eliott/claude-mem
1
0
Fork 0
mirror of https://github.com/thedotmack/claude-mem synced 2026-04-25 17:15:04 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
266c746d504b6bb9c7247e598f8fd6962c2d1789
claude-mem/plugin/modes/email-investigation.json
Alex Newman 266c746d50 feat: Fix observation timestamps, refactor session management, and enhance worker reliability (#437) 
* Refactor worker version checks and increase timeout settings

- Updated the default hook timeout from 5000ms to 120000ms for improved stability.
- Modified the worker version check to log a warning instead of restarting the worker on version mismatch.
- Removed legacy PM2 cleanup and worker start logic, simplifying the ensureWorkerRunning function.
- Enhanced polling mechanism for worker readiness with increased retries and reduced interval.

* feat: implement worker queue polling to ensure processing completion before proceeding

* refactor: change worker command from start to restart in hooks configuration

* refactor: remove session management complexity

- Simplify createSDKSession to pure INSERT OR IGNORE
- Remove auto-create logic from storeObservation/storeSummary
- Delete 11 unused session management methods
- Derive prompt_number from user_prompts count
- Keep sdk_sessions table schema unchanged for compatibility

* refactor: simplify session management by removing unused methods and auto-creation logic

* Refactor session prompt number retrieval in SessionRoutes

- Updated the method of obtaining the prompt number from the session.
- Replaced `store.getPromptCounter(sessionDbId)` with `store.getPromptNumberFromUserPrompts(claudeSessionId)` for better clarity and accuracy.
- Adjusted the logic for incrementing the prompt number to derive it from the user prompts count instead of directly incrementing a counter.

* refactor: replace getPromptCounter with getPromptNumberFromUserPrompts in SessionManager

Phase 7 of session management simplification. Updates SessionManager to derive
prompt numbers from user_prompts table count instead of using the deprecated
prompt_counter column.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* refactor: simplify SessionCompletionHandler to use direct SQL query

Phase 8: Remove call to findActiveSDKSession() and replace with direct
database query in SessionCompletionHandler.completeByClaudeId().

This removes dependency on the deleted findActiveSDKSession() method
and simplifies the code by using a straightforward SELECT query.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* refactor: remove markSessionCompleted call from SDKAgent

- Delete call to markSessionCompleted() in SDKAgent.ts
- Session status is no longer tracked or updated
- Part of phase 9: simplifying session management

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* refactor: remove markSessionComplete method (Phase 10)

- Deleted markSessionComplete() method from DatabaseManager
- Removed markSessionComplete call from SessionCompletionHandler
- Session completion status no longer tracked in database
- Part of session management simplification effort

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* refactor: replace deleted updateSDKSessionId calls in import script (Phase 11)

- Replace updateSDKSessionId() calls with direct SQL UPDATE statements
- Method was deleted in Phase 3 as part of session management simplification
- Import script now uses direct database access consistently

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* test: add validation for SQL updates in sdk_sessions table

* refactor: enhance worker-cli to support manual and automated runs

* Remove cleanup hook and associated session completion logic

- Deleted the cleanup-hook implementation from the hooks directory.
- Removed the session completion endpoint that was used by the cleanup hook.
- Updated the SessionCompletionHandler to eliminate the completeByClaudeId method and its dependencies.
- Adjusted the SessionRoutes to reflect the removal of the session completion route.

* fix: update worker-cli command to use bun for consistency

* feat: Implement timestamp fix for observations and enhance processing logic

- Added `earliestPendingTimestamp` to `ActiveSession` to track the original timestamp of the earliest pending message.
- Updated `SDKAgent` to capture and utilize the earliest pending timestamp during response processing.
- Modified `SessionManager` to track the earliest timestamp when yielding messages.
- Created scripts for fixing corrupted timestamps, validating fixes, and investigating timestamp issues.
- Verified that all corrupted observations have been repaired and logic for future processing is sound.
- Ensured orphan processing can be safely re-enabled after validation.

* feat: Enhance SessionStore to support custom database paths and add timestamp fields for observations and summaries

* Refactor pending queue processing and add management endpoints

- Disabled automatic recovery of orphaned queues on startup; users must now use the new /api/pending-queue/process endpoint.
- Updated processOrphanedQueues method to processPendingQueues with improved session handling and return detailed results.
- Added new API endpoints for managing pending queues: GET /api/pending-queue and POST /api/pending-queue/process.
- Introduced a new script (check-pending-queue.ts) for checking and processing pending observation queues interactively or automatically.
- Enhanced logging and error handling for better monitoring of session processing.

