From 3fbb9a18372f2b6a675dd6c039ba52be76f3eeb4 Mon Sep 17 00:00:00 2001
From: TheSiahxyz <164138827+TheSiahxyz@users.noreply.github.com>
Date: Fri, 16 Jan 2026 08:30:14 +0900
Subject: updates

---
 .../memory-mcp-server/.claude/commands/review.md   | 147 +++++++++++++++++++++
 1 file changed, 147 insertions(+)
 create mode 100644 mcp-servers/memory-mcp-server/.claude/commands/review.md

(limited to 'mcp-servers/memory-mcp-server/.claude/commands/review.md')

diff --git a/mcp-servers/memory-mcp-server/.claude/commands/review.md b/mcp-servers/memory-mcp-server/.claude/commands/review.md
new file mode 100644
index 0000000..40fb885
--- /dev/null
+++ b/mcp-servers/memory-mcp-server/.claude/commands/review.md
@@ -0,0 +1,147 @@
+---
+description: Comprehensive code review for Memory MCP Server
+argument-hint: "[specific file, module, or leave empty for full review]"
+allowed-tools: Read, Grep, Glob, Task, TodoWrite
+---
+
+# Memory MCP Server Code Review
+
+Perform a comprehensive review of $ARGUMENTS with focus on MCP protocol compliance and memory system integrity:
+
+## Critical Security & Safety
+
+- **Data Isolation**: Verify companion/user boundary enforcement
+- **SQL Injection**: Check all database queries for parameterization
+- **Embedding Leakage**: Ensure vector data doesn't cross tenant boundaries
+- **Auth Tokens**: Validate secure storage and transmission
+- **API Keys**: Check for hardcoded credentials (OpenAI, Neon)
+- **Session Hijacking**: Review session management implementation
+
+## MCP Protocol Compliance
+
+- **JSON-RPC 2.0**: Validate message format compliance
+- **Error Codes**: Use standard MCP error codes (-32700 to -32603)
+- **Tool Registration**: Verify proper tool manifest structure
+- **Parameter Validation**: Check Zod schemas match MCP expectations
+- **Response Format**: Ensure consistent response structure
+- **Streaming Support**: Validate partial result handling
+
+## Memory System Integrity
+
+- **Vector Dimensions**: Ensure consistent embedding dimensions (1536 for OpenAI)
+- **Index Configuration**: Review IVFFlat/HNSW parameters
+- **Memory Lifecycle**: Check expiration and archival logic
+- **Consolidation Rules**: Validate memory merging algorithms
+- **Importance Scoring**: Review decay and update mechanisms
+- **Deduplication**: Check for duplicate memory prevention
+
+## Performance Optimization
+
+- **N+1 Queries**: Identify and fix database query patterns
+- **Vector Search**: Optimize similarity thresholds and limits
+- **Index Usage**: Verify proper index hints and scans
+- **Connection Pooling**: Check pool size and timeout settings
+- **Batch Operations**: Look for opportunities to batch DB operations
+- **Caching Strategy**: Review memory and query result caching
+
+## Database & Schema
+
+- **Migration Safety**: Check for backward compatibility
+- **Transaction Boundaries**: Verify ACID compliance
+- **Deadlock Prevention**: Review lock ordering
+- **Foreign Keys**: Ensure referential integrity
+- **Soft Deletes**: Validate is_archived handling
+- **Timestamps**: Check timezone handling
+
+## Error Handling
+
+- **Database Errors**: Graceful handling of connection failures
+- **API Failures**: OpenAI API error recovery
+- **Validation Errors**: User-friendly error messages
+- **Timeout Handling**: Proper cleanup on timeouts
+- **Retry Logic**: Exponential backoff implementation
+- **Logging**: Structured logging with appropriate levels
+
+## Code Quality
+
+- **TypeScript Strict**: Enable strict mode compliance
+- **Type Safety**: No `any` types without justification
+- **Code Duplication**: Identify repeated patterns
+- **Function Complexity**: Break down complex functions
+- **Naming Conventions**: Consistent naming patterns
+- **Documentation**: JSDoc for public APIs
+
+## Testing Gaps
+
+- **Unit Test Coverage**: Minimum 80% coverage
+- **Integration Tests**: MCP protocol testing
+- **Vector Search Tests**: Similarity threshold validation
+- **Session Tests**: Multi-tenancy isolation
+- **Error Path Tests**: Exception handling coverage
+- **Performance Tests**: Load and stress testing
+
+## Specific Checks for Memory MCP
+
+```typescript
+// Check for these patterns:
+interface MemoryReviewChecks {
+  // 1. Embedding generation should handle failures
+  embeddings: {
+    fallbackStrategy: boolean;
+    retryLogic: boolean;
+    costTracking: boolean;
+  };
+  
+  // 2. Vector search should be bounded
+  vectorSearch: {
+    maxResults: number;
+    minSimilarity: number;
+    timeoutMs: number;
+  };
+  
+  // 3. Memory operations should be atomic
+  transactions: {
+    useTransactions: boolean;
+    rollbackOnError: boolean;
+    isolationLevel: string;
+  };
+  
+  // 4. Session management should be secure
+  sessions: {
+    tokenRotation: boolean;
+    expirationHandling: boolean;
+    revokeOnLogout: boolean;
+  };
+}
+```
+
+## Priority Issues Format
+
+### 🔴 Critical (Security/Data Loss)
+
+- Issue description
+- File:line reference
+- Suggested fix
+
+### 🟡 Important (Performance/Reliability)
+
+- Issue description
+- File:line reference
+- Suggested fix
+
+### 🟢 Minor (Code Quality/Style)
+
+- Issue description
+- File:line reference
+- Suggested fix
+
+## Review Checklist
+
+- [ ] No sensitive data in logs
+- [ ] All DB queries parameterized
+- [ ] MCP responses follow spec
+- [ ] Vector operations are bounded
+- [ ] Sessions properly isolated
+- [ ] Errors handled gracefully
+- [ ] Performance within targets
+- [ ] Tests cover critical paths
-- 
cgit v1.2.3