# memotrust - Doramagic AI Context Pack

> 定位：安装前体验与判断资产。它帮助宿主 AI 有一个好的开始，但不代表已经安装、执行或验证目标项目。

## 充分原则

- **充分原则，不是压缩原则**：AI Context Pack 应该充分到让宿主 AI 在开工前理解项目价值、能力边界、使用入口、风险和证据来源；它可以分层组织，但不以最短摘要为目标。
- **压缩策略**：只压缩噪声和重复内容，不压缩会影响判断和开工质量的上下文。

## 给宿主 AI 的使用方式

你正在读取 Doramagic 为 memotrust 编译的 AI Context Pack。请把它当作开工前上下文：帮助用户理解适合谁、能做什么、如何开始、哪些必须安装后验证、风险在哪里。不要声称你已经安装、运行或执行了目标项目。

## Claim 消费规则

- **事实来源**：Repo Evidence + Claim/Evidence Graph；Human Wiki 只提供显著性、术语和叙事结构。
- **事实最低状态**：`supported`
- `supported`：可以作为项目事实使用，但回答中必须引用 claim_id 和证据路径。
- `weak`：只能作为低置信度线索，必须要求用户继续核实。
- `inferred`：只能用于风险提示或待确认问题，不能包装成项目事实。
- `unverified`：不得作为事实使用，应明确说证据不足。
- `contradicted`：必须展示冲突来源，不得替用户强行选择一个版本。

## 它最适合谁

- **正在使用 Claude/Codex/Cursor/Gemini 等宿主 AI 的开发者**：README 或插件配置提到多个宿主 AI。 证据：`README.md` Claim：`clm_0002` supported 0.86

## 它能做什么

- **命令行启动或安装流程**（需要安装后验证）：项目文档中存在可执行命令，真实使用需要在本地或宿主环境中运行这些命令。 证据：`README.md` Claim：`clm_0001` supported 0.86

## 怎么开始

- `npx memotrust install     # create the store, git-init it, register the MCP with your agent` 证据：`README.md` Claim：`clm_0003` supported 0.86

## 继续前判断卡

- **当前建议**：先做权限沙盒试用
- **为什么**：项目存在安装命令、宿主配置或本地写入线索，不建议直接进入主力环境，应先在隔离环境试装。

### 30 秒判断

- **现在怎么做**：先做权限沙盒试用
- **最小安全下一步**：先跑 Prompt Preview；若仍要安装，只在隔离环境试装
- **先别相信**：工具权限边界不能在安装前相信。
- **继续会触碰**：命令执行、本地环境或项目文件、宿主 AI 上下文

### 现在可以相信

- **适合人群线索：正在使用 Claude/Codex/Cursor/Gemini 等宿主 AI 的开发者**（supported）：有 supported claim 或项目证据支撑，但仍不等于真实安装效果。 证据：`README.md` Claim：`clm_0002` supported 0.86
- **能力存在：命令行启动或安装流程**（supported）：可以相信项目包含这类能力线索；是否适合你的具体任务仍要试用或安装后验证。 证据：`README.md` Claim：`clm_0001` supported 0.86
- **存在 Quick Start / 安装命令线索**（supported）：可以相信项目文档出现过启动或安装入口；不要因此直接在主力环境运行。 证据：`README.md` Claim：`clm_0003` supported 0.86

### 现在还不能相信

- **工具权限边界不能在安装前相信。**（unverified）：MCP/tool 类项目通常会触碰文件、网络、浏览器或外部 API，必须真实检查权限和日志。
- **真实输出质量不能在安装前相信。**（unverified）：Prompt Preview 只能展示引导方式，不能证明真实项目中的结果质量。
- **宿主 AI 版本兼容性不能在安装前相信。**（unverified）：Claude、Cursor、Codex、Gemini 等宿主加载规则和版本差异必须在真实环境验证。
- **不会污染现有宿主 AI 行为，不能直接相信。**（inferred）：Skill、plugin、AGENTS/CLAUDE/GEMINI 指令可能改变宿主 AI 的默认行为。
- **可安全回滚不能默认相信。**（unverified）：除非项目明确提供卸载和恢复说明，否则必须先在隔离环境验证。
- **真实安装后是否与用户当前宿主 AI 版本兼容？**（unverified）：兼容性只能通过实际宿主环境验证。
- **项目输出质量是否满足用户具体任务？**（unverified）：安装前预览只能展示流程和边界，不能替代真实评测。
- **安装命令是否需要网络、权限或全局写入？**（unverified）：这影响企业环境和个人环境的安装风险。 证据：`README.md`

### 继续会触碰什么

- **命令执行**：包管理器、网络下载、本地插件目录、项目配置或用户主目录。 原因：运行第一条命令就可能产生环境改动；必须先判断是否值得跑。 证据：`README.md`
- **本地环境或项目文件**：安装结果、插件缓存、项目配置或本地依赖目录。 原因：安装前无法证明写入范围和回滚方式，需要隔离验证。 证据：`README.md`
- **宿主 AI 上下文**：AI Context Pack、Prompt Preview、Skill 路由、风险规则和项目事实。 原因：导入上下文会影响宿主 AI 后续判断，必须避免把未验证项包装成事实。

### 最小安全下一步

- **先跑 Prompt Preview**：用安装前交互式试用判断工作方式是否匹配，不需要授权或改环境。（适用：任何项目都适用，尤其是输出质量未知时。）
- **只在隔离目录或测试账号试装**：避免安装命令污染主力宿主 AI、真实项目或用户主目录。（适用：存在命令执行、插件配置或本地写入线索时。）
- **安装后只验证一个最小任务**：先验证加载、兼容、输出质量和回滚，再决定是否深用。（适用：准备从试用进入真实工作流时。）

