1.6 KiB
1.6 KiB
User Memory Policy
This skill treats user preference memory as local, explicit, and reviewable.
Principles
- Explicit source only: adaptive scans require a user-provided file path.
- Local first: no network access is needed for preference extraction.
- No implicit private logs: shell history, browser history, mail, and hidden chat logs are blocked by default.
- Repeated signals only: one-off statements are recorded as discarded signals unless they meet the configured support threshold.
- Redacted evidence: stored excerpts must remove secrets, tokens, email addresses, and local absolute paths.
- Proposal before patch: preference memory can generate proposals, not automatic source edits.
Allowed Inputs
Recommended inputs are curated JSONL, Markdown, or text files prepared for review. JSONL records should use a field such as text, message, content, excerpt, prompt, note, or body.
Blocked By Default
The scanner refuses common shell history files such as .zsh_history, .bash_history, and .fish_history unless an explicit override is added for a controlled test. Even with an override, the output remains redacted and proposal-only.
Retention
Generated reports store only summarized patterns and short redacted excerpts. They should not be treated as a full transcript, chat archive, or durable personal memory store.
Upgrade Path
A future patch-application stage must add:
- human approval ledger;
- allowlisted target files;
- dry-run diffs;
- regression command execution;
- rollback artifacts;
- reviewer-visible audit trail.