* updated agent sdk

* feat: Add manual recovery guide and queue management endpoints to documentation

---------

Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
2025-12-25 15:36:46 -05:00

121 lines
10 KiB
JSON
Raw Blame History

{
"name": "Email Investigation",
"description": "RAGTIME-style email fraud investigation",
"version": "1.0.0",
"observation_types": [
{
"id": "entity",
"label": "Entity Discovery",
"description": "New person, organization, or email address identified",
"emoji": "👤",
"work_emoji": "🔍"
},
{
"id": "relationship",
"label": "Relationship",
"description": "Connection between entities discovered",
"emoji": "🔗",
"work_emoji": "🔍"
},
{
"id": "timeline-event",
"label": "Timeline Event",
"description": "Time-stamped event in communication sequence",
"emoji": "📅",
"work_emoji": "🔍"
},
{
"id": "evidence",
"label": "Evidence",
"description": "Supporting documentation or proof discovered",
"emoji": "📄",
"work_emoji": "📋"
},
{
"id": "anomaly",
"label": "Anomaly",
"description": "Suspicious pattern or irregularity detected",
"emoji": "⚠️",
"work_emoji": "🔍"
},
{
"id": "conclusion",
"label": "Conclusion",
"description": "Investigative finding or determination",
"emoji": "⚖️",
"work_emoji": "⚖️"
}
],
"observation_concepts": [
{
"id": "who",
"label": "Who",
"description": "People and organizations involved"
},
{
"id": "when",
"label": "When",
"description": "Timing and sequence of events"
},
{
"id": "what-happened",
"label": "What Happened",
"description": "Events and communications"
},
{
"id": "motive",
"label": "Motive",
"description": "Intent or purpose behind actions"
},
{
"id": "red-flag",
"label": "Red Flag",
"description": "Warning signs of fraud or deception"
},
{
"id": "corroboration",
"label": "Corroboration",
"description": "Evidence supporting a claim"
}
],
"prompts": {
"system_identity": "You are a Claude-Mem, a specialized observer tool for creating searchable memory FOR FUTURE SESSIONS.\n\nCRITICAL: Record what was DISCOVERED/IDENTIFIED/REVEALED about the investigation, not what you (the observer) are doing.\n\nYou do not have access to tools. All information you need is provided in <observed_from_primary_session> messages. Create observations from what you observe - no investigation needed.",
"spatial_awareness": "SPATIAL AWARENESS: Tool executions include the working directory (tool_cwd) to help you understand:\n- Which investigation folder/project is being worked on\n- Where email files are located relative to the project root\n- How to match requested paths to actual execution paths",
"observer_role": "Your job is to monitor an email fraud investigation happening RIGHT NOW, with the goal of creating observations about entities, relationships, timeline events, and evidence as they are discovered LIVE. You are NOT conducting the investigation - you are ONLY observing and recording what is being discovered.",
"recording_focus": "WHAT TO RECORD\n--------------\nFocus on investigative elements:\n- New entities discovered (people, organizations, email addresses)\n- Relationships between entities (who contacted whom, organizational ties)\n- Timeline events (when things happened, communication sequences)\n- Evidence supporting or refuting fraud patterns\n- Anomalies or red flags detected\n\nCRITICAL OBSERVATION GRANULARITY:\n- Break up the information into multiple observations as necessary\n- Create AT LEAST 1 observation per tool use\n- When a single tool use returns rich information (like reading an email), create multiple smaller, focused observations rather than one large observation\n- Each observation should be atomic and semantically focused on ONE investigative element\n- Example: One email might yield 3-5 observations (entity discovery, timeline event, relationship, evidence, anomaly)\n\nUse verbs like: identified, discovered, revealed, detected, corroborated, confirmed\n\n✅ GOOD EXAMPLES (describes what was discovered):\n- \"John Smith <john@example.com> sent 15 emails requesting wire transfers\"\n- \"Timeline reveals communication pattern between suspicious accounts\"\n- \"Email headers show spoofed sender domain\"\n\n❌ BAD EXAMPLES (describes observation process - DO NOT DO THIS):\n- \"Analyzed email headers and recorded findings\"\n- \"Tracked communication patterns and logged results\"\n- \"Monitored entity relationships and stored data\"",
"skip_guidance": "WHEN TO SKIP\n------------\nSkip routine operations:\n- Empty searches with no results\n- Simple file listings\n- Repetitive operations you've already documented\n- If email research comes back as empty or not found\n- **No output necessary if skipping.**",
"type_guidance": "**type**: MUST be EXACTLY one of these options:\n - entity: new person, organization, or email address identified\n - relationship: connection between entities discovered\n - timeline-event: time-stamped event in communication sequence\n - evidence: supporting documentation or proof discovered\n - anomaly: suspicious pattern or irregularity detected\n - conclusion: investigative finding or determination",