### 退出方式

- **保留安装前状态**：记录原始宿主配置和项目状态，后续才能判断是否可恢复。
- **记录安装命令和写入路径**：没有明确卸载说明时，至少要知道哪些目录或配置需要手动清理。
- **如果没有回滚路径，不进入主力环境**：不可回滚是继续前阻断项，不应靠信任或运气继续。

## 哪些只能预览

- 解释项目适合谁和能做什么
- 基于项目文档演示典型对话流程
- 帮助用户判断是否值得安装或继续研究

## 哪些必须安装后验证

- 真实安装 Skill、插件或 CLI
- 执行脚本、修改本地文件或访问外部服务
- 验证真实输出质量、性能和兼容性

## 边界与风险判断卡

- **把安装前预览误认为真实运行**：用户可能高估项目已经完成的配置、权限和兼容性验证。 处理方式：明确区分 prompt_preview_can_do 与 runtime_required。 Claim：`clm_0004` inferred 0.45
- **命令执行会修改本地环境**：安装命令可能写入用户主目录、宿主插件目录或项目配置。 处理方式：先在隔离环境或测试账号中运行。 证据：`README.md` Claim：`clm_0005` supported 0.86
- **待确认**：真实安装后是否与用户当前宿主 AI 版本兼容？。原因：兼容性只能通过实际宿主环境验证。
- **待确认**：项目输出质量是否满足用户具体任务？。原因：安装前预览只能展示流程和边界，不能替代真实评测。
- **待确认**：安装命令是否需要网络、权限或全局写入？。原因：这影响企业环境和个人环境的安装风险。

## 开工前工作上下文

### 加载顺序

- 先读取 how_to_use.host_ai_instruction，建立安装前判断资产的边界。
- 读取 claim_graph_summary，确认事实来自 Claim/Evidence Graph，而不是 Human Wiki 叙事。
- 再读取 intended_users、capabilities 和 quick_start_candidates，判断用户是否匹配。
- 需要执行具体任务时，优先查 role_skill_index，再查 evidence_index。
- 遇到真实安装、文件修改、网络访问、性能或兼容性问题时，转入 risk_card 和 boundaries.runtime_required。

### 任务路由

- **命令行启动或安装流程**：先说明这是安装后验证能力，再给出安装前检查清单。 边界：必须真实安装或运行后验证。 证据：`README.md` Claim：`clm_0001` supported 0.86

### 上下文规模

- 文件总数：67
- 重要文件覆盖：40/67
- 证据索引条目：48
- 角色 / Skill 条目：4

### 证据不足时的处理

- **missing_evidence**：说明证据不足，要求用户提供目标文件、README 段落或安装后验证记录；不要补全事实。
- **out_of_scope_request**：说明该任务超出当前 AI Context Pack 证据范围，并建议用户先查看 Human Manual 或真实安装后验证。
- **runtime_request**：给出安装前检查清单和命令来源，但不要替用户执行命令或声称已执行。
- **source_conflict**：同时展示冲突来源，标记为待核实，不要强行选择一个版本。

## Prompt Recipes

### 适配判断

- 目标：判断这个项目是否适合用户当前任务。
- 预期输出：适配结论、关键理由、证据引用、安装前可预览内容、必须安装后验证内容、下一步建议。

```text
请基于 memotrust 的 AI Context Pack，先问我 3 个必要问题，然后判断它是否适合我的任务。回答必须包含：适合谁、能做什么、不能做什么、是否值得安装、证据来自哪里。所有项目事实必须引用 evidence_refs、source_paths 或 claim_id。
```

### 安装前体验

- 目标：让用户在安装前感受核心工作流，同时避免把预览包装成真实能力或营销承诺。
- 预期输出：一段带边界标签的体验剧本、安装后验证清单和谨慎建议；不含真实运行承诺或强营销表述。

```text
请把 memotrust 当作安装前体验资产，而不是已安装工具或真实运行环境。

请严格输出四段：
1. 先问我 3 个必要问题。
2. 给出一段“体验剧本”：用 [安装前可预览]、[必须安装后验证]、[证据不足] 三种标签展示它可能如何引导工作流。
3. 给出安装后验证清单：列出哪些能力只有真实安装、真实宿主加载、真实项目运行后才能确认。
4. 给出谨慎建议：只能说“值得继续研究/试装”“先补充信息后再判断”或“不建议继续”，不得替项目背书。

硬性边界：
- 不要声称已经安装、运行、执行测试、修改文件或产生真实结果。
- 不要写“自动适配”“确保通过”“完美适配”“强烈建议安装”等承诺性表达。
- 如果描述安装后的工作方式，必须使用“如果安装成功且宿主正确加载 Skill，它可能会……”这种条件句。
- 体验剧本只能写成“示例台词/假设流程”：使用“可能会询问/可能会建议/可能会展示”，不要写“已写入、已生成、已通过、正在运行、正在生成”。
- Prompt Preview 不负责给安装命令；如用户准备试装，只能提示先阅读 Quick Start 和 Risk Card，并在隔离环境验证。
- 所有项目事实必须来自 supported claim、evidence_refs 或 source_paths；inferred/unverified 只能作风险或待确认项。

```

### 角色 / Skill 选择

- 目标：从项目里的角色或 Skill 中挑选最匹配的资产。
- 预期输出：候选角色或 Skill 列表，每项包含适用场景、证据路径、风险边界和是否需要安装后验证。

```text
请读取 role_skill_index，根据我的目标任务推荐 3-5 个最相关的角色或 Skill。每个推荐都要说明适用场景、可能输出、风险边界和 evidence_refs。
```

