLM or custom gateway`
+4. Your LiteLLM URL, for example `http://127.0.0.1:4000`
+5. Your LiteLLM key/token if the proxy requires one
+6. The model alias LiteLLM should receive
+
+The installer stores provider settings in `~/.claude-mem/settings.json` and gateway credentials in `~/.claude-mem/.env`.
+
+### Option 2: Manual Files
+
+Edit `~/.claude-mem/settings.json`:
+
+```json
+{
+  "CLAUDE_MEM_PROVIDER": "claude",
+  "CLAUDE_MEM_CLAUDE_AUTH_METHOD": "gateway",
+  "CLAUDE_MEM_MODEL": "claude-haiku-4-5-20251001"
+}
+```
+
+Edit `~/.claude-mem/.env`:
+
+```bash
+# ~/.claude-mem/.env
+ANTHROPIC_BASE_URL=http://127.0.0.1:4000
+ANTHROPIC_AUTH_TOKEN=sk-litellm-local
+```
+
+If your LiteLLM proxy does not require authentication, omit `ANTHROPIC_AUTH_TOKEN`.
+
+Restart the worker after manual edits:
+
+```bash
+npm run worker:restart
+```
+
+## Environment Isolation
+
+claude-mem deliberately does not trust whatever Anthropic credentials happen to be exported in your shell or project `.env` file.
+
+The worker blocks inherited `ANTHROPIC_API_KEY`, `ANTHROPIC_AUTH_TOKEN`, and stale `CLAUDE_CODE_OAUTH_TOKEN` values. It then re-injects only the credentials stored in `~/.claude-mem/.env`.
+
+This avoids two common failure modes:
+
+- A project-level `ANTHROPIC_API_KEY` silently bypasses LiteLLM and bills the public Anthropic API.
+- An expired Claude Code OAuth token overrides a configured gateway token and causes confusing auth failures.
+
+If `ANTHROPIC_BASE_URL`, `ANTHROPIC_AUTH_TOKEN`, or `ANTHROPIC_API_KEY` is present in `~/.claude-mem/.env`, the worker treats that as explicit gateway/API configuration and skips Claude OAuth lookup. This prevents a configured gateway from falling back to `api.anthropic.com`.
+
+## Model Names
+
+`CLAUDE_MEM_MODEL` is passed through to the Claude Agent SDK. In gateway mode, claude-mem allows any non-empty model string because the valid model list is owned by LiteLLM.
+
+Recommended pattern:
+
+```yaml
+model_list:
+  - model_name: claude-haiku-4-5-20251001
+    litellm_params:
+      model: openai/gpt-4o-mini
+      api_key: os.environ/OPENAI_API_KEY
+```
+
+Then keep:
+
+```json
+{
+  "CLAUDE_MEM_MODEL": "claude-haiku-4-5-20251001"
+}
+```
+
+Alternatively, use a descriptive custom alias:
+
+```yaml
+model_list:
+  - model_name: memory-compressor
+    litellm_params:
+      model: azure/gpt-4o-mini-memory
+      api_base: os.environ/AZURE_API_BASE
+      api_key: os.environ/AZURE_API_KEY
+      api_version: "2024-10-21"
+```
+
+```json
+{
+  "CLAUDE_MEM_MODEL": "memory-compressor"
+}
+```
+
+## Request Flow
+
+When a Claude Code session produces transcript events, claude-mem's worker queues them for observation extraction. In gateway mode the extraction flow is:
+
+1. The worker loads pending messages for a memory session.
+2. `ClaudeProvider` builds the observation prompt and selected model.
+3. `buildIsolatedEnvWithFreshOAuth()` loads `~/.claude-mem/.env`.
+4. The SDK subprocess starts with `ANTHROPIC_BASE_URL` pointing at LiteLLM.
+5. LiteLLM receives the Anthropic-format request.
+6. LiteLLM routes to the configured upstream model.
+7. The SDK streams the assistant response back to the worker.
+8. claude-mem parses observations, stores them in SQLite, and syncs searchable embeddings.
+
+The knowledge-agent APIs use the same gateway environment, so corpus priming and corpus Q&A route through LiteLLM too.
+
+## What LiteLLM Does and Does Not Replace
+
+LiteLLM replaces:
+
+- Upstream model selection
+- Provider credentials
+- Gateway-level budgets and rate limits
+- Gateway-level logging and auditing
+- Optional routing/fallback policies inside LiteLLM
+
+LiteLLM does not replace:
+
+- claude-mem's worker process
+- The Claude Agent SDK subprocess
+- claude-mem's observation XML format
+- SQLite storage
+- Chroma/vector sync
+- Hook installation
+- Session resume handling inside claude-mem
+
+## Verification
+
+Check claude-mem's worker logs:
+
+```bash
+npm run worker:logs
+```
+
+You should see SDK startup logs that report gateway auth, followed by normal observation processing.
+
+Check LiteLLM's logs for a corresponding request to the configured model alias. If LiteLLM never receives traffic, confirm:
+
+- `CLAUDE_MEM_PROVIDER` is `claude`
+- `CLAUDE_MEM_CLAUDE_AUTH_METHOD` is `gateway`
+- `ANTHROPIC_BASE_URL` is in `~/.claude-mem/.env`
+- The worker was restarted after manual edits
+- The LiteLLM URL does not include an extra `/v1` suffix for the unified Anthropic endpoint
+
+## Troubleshooting
+
+### LiteLLM returns "model not found"
+
+The model name sent by claude-mem does not match a LiteLLM `model_name`. Make `CLAUDE_MEM_MODEL` and the LiteLLM alias match exactly.
+
+### claude-mem still uses Anthropic directly
+
+Check `~/.claude-mem/.env`. Gateway settings must be stored there. Shell exports are not the reliable configuration source for the worker.
+
+Also make sure `ANTHROPIC_BASE_URL` is present. A token alone authenticates a gateway, but the base URL is what redirects traffic away from the default Anthropic endpoint.
+
+### Authentication fails
+
+If LiteLLM uses a master key or virtual key, store it as `ANTHROPIC_AUTH_TOKEN` in `~/.claude-mem/.env`. The Claude Agent SDK sends this value as gateway authorization.
+
+If you previously configured a direct Anthropic API key, remove `ANTHROPIC_API_KEY` from `~/.claude-mem/.env` for gateway mode unless your gateway explicitly expects that variable.
+
+### Requests fail after changing files
+
+Restart the worker:
+
+```bash
+npm run worker:restart
+```
+
+The SDK environment is built when SDK subprocesses are spawned. Restarting guarantees the next memory agent process sees the new gateway values.
+
+### Tool use behaves differently than full Claude Code
+
+claude-mem's memory worker disables file and shell tools for observation extraction. The LiteLLM gateway is only handling the model call used to compress and summarize memory; it is not a replacement for your interactive Claude Code tool loop.
+
+## Related
+
+- [Custom Anthropic-Compatible Backends](custom-anthropic-backends)
+- [Configuration](../configuration)
+- [Worker Service Architecture](../architecture/worker-service)
+- [Anthropic LLM gateway configuration](https://docs.anthropic.com/en/docs/claude-code/llm-gateway)
+- [LiteLLM documentation](https://docs.litellm.ai/)
@@ -39,7 +39,7 @@ The build process uses esbuild to compile TypeScript:

 **Build Output**:
 - Hook executables: `*-hook.js` (ESM format)
- Smart installer: `smart-install.js` (ESM format)
+- Setup version-check: `version-check.js` (ESM format, sub-100ms)
 - Worker service: `worker-service.cjs` (CJS format)
 - MCP server: `mcp-server.cjs` (CJS format)
 - Viewer UI: `viewer.html` (self-contained HTML bundle)
@@ -320,7 +320,7 @@ npm test
 export function buildObservationPrompt(observation: Observation): string {
  return `
    <observation>
-      <!-- Add new XML structure -->
+      
    </observation>
  `;
 }
@@ -80,6 +80,8 @@
        "icon": "gear",
        "pages": [
          "configuration",
+          "configuration/litellm-gateway",
+          "configuration/custom-anthropic-backends",
          "modes",
          "development",
          "troubleshooting",
@@ -125,7 +127,7 @@
        "header": "Legal",
        "items": [
          {
-            "label": "License (AGPL-3.0)",
+            "label": "License (Apache-2.0)",
            "href": "https://github.com/thedotmack/claude-mem/blob/main/LICENSE"
          }
        ]
@@ -54,7 +54,7 @@ Claude Code's hook system provides exactly what we need:

 <CardGroup cols={2}>
  <Card title="Lifecycle Events" icon="clock">
-    SessionStart, UserPromptSubmit, PostToolUse, Stop
+    SessionStart, UserPromptSubmit, PreToolUse (Read), PostToolUse, Stop, SessionEnd
  </Card>

