fix(mcp): scope recall_query to the current project#42
Merged
Conversation
recall_query called db.queryMemories without projectId, searching across ALL projects instead of the current one. This violates the project-scoped contract: cross-project visibility was explicitly rejected early in development as unacceptable for an open-source tool. recall_context, recall_save and HTTP /memory/query all pass projectId — recall_query was the lone gap (it predates the project_id mechanism and was missed when query handlers were later rewired). - recallQueryInput: add required projectId (mirrors recall_context) - handler: thread projectId into queryMemories + telemetry (was hardcoded null, which also broke per-project telemetry grouping) - tests: add cross-project isolation test; scope existing tests to proj-a Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
tznthou
added a commit
that referenced
this pull request
May 24, 2026
Scope recall_query to the current project (#42). The MCP recall_query tool was searching across all projects; it now takes a required projectId like the other entry points. Follow-up on client-supplied projectId trust tracked in #41. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
The
recall_queryMCP tool was searching across all projects instead of the current one. This scopes it to the current project, matching the other three entry points.Root cause
recall_querywas born in the MCP skeleton (1238d98) before theproject_idmechanism existed. Scoping arrived in phase-4b (c2b8262); when query handlers were rewired in phase-4c (14debcc),recall_contextpicked upprojectIdbutrecall_querywas missed — it calleddb.queryMemories(query, limit)with noprojectId, hitting the no-filter (all-project) branch.The project-scoped contract was an explicit early-development decision: cross-project visibility ("global") was rejected as unacceptable for an open-source tool — users expect project isolation.
recall_context/recall_save/ HTTP/memory/queryall honor it;recall_querywas the lone gap.Change
recallQueryInput: add requiredprojectId(z.string().min(1), mirrorsrecall_contextverbatim)recallQueryHandler: threadprojectIdintodb.queryMemories+appendRecallTelemetry(telemetryprojectIdwas hardcodednull, which also broke per-project grouping)recall_query+ touch-integration tests to proj-aSide effect (intended)
Cross-project "accidental hits" disappear, so cold-rate figures may rise. But the prior baseline was inflated by this bug — post-fix numbers reflect true project-scoped recall.
Quality gate (gogo)
projectIdmirrorsrecall_context)Follow-up
Codex flagged that client-supplied
projectIdcould be forged (server-side binding would be stronger). Pre-existing all-MCP design question, outside the current local / trusted-caller threat model. Tracked in #41.🤖 Generated with Claude Code