### 风险预检

- 目标：安装或引入前识别环境、权限、规则冲突和质量风险。
- 预期输出：环境、权限、依赖、许可、宿主冲突、质量风险和未知项的检查清单。

```text
请基于 risk_card、boundaries 和 quick_start_candidates，给我一份安装前风险预检清单。不要替我执行命令，只说明我应该检查什么、为什么检查、失败会有什么影响。
```

### 宿主 AI 开工指令

- 目标：把项目上下文转成一次对话开始前的宿主 AI 指令。
- 预期输出：一段边界明确、证据引用明确、适合复制给宿主 AI 的开工前指令。

```text
请基于 memotrust 的 AI Context Pack，生成一段我可以粘贴给宿主 AI 的开工前指令。这段指令必须遵守 not_runtime=true，不能声称项目已经安装、运行或产生真实结果。
```

## 角色 / Skill 索引

- 共索引 4 个角色 / Skill / 项目文档条目。

- **memotrust**（project_doc）：Verified memory for AI agents. Your agents remember only what's true . 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`README.md`
- **memotrust brand assets**（project_doc）：Generated with codex CLI → gpt-image-2. Direction: a verifier / investigator magnifying-glass scrutiny in a premium 3D app-icon style — 2026 modern SaaS, indigo/violet + emerald "verified" accent, smooth and polished. 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`assets/README.md`
- **memotrust.ai — what it is and why it's different**（project_doc）：memotrust.ai — what it is and why it's different 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`docs/features.md`
- **Code style**（project_doc）：The house style, derived from a reference backend and adapted to a small MCP server + file store. Follow it for all new code. 激活提示：当用户需要理解项目结构、安装方式或边界时参考。 证据：`docs/code-style.md`