  <Card title="Non-Blocking" icon="forward">
@@ -74,34 +74,31 @@ Claude Code's hook system provides exactly what we need:

 ## The Hook Scripts

-Claude-Mem uses lifecycle hook scripts across 5 lifecycle events. SessionStart runs 3 hooks in sequence: smart-install, worker-service start, and context-hook.
+Claude-Mem uses lifecycle hook scripts across 5 lifecycle events. Runtime setup is handled out-of-band by `npx claude-mem install` (and `npx claude-mem repair`); the Setup hook only runs a sub-100ms `version-check.js` to flag stale installs. SessionStart runs 2 hooks in sequence: worker-service start, then context-hook.

-### Pre-Hook: Smart Install (Before SessionStart)
+### Setup Hook: Version Check

-**Purpose:** Intelligently manage dependencies and start worker service
+**Purpose:** Detect stale installs caused by external plugin upgrades and prompt the user to repair.

-**Note:** This is NOT a lifecycle hook - it's a pre-hook script executed via command chaining before context-hook runs.
+**Note:** Runtime installation (Bun, uv, `bun install` in the plugin cache) is performed by `npx claude-mem install` and `npx claude-mem repair` — the Setup hook itself never installs anything.

-**When:** Claude Code starts (startup, clear, or compact)
+**When:** Claude Code Setup phase, before every session.

 **What it does:**
-1. Checks if dependencies need installation (version marker)
-2. Only runs `npm install` when necessary:
-   - First-time installation
-   - Version changed in package.json
-3. Provides Windows-specific error messages
-4. Starts Bun worker service
+1. Reads the `.install-version` marker written by the npx installer.
+2. Compares it against the currently loaded plugin version.
+3. On mismatch, writes `run: npx claude-mem repair` to stderr.
+4. Always exits 0 (non-blocking, sub-100ms).

 **Configuration:**
 ```json
 {
  "hooks": {
-    "SessionStart": [{
-      "matcher": "startup|clear|compact",
+    "Setup": [{
      "hooks": [{
        "type": "command",
-        "command": "node \"${CLAUDE_PLUGIN_ROOT}/../scripts/smart-install.js\" && node ${CLAUDE_PLUGIN_ROOT}/scripts/context-hook.js",
-        "timeout": 300
+        "command": "node ${CLAUDE_PLUGIN_ROOT}/scripts/version-check.js",
+        "timeout": 60
      }]
    }]
  }
@@ -109,14 +106,11 @@ Claude-Mem uses lifecycle hook scripts across 5 lifecycle events. SessionStart r
 ```

 **Key Features:**
- ✅ Version caching (`.install-version` file)
- ✅ Fast when already installed (~10ms vs 2-5 seconds)
- ✅ Cross-platform compatible
- ✅ Helpful Windows error messages for build tools
+- ✅ Sub-100ms version-marker check (no I/O beyond reading the marker)
+- ✅ Always exit 0 — never blocks a session
+- ✅ Clear repair instructions on stderr when the plugin was upgraded externally (e.g. `claude plugin update`)

-**v5.0.3 Enhancement:** Smart caching eliminates redundant installs
-
-**Source:** `scripts/smart-install.js`
+**Source:** `scripts/version-check.js`. The matching installer logic lives in `npx claude-mem install` / `npx claude-mem repair`, which install Bun + uv globally, run `bun install` in the plugin cache, and write the `.install-version` marker — all behind a visible clack spinner.

 ---

@@ -124,7 +118,7 @@ Claude-Mem uses lifecycle hook scripts across 5 lifecycle events. SessionStart r

 **Purpose:** Inject relevant context from previous sessions

-**When:** Claude Code starts (runs after smart-install pre-hook)
+**When:** Claude Code starts (runs after the worker-start SessionStart entry)

 **What it does:**
 1. Extracts project name from current working directory
@@ -429,7 +423,7 @@ sequenceDiagram

 | Event | Timing | Blocking | Timeout | Output Handling |
 |-------|--------|----------|---------|-----------------|
-| **SessionStart (smart-install)** | Before session | No | 300s | stderr (log only) |
+| **Setup (version-check)** | Before session | No | 60s | stderr hint on stale install (always exit 0) |
 | **SessionStart (worker-start)** | Before session | No | 60s | stderr (log only) |
 | **SessionStart (context)** | Before session | No | 60s | JSON → additionalContext (silent) |
 | **UserPromptSubmit** | Before processing | No | 60s | stdout → context |
@@ -501,7 +495,7 @@ npm run worker:stop

