feat: injection sanitizer, assembler budget fix, expanded tagger, /memory command#3
Merged
rdevaul merged 3 commits intordevaul:mainfrom Mar 21, 2026
Merged
Conversation
- Add scripts/memory_harvester.py: indexes memory files into ContextGraph - Add scripts/context_injector.py: dynamic memory injection bridge - Add scripts/update_memory_dynamic.py: memory update hook - Add INTEGRATION.md: memory integration architecture - Add memory-injection-bridge-v1-2026-03-19.md: injection bridge spec - Zero changes to harvester.py, api/server.py, assembler.py, plugin/* Rich will implement the memory injection hook on his side.
## Changes 1. scripts/harvester.py — added Discord and Vera session patterns - agent:main:discord:* (Discord channels) - agent:main:direct:* (Discord direct messages) - agent:vera:* (Vera subagent sessions) - Updated _channel_from_key() to detect discord/vera channels 2. scripts/verify_logging.py — NEW diagnostic tool - Checks interaction logs (data/interactions/YYYY-MM-DD.jsonl) - Checks comparison logs (~/.tag-context/comparison-log.jsonl) - Polls live API (http://127.0.0.1:8300/health, /comparison-stats) - Reports harvester state and coverage gaps - Identifies missing sessions and Discord coverage 3. memory_harvester.py — path verified correct - Already uses ~/.openclaw/workspace/memory/daily/ (post-migration path) ## Verification Output (2026-03-19) === Logging Health: 2026-03-19 === Interaction log: 171 records today, 2 yesterday Comparison log: 60 turns logged, avg 283 tokens saved (20.3%) API health: OK — 1000 messages, 157 tags Harvester state: last_run=never, sessions_tracked=8 === Coverage Gaps === Harvestable sessions: 8 Missing from log: 4 Discord sessions: 7 total, 3 captured Discord coverage: YES Missing sessions (4): - agent:main:discord:channel:1471025308139258055 - agent:main:discord:channel:1471021607261700241 - agent:main:discord:channel:1472826107177730214 - agent:main:direct:510637988242522133 Discord sessions (7): ✓ agent:main:discord:channel:784460676068409394 ✗ agent:main:discord:channel:1471025308139258055 ✗ agent:main:discord:channel:1471021607261700241 ✓ agent:main:direct:784460676068409394 ✓ agent:main:discord:channel:1472826107177730217 ✗ agent:main:discord:channel:1472826107177730214 ✗ agent:main:direct:510637988242522133 ## Status ✅ Discord sessions now in INCLUDE_PATTERNS — will be harvested on next run ✅ Verification tool ready for daily health checks ✅ 20.3% token savings confirmed via ContextGraph (avg 283 tokens/turn) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
…mory command Rich's updates (2026-03-19): - HIGH-01 fix: prompt injection sanitization at /ingest API layer - assembler: always include first recency/topic message (budget edge case) - tagger: 6 new rules (memory, trading, compute, agents, monitoring) - plugin: /memory status command + graph/ghost mode toggles - README: shadow mode documentation Security hardening by Agent: Vera: - HIGH-02 fix: bind API to 127.0.0.1 (was 0.0.0.0) - MEDIUM-01 fix: zero-width Unicode char stripping in sanitizer - MEDIUM-02 fix: additional injection patterns (from now on, [SYSTEM]:, HTML comments) Audited by Agent: Vera (grade: B+) All 139 tests passing.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Rich's updates (2026-03-19):
Security hardening by Agent: Vera:
Audited by Agent: Vera (grade: B+)
All 139 tests passing.