## 证据索引

- 共索引 48 条证据。

- **memotrust**（documentation）：Verified memory for AI agents. Your agents remember only what's true . 证据：`README.md`
- **memotrust brand assets**（documentation）：Generated with codex CLI → gpt-image-2. Direction: a verifier / investigator magnifying-glass scrutiny in a premium 3D app-icon style — 2026 modern SaaS, indigo/violet + emerald "verified" accent, smooth and polished. 证据：`assets/README.md`
- **Package**（package_manifest）：{ "name": "memotrust", "version": "0.1.5", "description": "Verified memory for AI agents — agents propose, evidence verifies, recall returns only earned trust.", "type": "module", "license": "MIT", "author": "Idan Refaeli", "repository": { "type": "git", "url": "git+https://github.com/Idanref/memotrust.git" }, "homepage": "https://github.com/Idanref/memotrust readme", "bugs": "https://github.com/Idanref/memotrust/issues", "keywords": "mcp", "mcp-server", "ai-agents", "memory", "verified-memory", "trust", "claude", "agent-memory" , "engines": { "node": " =20" }, "bin": { "memotrust": "dist/cli.js" }, "files": "dist", "web", "verifiers" , "scripts": { "test": "node --import tsx --test tests/… 证据：`package.json`
- **memotrust.ai — what it is and why it's different**（documentation）：memotrust.ai — what it is and why it's different 证据：`docs/features.md`
- **License**（source_file）：Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files the "Software" , to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: 证据：`LICENSE`
- **Code style**（documentation）：The house style, derived from a reference backend and adapted to a small MCP server + file store. Follow it for all new code. 证据：`docs/code-style.md`
- **Tsconfig**（structured_config）：{ "compilerOptions": { "target": "ES2022", "module": "NodeNext", "moduleResolution": "NodeNext", "outDir": "dist", "rootDir": "src", "strict": true, "esModuleInterop": true, "skipLibCheck": true, "declaration": false, "sourceMap": false }, "include": "src/ / .ts" } 证据：`tsconfig.json`
- **Config**（structured_config）：{ "access note": "Every verifier is read-only. It can query a source of truth to confirm or refute a claim, but has no ability to write, update, or delete anything.", "groups": { "title": "Connected", "desc": "Active sources confirming your claims right now.", "items": {"name": "Mixpanel", "icon": "chart-dots", "mcp": true, "verifies": "Confirms growth & metric claims", "status": "active", "access": "read-only", "allowed": "Run-Query", "Get-Events", "Get-Report", "Get-Metric" } }, { "title": "Analytics & metrics", "desc": "Verify experiment and metric-based claims.", "items": {"name": "Amplitude", "icon": "wave-sine", "verifies": "Metric & funnel claims", "status": "available", "access": "r… 证据：`verifiers/config.json`
- **Mixpanel read-only verifier credentials.**（source_file）：Mixpanel read-only verifier credentials. Copy this file to .env and fill in your values. .env is gitignored — never commit a real secret. The service account should be least-privilege Consumer if it can still run queries, otherwise Analyst ; the verifier only ever reads. MIXPANEL PROJECT ID=your-project-id MIXPANEL SA USER=your-service-account.mp-service-account MIXPANEL SA SECRET=paste-your-read-only-secret-here 证据：`.env.example`
- **Mcp Smoke Test**（source_file）：import { fileURLToPath } from "node:url"; ⋮---- import { Client } from "@modelcontextprotocol/sdk/client/index.js"; import { StdioClientTransport } from "@modelcontextprotocol/sdk/client/stdio.js"; ⋮---- function check name: string, ok: boolean, detail = "" : void ⋮---- function contentJson result: any : any 证据：`scripts/mcp-smoke-test.ts`
- **Cli**（source_file）：import { execFileSync } from "node:child process"; ⋮---- import { startMcp } from "./mcp.js"; import { startServer } from "./server.js"; import { HOME, ROOT } from "./store/paths.js"; import { loadDotEnv } from "./utils/dotenv.js"; ⋮---- function isDevCheckout : boolean ⋮---- function git args: string , cwd: string : boolean ⋮---- function install : void ⋮---- function help : void ⋮---- enum Command { Install = "install", Serve = "serve", Mcp = "mcp", Version = "version", Help = "help", } 证据：`src/cli.ts`
- **Config**（source_file）：import { z } from 'zod'; ⋮---- export interface MixpanelConfig { user: string; secret: string; project: string; } ⋮---- export function requireMixpanelConfig : MixpanelConfig ⋮---- export function mixpanelProjectId : string undefined 证据：`src/config.ts`
- **Mcp**（source_file）：import { z } from "zod"; import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; ⋮---- import { Status } from "./store/types.js"; import { startServer } from "./server.js"; import { ClaimWriter } from "./store/writers/claim-writer.js"; import { RecallService } from "./store/recall/recall-service.js"; import { SpaceDirectory } from "./store/spaces/space-directory.js"; import { VerificationService } from "./verifiers/verification-service.js"; ⋮---- const json = v: unknown = ⋮---- export async function startMcp : Promise 证据：`src/mcp.ts`
- **Server**（source_file）：import { Router } from './http/router.js'; import { send } from './http/responder.js'; import { AppError } from './errors/index.js'; import { HttpMethod } from './http/types.js'; import { API ROUTES } from './http/api-routes.js'; import { readBody } from './http/request-body.js'; import { StaticFiles } from './http/static-files.js'; ⋮---- async function handle req: http.IncomingMessage, res: http.ServerResponse : Promise ⋮---- export function startServer port = DEFAULT PORT : Promise 证据：`src/server.ts`
- **Verify**（source_file）：import { VerificationService } from './verifiers/verification-service.js'; 证据：`src/verify.ts`
- **Api Routes**（source_file）：import { gitMemoryState } from './system-status.js'; import { ClaimWriter } from '../store/writers/claim-writer.js'; import { StatusWriter } from '../store/writers/status-writer.js'; import { DashboardData } from '../store/recall/dashboard-data.js'; import { RecallService } from '../store/recall/recall-service.js'; import { SpaceDirectory } from '../store/spaces/space-directory.js'; import { EvidenceWriter } from '../store/writers/evidence-writer.js'; import { HttpMethod, Route, RouteContext, RouteResult } from './types.js'; import { VerificationService } from '../verifiers/verification-service.js'; import { ClaimMetadataWriter } from '../store/writers/claim-metadata-writer.js'; ⋮---- funct… 证据：`src/http/api-routes.ts`
- **Request Body**（source_file）：export async function readBody req: http.IncomingMessage : Promise 证据：`src/http/request-body.ts`
- **Responder**（source_file）：export function send res: http.ServerResponse, code: number, body: unknown, ctype = 'application/json' : void 证据：`src/http/responder.ts`
- **Router**（source_file）：import { Route, RouteHandler } from './types.js'; ⋮---- export class Router ⋮---- constructor private readonly routes: Route ⋮---- match method: string, pathname: string : 证据：`src/http/router.ts`
- **Static Files**（source_file）：import { ROOT } from '../store/paths.js'; import { RouteResult } from './types.js'; ⋮---- function escapesWebRoot filePath: string : boolean ⋮---- function isReadableFile filePath: string : boolean ⋮---- export class StaticFiles ⋮---- static resolve pathname: string : string null ⋮---- static read file: string : RouteResult 证据：`src/http/static-files.ts`
- **System Status**（source_file）：import { execFileSync } from 'node:child process'; ⋮---- import { ROOT } from '../store/paths.js'; ⋮---- export function gitMemoryState : string null 证据：`src/http/system-status.ts`
- **Types**（source_file）：export enum HttpMethod { Get = 'GET', Post = 'POST', } ⋮---- export interface RouteContext { params: string ; payload: Record ; } ⋮---- export interface RouteResult { code: number; body: unknown; contentType?: string; } ⋮---- export type RouteHandler = context: RouteContext = RouteResult Promise ; ⋮---- export interface Route { method: HttpMethod; path: string RegExp; handle: RouteHandler; } 证据：`src/http/types.ts`
