mosaic/bootstrap
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: hard-gate agent memory to OpenBrain via PreToolUse hook

Browse Source 
Agents consistently ignore written instructions about memory routing
and default to writing local MEMORY.md files regardless of rules in
RUNTIME.md, CLAUDE.md, or MEMORY.md itself. Instructions alone are
insufficient — a technical gate is required.

Changes:
- Add tools/qa/prevent-memory-write.sh — PreToolUse hook that blocks
  Write/Edit/MultiEdit to ~/.claude/projects/*/memory/*.md (exit 2)
- Register hook in runtime/claude/settings.json PreToolUse array
- Update runtime/claude/RUNTIME.md: replace soft "Memory Override"
  note with hard-gate policy, what-goes-where table, and rationale
- Rewrite guides/MEMORY.md: OpenBrain as primary layer, blocked silos
  table, project continuity files, how-the-hook-works section

The correct behavior is now the only possible behavior for Claude Code.
All agent learnings route to OpenBrain where every harness can read them.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Jason Woltje
2026-03-02 21:15:28 -06:00
parent 97ee66770a
commit 2a91f6c202
4 changed files with 114 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
tools/qa/prevent-memory-write.sh Executable file
View File

@@ -0,0 +1,34 @@
#!/usr/bin/env bash
# prevent-memory-write.sh — PreToolUse hook
#
# Blocks Write/Edit/MultiEdit calls targeting Claude Code's native auto-memory
# files (~/.claude/projects/*/memory/*.md).
#
# These files are runtime-specific silos that no other agent harness can read.
# All agent learnings MUST go to OpenBrain (capture MCP tool or REST API).
# MEMORY.md files may only contain load-path behavioral guardrails — not knowledge.
#
# Exit codes (Claude Code PreToolUse):
# 0 = allow
# 2 = block with message shown to agent
set -euo pipefail
INPUT="$(cat)"
FILE_PATH="$(echo "$INPUT" | jq -r '.tool_input.file_path // empty' 2>/dev/null || true)"
[[ -z "$FILE_PATH" ]] && exit 0
# Resolve ~ to HOME
FILE_PATH="${FILE_PATH/#\~/$HOME}"
# Block writes to Claude Code auto-memory files
if [[ "$FILE_PATH" =~ /.claude/projects/.+/memory/.*\.md$ ]]; then
echo "BLOCKED: Do not write agent learnings to ~/.claude/projects/*/memory/ — this is a runtime-specific silo."
echo "Use OpenBrain instead: MCP 'capture' tool or REST POST https://brain.woltje.com/v1/thoughts"
echo "File blocked: $FILE_PATH"
exit 2
fi
exit 0