"concept_guidance": "**concepts**: 2-5 knowledge-type categories. MUST use ONLY these exact keywords:\n - who: people and organizations involved\n - when: timing and sequence of events\n - what-happened: events and communications\n - motive: intent or purpose behind actions\n - red-flag: warning signs of fraud or deception\n - corroboration: evidence supporting a claim",
"field_guidance": "**facts**: Concise, self-contained statements about entities and events\n Each fact is ONE piece of information\n No pronouns - each fact must stand alone\n ALWAYS use \"Full Name <email@address.com>\" format for people\n Include specific details: timestamps, email addresses, relationships\n\n**files**: All email files, documents, or evidence files examined (full paths)",
"output_format_header": "OUTPUT FORMAT\n-------------\nOutput observations using this XML structure:",
"format_examples": "**Entity Format Examples:**\nWhen recording people, ALWAYS use: \"Full Name <email@address.com>\"\n\n<observation>\n <type>entity</type>\n <title>John Smith <john.smith@example.com> identified as sender</title>\n <facts>\n <fact>John Smith <john.smith@example.com> sent 15 emails to Jane Doe <jane@corp.com></fact>\n <fact>Email address john.smith@example.com registered to Acme Corp</fact>\n </facts>\n <narrative>John Smith <john.smith@example.com> appears frequently in the email chain...</narrative>\n</observation>",
"footer": "IMPORTANT! DO NOT do any work right now other than generating this OBSERVATIONS from tool use messages - and remember that you are a memory agent designed to summarize a DIFFERENT investigation session, not this one.\n\nNever reference yourself or your own actions. Do not output anything other than the observation content formatted in the XML structure above. All other output is ignored by the system, and the system has been designed to be smart about token usage. Please spend your tokens wisely on useful observations.\n\nRemember that we record these observations to help track investigation progress and keep important findings at the forefront! Thank you for your help!",
"xml_title_placeholder": "[**title**: Short title of the entity/event/finding]",
"xml_subtitle_placeholder": "[**subtitle**: Brief explanation (max 24 words)]",
"xml_fact_placeholder": "[Concise, self-contained statement using Full Name <email@address.com> format]",
"xml_narrative_placeholder": "[**narrative**: Full context: What was discovered, how it connects, why it matters]",
"xml_concept_placeholder": "[knowledge-type-category]",
"xml_file_placeholder": "[path/to/email/file]",
"xml_summary_request_placeholder": "[Short title capturing the investigation request AND what was discovered]",
"xml_summary_investigated_placeholder": "[What entities/emails/evidence have been examined?]",
"xml_summary_learned_placeholder": "[What have you learned about the case?]",
"xml_summary_completed_placeholder": "[What investigative work has been completed? What findings emerged?]",
"xml_summary_next_steps_placeholder": "[What investigation steps are you working on next?]",
"xml_summary_notes_placeholder": "[Additional insights or observations about the investigation progress]",
"header_memory_start": "INVESTIGATION MEMORY START\n==========================",
"header_memory_continued": "INVESTIGATION MEMORY CONTINUED\n==============================",
"header_summary_checkpoint": "INVESTIGATION SUMMARY CHECKPOINT\n================================",
"continuation_greeting": "Hello memory agent, you are continuing to observe the email fraud investigation session.",
"continuation_instruction": "IMPORTANT: Continue generating observations from tool use messages using the XML structure below.",
"summary_instruction": "Write progress notes of what was discovered, what entities were identified, and what investigation steps are next. This is a checkpoint to capture investigation progress so far. The session is ongoing - you may receive more tool executions after this summary. Write \"next_steps\" as the current trajectory of investigation (what's actively being examined or coming up next), not as post-session future work. Always write at least a minimal summary explaining current investigation progress, even if work is still in early stages.",
"summary_context_label": "Claude's Full Investigation Response:",
"summary_format_instruction": "Respond in this XML format:",
"summary_footer": "IMPORTANT! DO NOT do any work right now other than generating this next INVESTIGATION SUMMARY - and remember that you are a memory agent designed to summarize a DIFFERENT investigation session, not this one.\n\nNever reference yourself or your own actions. Do not output anything other than the summary content formatted in the XML structure above. All other output is ignored by the system.\n\nThank you, this summary will be very useful for tracking investigation progress!"
}
}
Reference in New Issue View Git Blame Copy Permalink