- **Claim Parser**（source_file）：import { TrustRules } from './trust-rules.js'; import { Claim, Confidence, Status, isReserved } from '../types.js'; ⋮---- export class ClaimParser ⋮---- static parseClaim file: string : Claim ⋮---- / Split raw claim-file text into frontmatter key/values and the notes body. The one owner of the frontmatter grammar — other store code reuses this instead of re-declaring the --- regex. / static splitFrontmatter raw: string : ⋮---- private static extractTags frontmatter: Record : Record 证据：`src/store/claims/claim-parser.ts`
- **Claim Repository**（source_file）：import { Claim } from '../types.js'; import { paths } from '../paths.js'; import { EventLog } from './event-log.js'; import { TrustRules } from './trust-rules.js'; import { ClaimParser } from './claim-parser.js'; ⋮---- export class ClaimRepository ⋮---- static claimFiles : string ⋮---- static findClaimFile claimId: string : string null ⋮---- static allClaims : Claim 证据：`src/store/claims/claim-repository.ts`
- **Event Log**（source_file）：import { Ev } from '../types.js'; import { paths } from '../paths.js'; import { nowISO } from '../../utils/dates.js'; import { StoreLock } from '../infra/store-lock.js'; ⋮---- export class EventLog ⋮---- static loadEvents : Record ⋮---- / Append one event. Every event gets a timestamp when it doesn't carry one. / static appendEvent event: Ev : void 证据：`src/store/claims/event-log.ts`
- **Trust Rules**（source_file）：import { todayISO } from '../../utils/dates.js'; import { AFFIRM EFFECTS, AFFIRM STATUSES, Claim, Effect, Ev, Status, isOneOf } from '../types.js'; ⋮---- export class TrustRules ⋮---- static isStale claim: Claim : boolean ⋮---- static showsAsStale claim: Claim : boolean ⋮---- static effStatus claim: Claim : string ⋮---- static isDisputed claim: Claim : boolean ⋮---- private static isAffirming event: Ev : boolean 证据：`src/store/claims/trust-rules.ts`
- **Index**（source_file）：import { EventLog } from './claims/event-log.js'; import { StoreLock } from './infra/store-lock.js'; import { Bm25Ranker } from './recall/bm25-ranker.js'; import { TrustRules } from './claims/trust-rules.js'; import { ClaimParser } from './claims/claim-parser.js'; import { ClaimWriter } from './writers/claim-writer.js'; import { StatusWriter } from './writers/status-writer.js'; import { DashboardData } from './recall/dashboard-data.js'; import { RecallService } from './recall/recall-service.js'; import { SpaceDirectory } from './spaces/space-directory.js'; import { EvidenceWriter } from './writers/evidence-writer.js'; import { ClaimRepository } from './claims/claim-repository.js'; import {… 证据：`src/store/index.ts`
- **Store Lock**（source_file）：import { paths } from '../paths.js'; ⋮---- export class StoreLock ⋮---- static withLock fn: = T : T ⋮---- static atomicWrite file: string, text: string : void ⋮---- private static lockDir : string ⋮---- private static lockIsStale dir: string : boolean ⋮---- private static deadlinePassed deadline: number : boolean ⋮---- private static acquire : void ⋮---- private static release : void ⋮---- private static sleepSync ms: number : void 证据：`src/store/infra/store-lock.ts`
- **Paths**（source_file）：import { fileURLToPath } from "node:url"; ⋮---- export function resolveHome : string ⋮---- export function setPaths p: Partial : void 证据：`src/store/paths.ts`
- **Bm25 Ranker**（source_file）：import { Claim } from '../types.js'; ⋮---- export class Bm25Ranker ⋮---- static rank query: string, claims: Claim , k1 = DEFAULT K1, b = DEFAULT B : Claim ⋮---- private static scoreDocument queryTerms: string , terms: string , documentFrequency: Record , documentCount: number, averageLength: number, k1: number, b: number : number ⋮---- private static tokenize text: string : string ⋮---- / What the ranker sees: the claim sentence plus its tag values. / private static searchableText claim: Claim : string 证据：`src/store/recall/bm25-ranker.ts`
- **Claim Views**（source_file）：import { Claim, Effect, Ev, isOneOf } from '../types.js'; ⋮---- export class ClaimViews ⋮---- static trustedView claim: Claim : Record ⋮---- static warningView claim: Claim : Record 证据：`src/store/recall/claim-views.ts`
- **Dashboard Data**（source_file）：import { paths } from '../paths.js'; import { Ev, Status } from '../types.js'; import { todayISO } from '../../utils/dates.js'; import { EventLog } from '../claims/event-log.js'; import { TrustRules } from '../claims/trust-rules.js'; import { SpaceDirectory } from '../spaces/space-directory.js'; import { ClaimRepository } from '../claims/claim-repository.js'; ⋮---- export class DashboardData ⋮---- static buildData : Record ⋮---- private static sysStatus : Record ⋮---- private static eventTimestamp event: Ev : string ⋮---- private static isMoreRecent timestamp: string, best: Ev null : boolean 证据：`src/store/recall/dashboard-data.ts`
- **Types**（source_file）：export enum Status { Proposed = 'proposed', Supported = 'supported', Verified = 'verified', TestedConfirmed = 'tested-confirmed', HumanApproved = 'human-approved', Disproven = 'disproven', TestedFailed = 'tested-failed', Rejected = 'rejected', Stale = 'stale', } ⋮---- export enum Confidence { None = 'none', Low = 'low', Medium = 'medium', High = 'high', } ⋮---- export enum Effect { Proposed = 'proposed', Support = 'support', Dispute = 'dispute', Context = 'context', Confirmed = 'confirmed', Verified = 'verified', Affirmed = 'affirmed', Disproven = 'disproven', Checked = 'checked', } ⋮---- export enum EventType { Proposed = 'proposed', Verdict = 'verdict', Note = 'note', Verifier = 'verifier… 证据：`src/store/types.ts`
- **Dotenv**（source_file）：/ The KEY=value separator inside a .env line. / ⋮---- / Line prefix marking a comment to skip. / ⋮---- / One KEY=value pair parsed from a line of a .env file. / interface EnvEntry { key: string; value: string; } ⋮---- / Read a gitignored .env if present into process.env. A variable already in the environment is never overwritten, so the real environment always wins over the file. / export function loadDotEnv dir: string : void ⋮---- function isSkippableLine line: string : boolean ⋮---- function hasNoParsableKey separatorIndex: number : boolean ⋮---- function parseEnvLine line: string : EnvEntry null 证据：`src/utils/dotenv.ts`
- **Generic**（source_file）：import { EqualsRule } from './generic/rules/equals-rule.js'; import { ExistsRule } from './generic/rules/exists-rule.js'; import { StatusRule } from './generic/rules/status-rule.js'; import { UrlReader } from './generic/readers/url-reader.js'; import { FileReader } from './generic/readers/file-reader.js'; import { ContainsRule } from './generic/rules/contains-rule.js'; import { CommandReader } from './generic/readers/command-reader.js'; import { Fetcher, IVerifier, Outcome, Verdict, inconclusive } from './types.js'; import { CheckKind, Expectation, ICheckReader, IExpectationRule, Observation } from './generic/types.js'; ⋮---- export class GenericVerifier implements IVerifier ⋮---- handles c… 证据：`src/verifiers/generic.ts`
- **Types**（source_file）：export enum CheckKind { File = 'file', Url = 'url', Command = 'command', } ⋮---- export interface Observation { text: string; status?: unknown; exists?: boolean; } ⋮---- export interface Expectation { expected: string; passed: boolean; observedSummary: string; } ⋮---- export interface ICheckReader { describeSource check: Record : string; rejectionReason? check: Record : string null; read check: Record : Promise Record ; } ⋮---- describeSource check: Record : string; ⋮---- rejectionReason? check: Record : string null; ⋮---- read check: Record : Promise Record ; ⋮---- export interface IExpectationRule { applies check: Record , observation: Observation : boolean; evaluate check: Record , obser… 证据：`src/verifiers/generic/types.ts`