 ### Worker HTTP API

-**Technology:** Express.js REST API on port 37777
+**Technology:** Express.js REST API on the worker's per-user port (default `37700 + (uid % 100)`, override via `CLAUDE_MEM_WORKER_PORT`)

 **Endpoints:**

@@ -692,23 +686,18 @@ claude --debug

 | Hook | Average | p95 | p99 |
 |------|---------|-----|-----|
-| SessionStart (smart-install, cached) | 10ms | 20ms | 40ms |
-| SessionStart (smart-install, first run) | 2500ms | 5000ms | 8000ms |
+| Setup (version-check, marker matches) | 8ms | 20ms | 40ms |
+| Setup (version-check, marker mismatch — stderr hint, still non-blocking) | 10ms | 25ms | 50ms |
 | SessionStart (context) | 45ms | 120ms | 250ms |
 | SessionStart (user-message) | 5ms | 10ms | 15ms |
 | UserPromptSubmit | 12ms | 25ms | 50ms |
 | PostToolUse | 8ms | 15ms | 30ms |
 | SessionEnd | 5ms | 10ms | 20ms |

-**Why smart-install is sometimes slow:**
- First-time: Full npm install (2-5 seconds)
- Cached: Version check only (~10ms)
- Version change: Full npm install + worker restart
-
-**Optimization (v5.0.3):**
- Version caching with `.install-version` marker
- Only install on version change or missing deps
- Windows-specific error messages with build tool help
+**Why the Setup hook stays fast:**
+- The Setup hook only reads the `.install-version` marker — no `npm install`, no spawned subprocesses.
+- All heavy lifting (Bun + uv install, `bun install` inside the plugin cache) happens in `npx claude-mem install` / `npx claude-mem repair`, which run with a visible clack spinner outside the session lifecycle.
+- On marker mismatch the hook prints a one-line `run: npx claude-mem repair` hint to stderr and exits 0; the user opts into the slow path explicitly.

 ### Database Performance

@@ -16,10 +16,12 @@ npx claude-mem install
 ```

 The interactive installer will:
- Detect your installed IDEs (Claude Code, Cursor, Gemini CLI, Windsurf, etc.)
- Copy plugin files to the correct locations
- Register the plugin with Claude Code
- Install all dependencies (including Bun and uv)
+- Run a runtime check (auto-installs Bun and uv if missing)
+- Detect your installed IDEs (Claude Code, Cursor, Gemini CLI, Windsurf, OpenCode, Codex CLI) and let you multi-select which ones to wire up
+- Offer to install Claude Code if it isn't found
+- Prompt for an LLM provider (Claude Code auth, Gemini API key, or OpenRouter API key)
+- Prompt for the Claude model used to compress observations (Haiku / Sonnet / Opus) when the Claude provider is selected
+- Copy plugin files into the marketplace directory and register the plugin
 - Auto-start the worker service

 ### Option 2: Plugin Marketplace
@@ -39,10 +41,11 @@ Both methods will automatically configure hooks and start the worker service. St

 ## System Requirements

- **Node.js**: 18.0.0 or higher
- **Claude Code**: Latest version with plugin support
- **Bun**: JavaScript runtime and process manager (auto-installed if missing)
- **SQLite 3**: For persistent storage (bundled)
+- **Node.js**: 20.0.0 or higher
+- **Bun** ≥ 1.0 (auto-installed by `npx claude-mem install` if missing)
+- **uv** (auto-installed if missing — provides Python for Chroma's embedding service)
+- **Claude Code** or another supported IDE (Cursor, Gemini CLI, Windsurf, OpenCode, Codex CLI, OpenClaw)
+- **SQLite 3**: bundled via `bun:sqlite`

 ## Advanced Installation

@@ -73,7 +76,7 @@ npm run worker:status

 #### 1. Automatic Dependency Installation

-Dependencies are installed automatically during plugin installation. The SessionStart hook also ensures dependencies are up-to-date on each session start (this is fast and idempotent). Works cross-platform on Windows, macOS, and Linux.
+Dependencies are installed automatically by `npx claude-mem install` and `npx claude-mem repair`. Heavy lifting (Bun + uv install, `bun install` inside the plugin cache) happens behind a visible installer spinner. The Setup hook only performs a sub-100ms `version-check.js` read of the `.install-version` marker — on mismatch it prints `run: npx claude-mem repair` to stderr and exits 0, so it never blocks a session. Works cross-platform on Windows, macOS, and Linux.

 #### 2. Verify Plugin Installation

@@ -110,13 +113,7 @@ npm run test:context

 ## Upgrading

-Upgrades are automatic when updating via the plugin marketplace. Key changes in recent versions:
-
-**v7.1.0**: PM2 replaced with native Bun process management. Migration is automatic on first hook trigger.
-
-**v7.0.0+**: 11 configuration settings, dual-tag privacy system.
-
-**v5.4.0+**: Skill-based search replaces MCP tools, saving ~2,250 tokens per session.
+Upgrades are automatic when updating via the plugin marketplace. After an external upgrade (for example `claude plugin update`), the Setup hook detects a version-marker mismatch and asks you to run `npx claude-mem repair`, which installs any missing runtime dependencies and refreshes the marker.

 See [CHANGELOG](https://github.com/thedotmack/claude-mem/blob/main/CHANGELOG.md) for complete version history.

@@ -34,7 +34,7 @@ Restart Claude Code. Context from previous sessions will automatically appear in
 - 🎭 **Mode System** - Switch between workflows (Code, Email Investigation, Chill)
 - 🔍 **MCP Search Tools** - Query your project history with natural language
 - 🧠 **Knowledge Agents** - Build queryable "brains" from your observation history
- 🌐 **Web Viewer UI** - Real-time memory stream visualization at http://localhost:37777
+- 🌐 **Web Viewer UI** - Real-time memory stream visualization served by the local worker
 - 🔒 **Privacy Control** - Use `<private>` tags to exclude sensitive content from storage
 - ⚙️ **Context Configuration** - Fine-grained control over what context gets injected
 - 🤖 **Automatic Operation** - No manual intervention required
@@ -66,40 +66,22 @@ Restart Claude Code. Context from previous sessions will automatically appear in
 ```

