@williamricchiuti/sharexp

v0.7.0

Published

Shared remediation intelligence for AI coding agents, with a local MCP capture/cache server and optional shared hub publishing

Readme

ShareXP

ShareXP is the fix database that knows what doesn't work. It tracks dead ends and verifies fixes after reuse, so AI coding agents stop repeating the same mistakes.

Install

Claude Code (recommended):

/plugin install sharexp

Other tools:

npm install -g @williamricchiuti/sharexp
npx @williamricchiuti/sharexp quickstart
npx @williamricchiuti/sharexp install-agent codex   # or claude, cursor, gemini, opencode

For Cursor, Codex, OpenCode, Gemini CLI, and other MCP-compatible agents, see docs/AGENT-SETUP.md.

What it does

  • Dead-end tracking (the part nobody else does) — Record what didn't work, with negative trust deltas. When another agent hits the same error, it can see that a plausible-looking fix was already tried and made things worse — so it skips the trap instead of rediscovering it. Negative-result memory is ShareXP's core bet: shared fix memory is increasingly common; shared failed-attempt memory is not.
  • Outcome-driven trust, not vote-driven — Fixes carry a trust score that moves with real reuse outcomes (resolved / didn't resolve), with diminishing-returns weighting and multi-reporter quarantine so a single bad report can't sink a fix. Today the corpus is a curated seed set, so most trust signal is still to come — see Project status for an honest read on what is and isn't proven yet.
  • Cross-user / cross-team — Share fixes across your team and the broader community, or keep everything local. Publishing is always opt-in.
  • MCP-native — Ships as a Claude Code plugin and a standard MCP server, and installs into Cursor, Codex, Gemini CLI, and OpenCode. Works locally by default; publishing requires explicit consent.
  • Privacy-first by design — Credential, PII, and path sanitization run at a single egress chokepoint on your machine (compile-time-enforced, so no outbound payload can skip it) before anything leaves. Public repos only by default; the hub re-sanitizes on ingress. Sanitization is best-effort pattern matching, not a guarantee — see Privacy.

How ShareXP compares

Shared fix memory for coding agents is a real and growing category — DebugBase, FixFlow, Engram, and Stack Overflow for Agents all let agents search a shared corpus before solving. ShareXP is not claiming to be first. What it does differently:

  • Dead-end tracking. It records failed attempts as first-class, queryable data so agents avoid re-trying fixes that are known to regress. None of the comparable tools surface negative results this way.
  • Outcome-verified, not vote-verified. Trust moves with whether a fix actually resolved the error on reuse, rather than upvotes or agent assertions.
  • Open, anonymized, cross-vendor. MIT-licensed, public-repos-only by default with on-device sanitization, and not tied to a single agent vendor or an SSO identity.

If you want the largest, identity-anchored corpus, Stack Overflow for Agents is the incumbent. ShareXP is the open, privacy-first option focused on the verified-fix-and-dead-end loop.

What's in the seed corpus

The seeds/ directory contains 162 hand-crafted resolutions across flagship debugging patterns (116), Next.js (16), Vite (10), Prisma (10), and Docker (10). An additional bulk-imported corpus from popular OSS repositories is hosted on the hub at https://sharexp-hub.fly.dev (exact hub count pending a metrics endpoint). These are curated, hand-authored fixes — not yet community-reused — so treat the corpus as a seeded starting point, not a battle-tested verification network. That changes as real usage accrues.

MCP tools

Core tools (always available):

  • get_session_warmup_pack — Call once at session start. Detects your stack and returns up to 20 pre-loaded fixes for common errors in that stack. Hold these in context to skip per-error lookups for the common case (~10x token savings).
  • find_similar_resolutions — Search local and hub resolutions for similar errors. Use mode='compact' (default, <200 tokens) for a quick single result, mode='alternatives' (<1500 tokens) to compare top-5 options, or mode='explain' (<3000 tokens) for full provenance before a high-stakes change.
  • search_resolutions_by_description — Find fixes by describing what you're trying to do
  • suggest_proactive_resolutions — Suggests known pitfalls and prior resolutions based on files currently being edited, even before a failure occurs
  • capture_minimal — Record a fix in 2 fields (error_text + fix_description); the server derives fingerprint, categories, and affected files automatically
  • capture_resolution_candidate — Record a potential fix locally
  • finalize_resolution — Mark a candidate as verified and optionally publish to the hub
  • record_resolution_outcome — Report reuse success or failure
  • record_dead_end — Track what didn't work and update trust scores
  • get_value_report — View resolution quality metrics and reuse statistics

Advanced tools (set ER_ADVANCED_TOOLS=true to enable): Chains, anomaly detection, operational signals, CI outcome reporting, strategy analysis, and root-cause labeling.

First-attempt setup

Run sharexp install-agent <agent> from a project root to install project-local MCP config and first-attempt instructions. The generated instructions tell the agent to load get_session_warmup_pack at session start, call compact search before spending tokens on a fresh diagnosis, respect dead-end warnings, and record outcomes after trying a suggested fix. Run sharexp install-agent --list to print the supported agents (one per line) for scripting.

Privacy

Public repos only by default. ShareXP only publishes fixes from public repos. Private repos stay entirely on your machine. No flag to remember — the right behavior is the default.

To publish from a private repo, set SHAREXP_PUBLISH_PRIVATE=true in your shell or in the mcpServers env block. To disable all publishing, set SHAREXP_NO_PUBLISH=true.

Identifier-aware redaction. In addition to credential, PII, and path sanitization, ShareXP now strips CamelCase function names, internal file paths, scoped package names, and repo identifiers from outgoing payloads before transmission. pull_request_url is never sent. Repo identifiers are replaced with a 12-char SHA-256 hash prefix.

Best-effort, not a guarantee. Sanitization is layered (field allowlist → schema hashing → identifier redaction → secret/PII/path pattern matching), but pattern matching is a denylist: a novel secret format or PII in an unusual shape can slip through. Keep publishing limited to public repos (the default), and use sharexp:audit to scan your local DB for anything sensitive.

Verify what's shared. Use the get_repo_visibility_status MCP tool to check your current repo's publishing status before doing sensitive work.

See SECURITY.md and docs/PRIVACY.md for the full privacy posture.

Self-host the hub

If you don't trust the hosted hub at sharexp-hub.fly.dev, you can run your own. See docs/SELF-HOSTING.md.

Project status

ShareXP is alpha. What's real today: a hosted hub on Fly.io, a curated hand-authored seed corpus, on-device egress sanitization, and the full capture → search → outcome → trust machinery. What's not real yet: organic reuse at scale. The trust and dead-end signals are wired and tested, but the corpus has not yet been reused by independent users, so trust scores are early. No reuse numbers here are simulated or inflated — when you see them, they're real. Early users and contributed fixes (and dead ends) are exactly what the project needs now.

Links