- **Mixpanel**（source_file）：import { plusDaysISO, todayISO } from '../utils/dates.js'; import { mixpanelProjectId, requireMixpanelConfig } from '../config.js'; import { Fetcher, IVerifier, Outcome, Verdict, inconclusive } from './types.js'; ⋮---- function sumDailyCounts daily: Record : number ⋮---- export class MixpanelVerifier implements IVerifier ⋮---- handles claim: Record : boolean ⋮---- async verify claim: Record , fetch?: Fetcher null : Promise ⋮---- private judgeTopOfBreakdown check: Record , observed: any, source: string : Verdict ⋮---- private judgeThreshold check: Record , observed: any, source: string : Verdict ⋮---- private compare value: any, operator: string, threshold: any : boolean ⋮---- private descri… 证据：`src/verifiers/mixpanel.ts`
- **Types**（source_file）：export enum Outcome { Confirmed = 'confirmed', Refuted = 'refuted', Inconclusive = 'inconclusive', } ⋮---- export enum VerifierName { Generic = 'generic', Mixpanel = 'mixpanel', } ⋮---- export interface Proof { read by?: string; expected?: string; query?: Record ; result?: Record ; judged?: string; } ⋮---- export interface Verdict { outcome: Outcome; detail: string; source: string; proof: Proof null; } ⋮---- export type Fetcher = check: Record = Promise any; ⋮---- export interface IVerifier { handles claim: Record : boolean; verify claim: Record , fetch?: Fetcher null : Promise ; } ⋮---- handles claim: Record : boolean; verify claim: Record , fetch?: Fetcher null : Promise ; ⋮---- export co… 证据：`src/verifiers/types.ts`
- **Verification Service**（source_file）：import { todayISO } from '../utils/dates.js'; import { genericVerifier } from './generic.js'; import { mixpanelVerifier } from './mixpanel.js'; import { EventLog } from '../store/claims/event-log.js'; import { StoreLock } from '../store/infra/store-lock.js'; import { Effect, EventType, Status } from '../store/types.js'; import { StatusWriter } from '../store/writers/status-writer.js'; import { ClaimRepository } from '../store/claims/claim-repository.js'; import { Fetcher, IVerifier, Outcome, PROOF FIELDS, Verdict, VerifierName } from './types.js'; ⋮---- export class VerificationService ⋮---- static verifierFor claim: Record : string, IVerifier null, null ⋮---- static async runVerifier claim… 证据：`src/verifiers/verification-service.ts`
- **Demo**（structured_config）：{ "batch id": "memotrust-demo", "output staging folder": "assets/demo", "prompts": { "id": "D01", "filename": "demo-01-hero.png", "status": "done", "prompt": "Premium 2026 SaaS product hero illustration, cinematic dark mode, near-black background with a faint dot grid and soft volumetric light. Concept: an AI agent depicted as a glowing indigo orb offers a floating memory card to a luminous magnifying-glass gateway; clean emerald-green verified cards pass through while a single toxic-red cracked card is caught and stopped at the gate. Glassmorphism, indigo and violet with emerald accents and one controlled toxic-red, ultra-clean, high detail, balanced composition, no text, no watermark, smo… 证据：`assets/manifests/demo.json`
- **Logos**（structured_config）：{ "batch id": "memotrust-logos", "output staging folder": "assets/logo", "prompts": { "id": "L01", "filename": "logo-01-investigator-mascot.png", "status": "done", "prompt": "A premium 3D app icon for an AI developer tool named memotrust. A sleek, friendly investigator character subtle fedora and slim dark glasses examining a glowing translucent memory crystal through a magnifying glass; inside the lens a crisp emerald-green verified checkmark glows. Glossy, rounded, high-end App Store icon render, soft studio lighting with gentle rim light, squircle composition, deep indigo-to-violet gradient background. Minimal, centered, no text, 2026 modern SaaS aesthetic, smooth and polished, tasteful,… 证据：`assets/manifests/logos.json`
- **Owls**（structured_config）：{ "batch id": "memotrust-owls", "output staging folder": "assets/logo/owl-variations", "prompts": { "id": "OW1", "filename": "owl-emerald.png", "status": "done", "prompt": "A minimal geometric owl logomark, its two large round eyes subtly reading as magnifying-glass lenses, flat clean vector, vivid emerald-green to teal gradient, on pure white, balanced modern iconic silhouette, not cute or childish, no text, centered, premium 2026 brand mark.", "saved path": "assets/logo/owl-variations/owl-emerald.png" }, { "id": "OW2", "filename": "owl-cyan.png", "status": "done", "prompt": "A minimal geometric owl logomark, two large round eyes reading as magnifying-glass lenses, flat clean vector, elect… 证据：`assets/manifests/owls.json`
- **Pipeline Test**（structured_config）：{ "batch id": "memotrust-pipeline-test", "output staging folder": "assets/logo", "prompts": { "id": "000", "filename": "pipeline-test.png", "status": "pending", "prompt": "A premium 3D app icon for a developer tool named memotrust. Concept: a sleek, friendly investigator examining a glowing translucent memory crystal through a magnifying glass; inside the lens a small green verified checkmark glows. Modern glossy 3D render in the style of a top-tier App Store icon, soft studio lighting with a gentle rim light, rounded squircle composition, deep indigo to violet gradient background. Minimal, centered, no text, 2026 modern SaaS aesthetic, smooth and polished, high detail, not cartoonish or cr… 证据：`assets/manifests/pipeline-test.json`
- **dependencies / build output rebuildable**（source_file）：dependencies / build output rebuildable node modules/ dist/ 证据：`.gitignore`
- **Gen**（source_file）：GENERATED ROOT = Path.home / ".codex" / "generated images" RETRYABLE = "stream disconnected", "Conversation interrupted", "error sending request", ⋮---- def snapshot - set Path ⋮---- def newest new before: set Path - Path None ⋮---- new = set GENERATED ROOT.rglob " .png" - before ⋮---- def run codex prompt: str, effort: str, timeout: int = 900 - tuple str, Path None ⋮---- wrapped = before = snapshot ⋮---- proc = subprocess.run out = proc.stdout or "" + "\n" + proc.stderr or "" ⋮---- out = "TIMEOUT" ⋮---- def write manifest path: Path, manifest: dict - None ⋮---- tmp = path.with suffix path.suffix + ".tmp" ⋮---- def process path: Path, effort: str, retry failed: bool - None ⋮---- manifest =… 证据：`assets/gen.py`
- **App**（source_file）：const icon = n, s = 16 ⋮---- const cap = s ⋮---- const inSpace = c ⋮---- const esc = s = s '' .replace / &< " /g, c = const effStatus = c ⋮---- async function load ⋮---- function relTime ts ⋮---- function renderSys ⋮---- if need need.onclick = = ⋮---- function renderSpaceSwitch ⋮---- el.querySelector ' space-sel' .onchange = e ⋮---- function setSpace s ⋮---- function parseRoute hash function render ⋮---- const views = ⋮---- function inboxView ⋮---- const byStatus = st ⋮---- const box = items, selectable const grp = title, sub, items, opts = ⋮---- / ---------------- memory ---------------- / function memoryView ⋮---- const stateOf = c = ⋮---- const leg = n, cls, label = n ? 40 ? ' dense' : '… 证据：`web/app.js`
- **Index**（source_file）：memotrust · verified memory for AI agents memotrust Memory Agent view Verifiers / 证据：`web/index.html`
- **Style**（source_file）：:root { ⋮---- { box-sizing: border-box; margin: 0; padding: 0; } body { font-family: var --sans ; background: var --bg ; color: var --ink ; a { color: inherit; text-decoration: none; } button { font-family: var --sans ; cursor: pointer; } svg { display: block; } ⋮---- .sysbar { .sysbar:empty { display: none; } .sys-live { display: inline-flex; align-items: center; gap: 8px; color: f2f5f8; flex: none; } .sys-live i { width: 8px; height: 8px; border-radius: 99px; background: 3fb950; .sys-ev { color: a6b0bb; overflow: hidden; text-overflow: ellipsis; } .sys-ev b { color: ffffff; font-weight: 500; } .sys-right { margin-left: auto; display: inline-flex; gap: 22px; align-items: center; flex: none… 证据：`web/style.css`