 **Core Components:**
-1. **4 Lifecycle Hooks** - SessionStart, UserPromptSubmit, PostToolUse, Stop
-2. **Smart Install** - Cached dependency checker (pre-hook script)
-3. **Worker Service** - HTTP API on port 37777 managed by Bun
-4. **SQLite Database** - Stores sessions, observations, summaries with FTS5 search
-5. **MCP Search Tools** - Query historical context with natural language
+1. **5 Lifecycle Hooks** - SessionStart, UserPromptSubmit, PostToolUse, Summary (Stop), SessionEnd
+2. **Worker Service** - Express HTTP API managed by Bun on a per-user port (default `37700 + (uid % 100)`)
+3. **SQLite Database** - Stores sessions, observations, summaries with FTS5 search
+4. **Chroma Vector Index** - Optional embedding-based semantic search
+5. **MCP / Skill Search Tools** - Query historical context with natural language
 6. **Web Viewer UI** - Real-time visualization with SSE and infinite scroll

 See [Architecture Overview](architecture/overview) for details.

 ## System Requirements

- **Node.js**: 18.0.0 or higher
- **Claude Code**: Latest version with plugin support
- **Bun**: JavaScript runtime and process manager (auto-installed if missing)
- **SQLite 3**: For persistent storage (bundled)
-
-## What's New
-
-**v9.0.0 - Live Context:**
- **Folder Context Files**: Auto-generated `CLAUDE.md` in project folders with activity timelines
- **Worktree Support**: Unified context from parent repos and git worktrees
- **Configurable Observation Limits**: Control how many observations appear in context
- **Windows Fixes**: Resolved IPC detection and hook execution issues
- **Settings Auto-Creation**: `settings.json` now auto-creates on first run
- **MCP Tools Naming**: Updated from "mem-search skill" to "MCP tools" terminology
-
-**v7.1.0 - Bun Migration:**
- Replaced PM2 with native Bun process management
- Switched from better-sqlite3 to bun:sqlite for faster database access
- Simplified cross-platform support
-
-**v7.0.0 - Context Configuration:**
- 11 settings for fine-grained control over context injection
- Dual-tag privacy system (`<private>` tags)
+- **Node.js**: 20.0.0 or higher
+- **Bun** ≥ 1.0 (auto-installed by `npx claude-mem install` if missing)
+- **uv** (auto-installed if missing — provides Python for Chroma)
+- **Claude Code** (or another supported IDE: Cursor, Gemini CLI, Windsurf, OpenCode, Codex CLI, OpenClaw)
+- **SQLite 3** — bundled via `bun:sqlite`

