Skip to content

AlekseiMarchenko/central-intelligence

v1.0.0 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 1mo AI Agents & Assistants
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 1 known CVE

Affected surfaces

auth deps

Summary

AI summary

Recall now decomposes memories into structured facts, builds a knowledge graph, runs four parallel search strategies with RRF fusion, and reranks results locally.

Full changelog

4-Way Retrieval is currently still in development and would be available later for Enterprise customers

Recall is now 4x smarter. Every memory is decomposed into structured facts at store time, with entities extracted, resolved, and linked into a knowledge graph. Recall runs four search strategies in parallel (vector, BM25, graph traversal, temporal), fuses them with RRF, and reranks with a local cross-encoder model. Zero per-recall API cost.

Added

  • Fact decomposition. Each stored memory is broken into atomic facts with entities, temporal info, and causal relations via GPT-4o-mini. Facts are individually searchable with their own embeddings and tsvectors.
  • Entity resolution. Extracted entities are matched against existing ones using trigram similarity, co-occurrence scoring, and temporal proximity. "Alice" and "my coworker Alice" merge automatically.
  • Knowledge graph. Entities, facts, and co-occurrences form a queryable graph via junction tables. Graph traversal finds related facts through shared entities and causal links.
  • 4-way parallel retrieval. Recall runs vector search, BM25, graph traversal (dual-seed: embedding + entity name), and temporal search simultaneously. Results are fused via Reciprocal Rank Fusion.
  • Local ONNX cross-encoder reranker. ms-marco-MiniLM-L-6-v2 runs locally via @xenova/transformers. Zero per-request cost. Falls back to Cohere API, then passthrough.
  • Observation consolidation. When an entity accumulates 5+ facts, a higher-level observation is auto-synthesized. These "pre-computed answers" match directly on recall.
  • Automated Fly.io deploys via GitHub Actions on every push to main.
  • Security hardening. x402 auth context fix, non-root Docker, XSS escaping, CORS fix, OpenAI call budget, IP rate limit hardening.
  • 68 tests (up from 32). Covers fact extraction, entity scoring, 4-way RRF fusion, reranker fallback, and observation contracts.

Changed

  • Store pipeline: full fact decomposition replaces simple entity+preference enrichment (3x retry, exponential backoff, concurrency-limited queue).
  • Recall pipeline: routes to fact-based 4-way retrieval when fact_units exist, falls back to legacy 2-way (vector + BM25).
  • Reranker: 3-tier fallback chain (ONNX local, Cohere API, passthrough) replaces Cohere-only.
  • Dockerfile: non-root user, pre-downloads ONNX model during build.
  • Store cost: ~$0.0003/memory (up from ~$0.00007). Recall cost: $0 (down from ~$0.00002).

4-Way Retrieval is currently still in development and would be available later for Enterprise customers

Security Fixes

  • Security hardening includes x402 auth context fix, non‑root Docker container, XSS escaping, CORS fix, OpenAI call budget enforcement, and IP rate limit hardening.
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track AlekseiMarchenko/central-intelligence

Get notified when new releases ship.

Sign up free

About AlekseiMarchenko/central-intelligence

Persistent memory for AI agents. Five tools (remember, recall, context, forget, share) with semantic search via vector embeddings and agent/user/org scoping. Works with Claude Code, Cursor, Windsurf, and any MCP client.

All releases →

Related context

Beta — feedback welcome: [email protected]