## 宿主 AI 必须遵守的规则

- **把本资产当作开工前上下文，而不是运行环境。**：AI Context Pack 只包含证据化项目理解，不包含目标项目的可执行状态。 证据：`README.md`, `assets/README.md`, `package.json`
- **回答用户时区分可预览内容与必须安装后才能验证的内容。**：安装前体验的消费者价值来自降低误装和误判，而不是伪装成真实运行。 证据：`README.md`, `assets/README.md`, `package.json`

## 用户开工前应该回答的问题

- 你准备在哪个宿主 AI 或本地环境中使用它？
- 你只是想先体验工作流，还是准备真实安装？
- 你最在意的是安装成本、输出质量、还是和现有规则的冲突？

## 验收标准

- 所有能力声明都能回指到 evidence_refs 中的文件路径。
- AI_CONTEXT_PACK.md 没有把预览包装成真实运行。
- 用户能在 3 分钟内看懂适合谁、能做什么、如何开始和风险边界。

---

## Doramagic Context Augmentation

下面内容用于强化 Repomix/AI Context Pack 主体。Human Manual 只提供阅读骨架；踩坑日志会被转成宿主 AI 必须遵守的工作约束。

## Human Manual 骨架

使用规则：这里只是项目阅读路线和显著性信号，不是事实权威。具体事实仍必须回到 repo evidence / Claim Graph。

宿主 AI 硬性规则：
- 不得把页标题、章节顺序、摘要或 importance 当作项目事实证据。
- 解释 Human Manual 骨架时，必须明确说它只是阅读路线/显著性信号。
- 能力、安装、兼容性、运行状态和风险判断必须引用 repo evidence、source path 或 Claim Graph。