 ## Next Steps

@@ -5,8 +5,7 @@ icon: plug
 ---

 <Note>
-**Version:** 7.0.0 (December 2025)
-**Target Audience:** Developers building claude-mem integrations (VSCode extensions, IDE plugins, CLI tools)
+**Target Audience:** Developers building claude-mem integrations (VSCode extensions, IDE plugins, CLI tools).
 </Note>

 ## Quick Reference
@@ -14,8 +13,11 @@ icon: plug
 ### Worker Service Basics

 ```typescript
-const WORKER_BASE_URL = 'http://localhost:37777';
-const DEFAULT_PORT = 37777; // Override with CLAUDE_MEM_WORKER_PORT
+// Resolve the worker port at runtime. The default is per-user (37700 + uid % 100),
+// or whatever the user set via CLAUDE_MEM_WORKER_PORT / settings.json. Read it from
+// process.env.CLAUDE_MEM_WORKER_PORT, then ~/.claude-mem/settings.json
+// (CLAUDE_MEM_WORKER_PORT key), then fall back to the deterministic default.
+const WORKER_BASE_URL = `http://127.0.0.1:${workerPort}`;
 ```

 ### Most Common Operations
@@ -46,9 +48,10 @@ GET /api/context/recent?project=my-project&limit=3
 ### Environment Variables

 ```bash
-CLAUDE_MEM_MODEL=claude-sonnet-4-6          # Model for observations/summaries
+CLAUDE_MEM_MODEL=claude-haiku-4-5-20251001  # Default Claude model for observations/summaries
 CLAUDE_MEM_CONTEXT_OBSERVATIONS=50          # Observations injected at SessionStart
-CLAUDE_MEM_WORKER_PORT=37777                # Worker service port
+CLAUDE_MEM_WORKER_PORT=                     # Optional override; default = 37700 + (uid % 100)
+CLAUDE_MEM_DATA_DIR=                        # Optional override for the data directory
 CLAUDE_MEM_PYTHON_VERSION=3.13              # Python version for chroma-mcp
 ```

