npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@archoniclabs/ultra-memory

v1.0.0

Published

Local-first governed memory layer for AI apps.

Readme

Ultra Memory

Ultra Memory is a local-first governed memory layer for AI apps. It is not trying to be another vector database. It sits above retrieval and decides which memories are safe, relevant, and explainable enough to influence an answer or action.

The core idea:

observe or remember context
-> store a governed memory record with provenance
-> build a task-specific memory capsule
-> run risky actions through a memory firewall
-> show what was used, excluded, and why

Install

Install:

npm install @archoniclabs/ultra-memory

Run the demo:

npx @archoniclabs/ultra-memory demo

For local development:

npm install
npm run build
npm test

Agent Ultra can consume it during development with:

npm install ../ultra-memory

Quickstart

import { UltraMemory } from "@archoniclabs/ultra-memory";

const memory = await UltraMemory.open({
  appId: "agent-ultra",
  storagePath: "/path/to/userData/memory_tree",
  localOnly: true,
  policy: {
    confirmationRequiredActionTypes: ["email.send", "file.delete"]
  }
});

await memory.remember({
  type: "preference",
  text: "User prefers concise technical explanations.",
  scope: { kind: "global" },
  status: "confirmed",
  source: [{ kind: "manual", note: "User confirmed in settings." }]
});

await memory.ingest({
  kind: "conversation",
  conversationId: "thread_123",
  messageId: "msg_1",
  role: "user",
  projectId: "agent-ultra",
  text: "Remember that Maya is a contact from AI Alliance. I prefer concise warm emails."
});

const inbox = await memory.reviewInbox({ projectId: "agent-ultra" });

const capsule = await memory.buildCapsule({
  task: "Draft a follow-up email to Maya from AI Alliance.",
  actionType: "email.draft",
  projectId: "agent-ultra"
});

console.log(capsule.toPrompt());

const decision = await memory.guardAction({
  actionType: "email.send",
  capsule
});

const audit = await memory.listAuditEvents({ maxItems: 10 });

What Makes It Different

  • Every memory requires provenance.
  • Inferred and confirmed memories are distinct.
  • Memories have scope, confidence, sensitivity, and lifecycle fields.
  • Capsules explain why each memory was selected.
  • Capsules show notable exclusions.
  • The firewall prevents memory from silently authorizing risky actions.
  • ingest() turns app events into inferred memories for review.
  • reviewInbox() lets users confirm or reject inferred memory before it becomes trusted.
  • listAuditEvents() shows what memory did, not just what it stored.
  • The first store is local JSON, and the store interface is replaceable.

Current API

  • UltraMemory.open()
  • remember()
  • ingest()
  • reviewInbox()
  • search()
  • buildCapsule()
  • guardAction()
  • listAuditEvents()
  • confirm()
  • reject()
  • forget()
  • expire()
  • update()
  • exportBundle()
  • importBundle()

Production Behavior

The framework includes runtime validation. Memories are rejected if they have invalid type/status/sensitivity fields, missing text, missing project/app scope IDs, invalid dates, or no provenance source.

Firewall policy is configurable:

const memory = await UltraMemory.open({
  appId: "agent-ultra",
  storagePath,
  localOnly: true,
  policy: {
    deniedActionTypes: ["payment.send"],
    confirmationRequiredActionTypes: ["email.send", "file.delete", "email.draft"],
    highSensitivityRequiresOptIn: true,
    externalCommunicationRequiresConfirmation: false
  }
});

The defaults still deny memory authorization for payments, require confirmation for email sends and file deletes, and require explicit opt-in before high-sensitivity memories can influence actions.

Retrieval Adapters

Ultra Memory can sit above an existing memory backend. Retrieval adapters provide candidate records from LanceDB, SQLite, full-text search, app-specific chunk stores, or any other retrieval system. Ultra Memory still owns governance, capsule filtering, action safety, and audit.

const memory = await UltraMemory.open({
  appId: "my-ai-app",
  storagePath,
  localOnly: true,
  retrievalAdapters: [
    {
      id: "lancedb",
      async search(options) {
        const rows = await searchExistingVectorIndex(options.query, options.maxItems ?? 20);
        return rows.map((row) => ({
          record: mapRowToUltraMemoryRecord(row),
          score: row.score,
          reasons: ["semantic match"]
        }));
      }
    }
  ]
});

This is the intended production layering:

existing retrieval finds candidates
-> Ultra Memory validates governed records
-> buildCapsule() filters by scope/status/sensitivity/action
-> guardAction() blocks unsafe actions

Example

Run:

npm run example

Run tests:

npm test

The example saves:

  1. a confirmed email style preference
  2. an inferred AI Alliance relationship memory
  3. a high-sensitivity unrelated enterprise deal memory

Then it builds an email capsule and blocks email.send unless the user confirms in the current session.

The capsule also performs a shadow audit: nearby memories that share task terms but fail governance checks are shown as excluded. This is designed to catch cases where unrelated deal context might otherwise leak into an external email.

Architecture Notes

See docs/architecture.md for the record/capsule/firewall model and the shadow-audit behavior.

Electron Integration Shape

Use the package from the Electron main process:

const memory = await UltraMemory.open({
  appId: "agent-ultra",
  storagePath: path.join(app.getPath("userData"), "memory_tree"),
  localOnly: true
});

ipcMain.handle("memory:buildCapsule", (_event, options) => {
  return memory.buildCapsule(options);
});

ipcMain.handle("memory:guardAction", (_event, options) => {
  return memory.guardAction(options);
});

For chat, ask for actionType: "chat.answer". For external drafts, ask for email.draft. Before sending anything externally, call guardAction() with email.send.