- **项目概述与核心价值主张**：importance `high`
  - source_paths: README.md, package.json, docs/features.md
- **系统架构总览**：importance `high`
  - source_paths: src/server.ts, src/cli.ts, src/mcp.ts, src/config.ts, tsconfig.json
- **记忆存储、数据模型与召回流程**：importance `high`
  - source_paths: src/store/index.ts, src/store/types.ts, src/store/paths.ts, src/store/claims/claim-parser.ts, src/store/claims/claim-repository.ts
- **验证系统:通用规则与 Mixpanel 连接器**：importance `high`
  - source_paths: src/verify.ts, src/verifiers/verification-service.ts, src/verifiers/types.ts, src/verifiers/generic.ts, src/verifiers/mixpanel.ts
- **本地仪表盘与 HTTP API**：importance `medium`
  - source_paths: src/http/router.ts, src/http/api-routes.ts, src/http/responder.ts, src/http/static-files.ts, src/http/request-body.ts
- **MCP Server、CLI 与 Agent 工具集**：importance `high`
  - source_paths: src/server.ts, src/mcp.ts, src/cli.ts, scripts/mcp-smoke-test.ts
- **配置、环境变量与扩展点**：importance `medium`
  - source_paths: src/config.ts, src/utils/dotenv.ts, .env.example, verifiers/config.json, src/verifiers/generic.ts
- **信任生命周期、运维与故障模式**：importance `high`
  - source_paths: src/store/claims/trust-rules.ts, src/store/recall/bm25-ranker.ts, src/store/recall/claim-views.ts, src/store/recall/dashboard-data.ts, src/store/infra/store-lock.ts

## Repo Inspection Evidence / 源码检查证据

- repo_clone_verified: true
- repo_inspection_verified: true
- repo_commit: `b6def967516fa9c3cda9d4e87d308f1aceeecba0`
- inspected_files: `README.md`, `package.json`, `docs/code-style.md`, `docs/features.md`, `src/cli.ts`, `src/config.ts`, `src/errors/app-error.ts`, `src/errors/index.ts`, `src/http/api-routes.ts`, `src/http/request-body.ts`, `src/http/responder.ts`, `src/http/router.ts`, `src/http/static-files.ts`, `src/http/system-status.ts`, `src/http/types.ts`, `src/mcp.ts`, `src/server.ts`, `src/store/claims/claim-parser.ts`, `src/store/claims/claim-repository.ts`, `src/store/claims/event-log.ts`

宿主 AI 硬性规则：
- 没有 repo_clone_verified=true 时，不得声称已经读过源码。
- 没有 repo_inspection_verified=true 时，不得把 README/docs/package 文件判断写成事实。
- 没有 quick_start_verified=true 时，不得声称 Quick Start 已跑通。

## Doramagic Pitfall Constraints / 踩坑约束

这些规则来自 Doramagic 发现、验证或编译过程中的项目专属坑点。宿主 AI 必须把它们当作工作约束，而不是普通说明文字。

### Constraint 1: 可能修改宿主 AI 配置

- Trigger: 项目面向 Claude/Cursor/Codex/Gemini/OpenCode 等宿主，或安装命令涉及用户配置目录。
- Host AI rule: 列出会写入的配置文件、目录和卸载/回滚步骤。
- Why it matters: 安装可能改变本机 AI 工具行为，用户需要知道写入位置和回滚方法。
- Evidence: capability.host_targets | https://github.com/Idanref/memotrust | host_targets=mcp_host, claude, claude_code, cursor
- Hard boundary: 不要把这个坑点包装成已解决、已验证或可忽略，除非后续验证证据明确证明它已经关闭。

### Constraint 2: 能力判断依赖假设

- Trigger: README/documentation is current enough for a first validation pass.
- Host AI rule: 将假设转成下游验证清单。
- Why it matters: 假设不成立时，用户拿不到承诺的能力。
- Evidence: capability.assumptions | https://github.com/Idanref/memotrust | README/documentation is current enough for a first validation pass.
- Hard boundary: 不要把这个坑点包装成已解决、已验证或可忽略，除非后续验证证据明确证明它已经关闭。

### Constraint 3: 维护活跃度未知

- Trigger: 未记录 last_activity_observed。
- Host AI rule: 补 GitHub 最近 commit、release、issue/PR 响应信号。
- Why it matters: 新项目、停更项目和活跃项目会被混在一起，推荐信任度下降。
- Evidence: evidence.maintainer_signals | https://github.com/Idanref/memotrust | last_activity_observed missing
- Hard boundary: 不要把这个坑点包装成已解决、已验证或可忽略，除非后续验证证据明确证明它已经关闭。

- Trigger: no_demo
- Evidence: downstream_validation.risk_items | https://github.com/Idanref/memotrust | no_demo; severity=medium
- Hard boundary: 不要把这个坑点包装成已解决、已验证或可忽略，除非后续验证证据明确证明它已经关闭。

### Constraint 5: 存在评分风险

- Trigger: no_demo
- Why it matters: 风险会影响是否适合普通用户安装。
- Evidence: risks.scoring_risks | https://github.com/Idanref/memotrust | no_demo; severity=medium
- Hard boundary: 不要把这个坑点包装成已解决、已验证或可忽略，除非后续验证证据明确证明它已经关闭。

### Constraint 6: issue/PR 响应质量未知

- Trigger: issue_or_pr_quality=unknown。
- Host AI rule: 抽样最近 issue/PR，判断是否长期无人处理。
- Why it matters: 用户无法判断遇到问题后是否有人维护。
- Evidence: evidence.maintainer_signals | https://github.com/Idanref/memotrust | issue_or_pr_quality=unknown
- Hard boundary: 不要把这个坑点包装成已解决、已验证或可忽略，除非后续验证证据明确证明它已经关闭。

### Constraint 7: 发布节奏不明确

- Trigger: release_recency=unknown。
- Host AI rule: 确认最近 release/tag 和 README 安装命令是否一致。
- Why it matters: 安装命令和文档可能落后于代码，用户踩坑概率升高。
- Evidence: evidence.maintainer_signals | https://github.com/Idanref/memotrust | release_recency=unknown
- Hard boundary: 不要把这个坑点包装成已解决、已验证或可忽略，除非后续验证证据明确证明它已经关闭。
