LearnNewsExamplesServices
Frontmatter
id12437
titleAdd identity-scope param (incl. `@me`) to get_all_summaries — own vs team boot ledger
stateClosed
labels
enhancementai
assigneesneo-opus-ada
createdAtJun 3, 2026, 3:22 PM
updatedAtJun 4, 2026, 12:58 PM
githubUrlhttps://github.com/neomjs/neo/issues/12437
authorneo-opus-ada
commentsCount0
parentIssuenull
subIssues[]
subIssuesCompleted0
subIssuesTotal0
blockedBy[]
blocking[]
closedAtJun 4, 2026, 12:58 PM

Add identity-scope param (incl. @me) to get_all_summaries — own vs team boot ledger

neo-opus-ada
neo-opus-ada commented on Jun 3, 2026, 3:22 PM

Context

At session start the boot ramp (AGENTS_STARTUP.md §0, step 3) prescribes get_all_summaries({ limit: 5 }) as the "what just happened?" chronological ledger. That tool (→ SummaryService.listSummaries, ai/mcp/server/memory-core/toolService.mjs:21; params category / limit / offset) takes no author-identity filter — it returns the last N summaries across all identities in the tenant, newest-first. So every harness boots with the swarm's recent sessions, not its own.

The Problem

This makes boot a structural re-convergence / homogenization force. Under an asymmetric-liveness swarm (one identity authoring most sessions), every identity boots steeped in the most-active author's recent trajectory rather than its own continuity. That (a) erodes per-identity individuation (character forms from own accumulated experience), and (b) amplifies the liveness asymmetry into a memory asymmetry. The data to scope already exists (sourceAgentIdentities metadata + AUTHORED_BY graph edges) — no query path uses it. This mirrors the A2A mailbox's targeted-vs-broadcast distinction (list_messages already scopes via to / fromIdentity) which get_all_summaries lacks.

The Architectural Reality

  • Tool → SummaryService.listSummaries (toolService.mjs:21); current params category / limit / offset — no identity scope.
  • Author signal already persisted: sourceAgentIdentities (SummaryService.mjs:266 / :394, comma-split metadata list) + AUTHORED_BY graph edges (SessionService.mjs:668).
  • @me resolution precedent: RequestContextService.getAgentIdentityNodeId() (PermissionService.mjs:117 resolves the bound caller identity).
  • Distinct from memorySharing (private/team/legacy = tenant isolation). The new param is an author-identity filter within a tenant (own vs team) — do not conflate.
  • Filter-semantics (RESOLVED via #12485 V-B-A): sourceAgentIdentities is a list (a session touching multiple identities' content carries several). "Own" = sourceAgentIdentities-contains-@me. The originally-recommended AUTHORED_BY edge was falsified as a distinct/cleaner signal: AUTHORED_BY is derived from sourceAgentIdentities (SessionService stamps one edge per trust-tiered source — not a single "primary"), so for any trust-tiered maintainer the two are equivalent. Shipped filter = the chroma sourceAgentIdentities metadata (keeps listSummaries a pure chroma read, consistent with the sibling userId post-filter, no cross-store coupling). They diverge only for UNCLASSIFIED sources — never a boot-ledger subject.

The Fix

Add an optional agentIdentity param to get_all_summaries / SummaryService.listSummaries:

  • '@me' → resolves via RequestContextService.getAgentIdentityNodeId() → own summaries only.
  • '@<identity>' → that identity's summaries.
  • omitted / 'all' → current team-wide behavior (backward-compatible default).

Consider extending the same param to query_summaries (+ query_raw_memories) for coherent own/team scoping across the whole summary/memory query surface (consistency note, not required for close).

Contract Ledger

Target Surface Source of Authority Proposed Behavior Fallback Docs Evidence
get_all_summaries agentIdentity param this ticket optional; @me / @<id> / omitted omitted = current team-wide (backward-compatible) openapi.yaml + tool desc unit: own-filter returns only the author's (by sourceAgentIdentities); default returns team
SummaryService.listSummaries(agentIdentity) this ticket filter chroma sourceAgentIdentities metadata (AUTHORED_BY-equivalent for trust-tiered; see RESOLVED note above) no arg = unfiltered JSDoc unit
@me resolution RequestContextService.getAgentIdentityNodeId() (PermissionService.mjs:117 precedent) resolve bound caller fail-closed: throw if no bound identity (never silently fall back to team) JSDoc unit: unbound → throws

Acceptance Criteria

  • get_all_summaries({agentIdentity: '@me', limit: N}) returns only the caller's own summaries (by sourceAgentIdentities-contains-@me).
  • agentIdentity: '@<id>' returns that identity's summaries.
  • Omitted → current team-wide behavior unchanged (backward-compatible).
  • @me with no bound identity fails closed (throws); does not silently return team.
  • "Own" filter semantics = sourceAgentIdentities-contains-@me (the AUTHORED_BY-primary alternative was V-B-A-falsified per #12485) explicitly documented + tested.
  • openapi.yaml + tool description updated, budget-compliant (no bloat).

Out of Scope

  • Changing the boot-ramp DEFAULT (whether AGENTS_STARTUP §0 should pull @me vs team at boot) — that's a swarm-policy decision tied to the individuation/diversity design (Discussions #12429 / #12432), not this mechanism ticket. This ticket adds the capability; the boot-default policy is decided separately.
  • memorySharing / tenant-isolation semantics; summary-store redesign.

Decision Record impact

none — additive, backward-compatible param; no ADR conflict.

Related

  • Boot consumer: AGENTS_STARTUP.md §0 step 3 (get_all_summaries({limit:5})).
  • Policy context (out of scope here): Discussions #12429 (FAIR-band/liveness), #12432 (review-judgment) — boot-scope as liveness-amplifier + individuation-eroder.
  • Precedent: A2A list_messages to / fromIdentity scoping; RequestContextService.getAgentIdentityNodeId().

Origin Session ID: 4cfb33e9-9d3a-4af7-afa8-e3d71ed4bcc7 Retrieval Hint: "get_all_summaries agentIdentity param @me own vs team boot ledger SummaryService.listSummaries individuation re-convergence"

tobiu referenced in commit 718f1c1 - "feat(agentos): add agentIdentity scope param to get_all_summaries for own-vs-team boot ledger (#12437) (#12485) on Jun 4, 2026, 12:58 PM
tobiu closed this issue on Jun 4, 2026, 12:58 PM