@@ -68,7 +71,7 @@ npm run worker:status         # Check worker status

 ```plaintext
 Platform Hook/Extension
-  → HTTP Request to Worker (localhost:37777)
+  → HTTP Request to Worker (`${WORKER_BASE_URL}` — per-user, default 37700+uid%100)
    → Route Handler (SessionRoutes/DataRoutes/SearchRoutes/etc.)
      → Domain Service (SessionManager/SearchManager/DatabaseManager)
        → Database (SQLite3 + Chroma vector DB)
@@ -311,7 +314,7 @@ GET /api/stats
    "uptime": 12345,
    "activeSessions": 2,
    "sseClients": 1,
-    "port": 37777
+    "port": 37742
  },
  "database": {
    "path": "~/.claude-mem/claude-mem.db",
@@ -796,7 +799,7 @@ interface TimelineItem {
    async function onPostToolUse(context: HookContext) {
      const { session_id, tool_name, tool_input, tool_result, cwd } = context;

-      const response = await fetch('http://localhost:37777/api/sessions/observations', {
+      const response = await fetch(`${WORKER_BASE_URL}/api/sessions/observations`, {
        method: 'POST',
        headers: { 'Content-Type': 'application/json' },
        body: JSON.stringify({
@@ -818,7 +821,7 @@ interface TimelineItem {
    async function onSummary(context: HookContext) {
      const { session_id, last_user_message, last_assistant_message } = context;

-      await fetch('http://localhost:37777/api/sessions/summarize', {
+      await fetch(`${WORKER_BASE_URL}/api/sessions/summarize`, {
        method: 'POST',
        headers: { 'Content-Type': 'application/json' },
        body: JSON.stringify({
@@ -835,7 +838,7 @@ interface TimelineItem {
    async function onSessionEnd(context: HookContext) {
      const { session_id } = context;

-      await fetch('http://localhost:37777/api/sessions/complete', {
+      await fetch(`${WORKER_BASE_URL}/api/sessions/complete`, {
        method: 'POST',
        headers: { 'Content-Type': 'application/json' },
        body: JSON.stringify({
@@ -867,7 +870,7 @@ const searchTool: SearchTool = {

    try {
      const response = await fetch(
-        `http://localhost:37777/api/search?query=${encodeURIComponent(query)}&format=index&limit=10`
+        `${WORKER_BASE_URL}/api/search?query=${encodeURIComponent(query)}&format=index&limit=10`
      );

      if (!response.ok) {
@@ -905,7 +908,7 @@ const participant = vscode.chat.createChatParticipant('claude-mem', async (reque
  stream.markdown(`Searching memory for: ${request.prompt}\n\n`);

  const response = await fetch(
-    `http://localhost:37777/api/search?query=${encodeURIComponent(request.prompt)}&format=index&limit=5`
+    `${WORKER_BASE_URL}/api/search?query=${encodeURIComponent(request.prompt)}&format=index&limit=5`
  );

  const results = await response.json();
@@ -931,7 +934,7 @@ async function callWorkerWithFallback<T>(
  options?: RequestInit
 ): Promise<T | null> {
  try {
-    const response = await fetch(`http://localhost:37777${endpoint}`, {
+    const response = await fetch(`${WORKER_BASE_URL}${endpoint}`, {
      ...options,
      signal: AbortSignal.timeout(5000) // 5s timeout
    });
@@ -975,7 +978,7 @@ async function retryWithBackoff<T>(
 ```typescript
 async function isWorkerHealthy(): Promise<boolean> {
  try {
-    const response = await fetch('http://localhost:37777/api/health', {
+    const response = await fetch(`${WORKER_BASE_URL}/api/health`, {
      signal: AbortSignal.timeout(2000)
    });
    return response.ok;
@@ -1017,7 +1020,7 @@ class WorkerTimeoutError extends Error {

 ```typescript
 function connectToSSE(onEvent: (event: any) => void) {
-  const eventSource = new EventSource('http://localhost:37777/stream');
+  const eventSource = new EventSource(`${WORKER_BASE_URL}/stream`);

  eventSource.onmessage = (event) => {
    try {
@@ -1138,8 +1141,8 @@ esbuild.build({
  </Step>
  <Step title="Terminal 3: Test API manually">
    ```bash
-    curl http://localhost:37777/api/health
-    curl "http://localhost:37777/api/search?query=test&limit=5"
+    curl http://127.0.0.1:$WORKER_PORT/api/health
+    curl "http://127.0.0.1:$WORKER_PORT/api/search?query=test&limit=5"
    ```
  </Step>
  <Step title="VSCode: Launch extension host">
@@ -1239,8 +1242,8 @@ describe('Worker Integration', () => {
 <AccordionGroup>
  <Accordion title="Phase 1: Connection & Health">
    - [ ] Worker starts successfully (`npm run worker:status`)
-    - [ ] Health endpoint responds (`curl http://localhost:37777/api/health`)
-    - [ ] SSE stream connects (`curl http://localhost:37777/stream`)
+    - [ ] Health endpoint responds (`curl http://127.0.0.1:$WORKER_PORT/api/health`)
+    - [ ] SSE stream connects (`curl http://127.0.0.1:$WORKER_PORT/stream`)
  </Accordion>

  <Accordion title="Phase 2: Session Lifecycle">
@@ -1284,8 +1287,11 @@ describe('Worker Integration', () => {
 export class WorkerClient {
  private baseUrl: string;

-  constructor(port: number = 37777) {
-    this.baseUrl = `http://localhost:${port}`;
+  // Resolve the active worker port via env / settings.json, falling back
+  // to the deterministic per-user default. See parseWorkerPort() for an
+  // example helper; never hardcode a single value.
+  constructor(port: number = resolveWorkerPort()) {
+    this.baseUrl = `http://127.0.0.1:${port}`;
  }

  async isHealthy(): Promise<boolean> {
@@ -21,24 +21,24 @@ The skill includes comprehensive diagnostics, automated repair sequences, and de

 ---

-## v5.x Specific Issues
+## Common Issues

 ### Viewer UI Not Loading

-**Symptoms**: Cannot access http://localhost:37777, page doesn't load, or shows connection error.
+**Symptoms**: Cannot reach the viewer URL, page doesn't load, or browser shows a connection error.

 **Solutions**:

-1. Check if worker is running on port 37777:
+1. Find the worker port. The default is `37700 + (uid % 100)`. The configured port is the value of `CLAUDE_MEM_WORKER_PORT` in `~/.claude-mem/settings.json`; the running worker also reports it on `/api/health`:
   ```bash
-   lsof -i :37777
-   # or
+   PORT=$(jq -r .CLAUDE_MEM_WORKER_PORT ~/.claude-mem/settings.json)
+   lsof -i :$PORT
   npm run worker:status
   ```

 2. Verify worker is healthy:
   ```bash
-   curl http://localhost:37777/health
+   curl http://127.0.0.1:$PORT/health
   ```

 3. Check worker logs for errors:
@@ -51,9 +51,8 @@ The skill includes comprehensive diagnostics, automated repair sequences, and de
   npm run worker:restart
   ```

-5. Check for port conflicts:
+5. Pin a fixed port if the auto-assigned one collides:
   ```bash
-   # If port 37777 is in use by another service
   export CLAUDE_MEM_WORKER_PORT=38000
   npm run worker:restart
   ```
@@ -170,7 +169,6 @@ The skill includes comprehensive diagnostics, automated repair sequences, and de

 4. Restart Claude Code after manual install

-
 ## Worker Service Issues

 ### Worker Service Not Starting
@@ -230,7 +228,7 @@ The skill includes comprehensive diagnostics, automated repair sequences, and de

 4. Verify new port:
   ```bash
-   cat ~/.claude-mem/worker.port
+   curl -s http://127.0.0.1:$CLAUDE_MEM_WORKER_PORT/api/health | jq .port
   ```

 ### Worker Keeps Crashing
@@ -954,11 +952,11 @@ npm run worker:status
 # View logs
 npm run worker:logs

-# Check port file
-cat ~/.claude-mem/worker.port
+# Check configured port (per-user default = 37700 + uid % 100)
+jq -r .CLAUDE_MEM_WORKER_PORT ~/.claude-mem/settings.json

-# Test worker health
-curl http://localhost:37777/health
+# Test worker health (substitute PORT for the value above)
+curl "http://127.0.0.1:$PORT/health"
 ```

 ### Database Inspection
@@ -34,8 +34,6 @@ Each folder's `CLAUDE.md` contains a "Recent Activity" section showing:
 <claude-mem-context>
 # Recent Activity

-<!-- This section is auto-generated by claude-mem. Edit content outside the tags. -->
-
 ### Jan 4, 2026

 | ID | Time | T | Title | Read |
@@ -15,7 +15,7 @@ Claude-mem supports Google's Gemini API as an alternative to the Claude Agent SD

 - **Cost savings**: The free tier covers most individual usage patterns
 - **Same quality**: Gemini extracts observations using the same XML format as Claude
- **Seamless fallback**: Automatically falls back to Claude if Gemini is unavailable
+- **Errors throw clearly**: 429s, 5xx, and network failures throw — leaving messages pending so they can be retried
 - **Hot-swappable**: Switch providers without restarting the worker

 ## Getting a Free API Key
@@ -103,23 +103,16 @@ You can switch between Claude and Gemini at any time:
 }
 ```

-## Fallback Behavior
+## Error Behavior

-If Gemini is selected but encounters errors, claude-mem automatically falls back to the Claude Agent SDK:
+If Gemini is selected and the API errors, claude-mem logs the failure and re-throws so the message stays pending for later retry. There is no Claude SDK fallback — earlier docs claimed automatic Claude fallback, but the wiring was never actually engaged in production (#2087). To switch providers, change `CLAUDE_MEM_PROVIDER` in settings.

-**Triggers fallback:**
+**Throwing conditions:**
 - Rate limiting (HTTP 429)
 - Server errors (HTTP 5xx)
 - Network issues (connection refused, timeout)
-
-**Does not trigger fallback:**
- Missing API key (logs warning, uses Claude from start)
- Invalid API key (fails with error)
-
-When fallback occurs:
-1. A warning is logged
-2. Any in-progress messages are reset to pending
-3. Claude SDK takes over with the full conversation context
+- 4xx errors other than 429
+- Missing API key

 ## Troubleshooting

@@ -76,7 +76,7 @@ This means Claude "remembers" what happened in previous sessions!

 ### Worker Management

-v4.0+ auto-starts the worker on first session. Manual commands below are optional.
+The worker auto-starts on the first SessionStart hook, so you usually don't need these commands. They're handy for diagnostics.

 ```bash
 # Start worker service (optional - auto-starts automatically)
--- a/Show More
+++ b/Show More
				`@@ -1 +0,0 @@`
				`{"sessionId":"6a00de6e-282e-4cd8-98ec-b5afb73c468d","pid":50072,"acquiredAt":1775678989779}`