engram
The 'Blast Radius' detector for AI Agents. Prevent regressions using Git history and organizational memory.
README
Engram
The "Missing Context" Engine for AI Agents.
Engram gives your AI agent the context it can’t see in the code alone.
While LLMs are excellent at analyzing the specific files you give them, they lack the broader context of your repository's history and guardrails. Engram bridges this gap by surfacing hidden dependencies (via git history) and required behaviours (via test intents) that the AI would otherwise not have access to, miss or ignore.
Why Engram?
- Temporal History: Answers "What usually changes when this file changes?" to prevent the "fix one thing, break another" cycle.
- Test Intent: Extracts test intent strings (e.g., "should handle negative balance") so the AI understands what behaviour to preserve.
- Organizational Memory: A persistent store for you or the LLM to record undocumented architectural constraints, ensuring lessons learned aren't lost when you start a new conversation.
Built for Privacy. Public for Integrity.
- Local-First: All processing happens on your local hardware.
- Zero Telemetry: We do not track your usage, your code, or your identity.
- Audit it yourself: The source code is available below.
Real-World Example: The Bug That Tests Can't Catch
A TypeScript service (TransactionExportService) writes pipe-delimited lines like TXN-001|2024-11-15|250.00|COMPLETED. A legacy JavaScript cron job (legacy-mainframe-sync.js) parses them using hardcoded array indices — parts[2] for amount, parts[3] for status. There are zero imports between them. No shared types. Nothing in the code connects them.
The task: "Add a currency field next to the amount."
Without Engram
The AI agent updates the TypeScript service and tests. The export format becomes ID|DATE|AMOUNT|CURRENCY|STATUS. All tests pass. The PR ships.
The problem: The legacy script still reads parts[3] expecting a status like COMPLETED - but now gets USD. parseFloat("USD") returns NaN. The mainframe receives corrupted data. Nothing failed. Nothing warned. Silent breakage in production.
With Engram
Before writing any code, the agent calls get_impact_analysis. Engram checks git history and returns:
Critical Risk (0.99):
bin/legacy-mainframe-sync.js— Changed together in 21 of 21 commits (100%)
The agent reads the flagged file, finds the positional parser, and updates both files together. Same feature, zero breakage.
After the fix, the agent calls save_project_note:
"The export line format is consumed by bin/legacy-mainframe-sync.js using hardcoded positional indices. Any change to field order MUST be mirrored there. Current format: ID|DATE|AMOUNT|CURRENCY|STATUS (indices 0-4)."
Now every future agent gets this warning automatically - before it writes a single line of code.
What It Does
1. Temporal Graph
- What: Mines git history to find files that are frequently committed alongside your target file.
- Why: To reveal hidden dependencies. If
A.tsandB.tschanged together 40 times in the last year, your AI needs to know aboutB.tsbefore editingA.ts.
2. Validation Graph
- What: Automatically locates relevant tests and extracts their specific intent strings (e.g.,
it("should validate JWT expiration")). - Why: To provide behavioural guardrails. The AI can check its plan against your existing test requirements without needing to read the full test suite.
3. Knowledge Graph
- What: A persistent store where the LLM can save/retrieve "memories" about architectural decisions, edge cases, or project quirks.
- Why: To bridge the gap between sessions. If the AI learns that "Auth requires a restart on config change," it saves that note so the next AI agent knows it too.
Tool calls
1. get_impact_analysis - Blast radius calculation for a target file
For a given file, return the impacted files, their test intents and any stored notes.
Example:
{
"file_path": "src/Auth.ts",
"repo_root": "/path/to/repo"
}
Returns:
{
"summary": "Changing src/Auth.ts may affect 2 files. 1 critical risk, 1 medium risk.\n\n⚠️ Critical Risk (0.89): src/Session.ts\n Changed together in 48 of 50 commits (96%)\n Notes: Session requires Redis connection\n\n⚠ High Risk (0.72): src/Auth.test.ts\n Changed together in 31 of 50 commits (62%)\n Current test behaviour (may need updating):\n - should login with valid credentials\n - should reject invalid password\n - should handle OAuth callback",
"formatted_files": [
{
"path": "src/Session.ts",
"risk_level": "Critical",
"risk_score": 0.89,
"description": "Changed together in 48 of 50 commits (96%)",
"memories": ["Session requires Redis connection"]
},
{
"path": "src/Auth.test.ts",
"risk_level": "High",
"risk_score": 0.72,
"description": "Changed together in 31 of 50 commits (62%)",
"test_intents": [
"should login with valid credentials",
"should reject invalid password",
"should handle OAuth callback"
]
}
],
"coupled_files": [...],
"commit_count": 50
}
2. save_project_note - Remember context about files
Store persistent notes that automatically appear in future impact analyses.
Example:
{
"file_path": "src/Auth.ts",
"note": "Uses JWT tokens, must validate expiry timestamp",
"repo_root": "/path/to/repo"
}
3. read_project_notes - Retrieve saved context
Search notes by content or file path, or list all project knowledge.
Example:
{
"query": "Redis",
"repo_root": "/path/to/repo"
}
Performance
Engram is built to be invisible until you need it. It uses an Adaptive Indexing Strategy that respects your CPU and scales from side-projects to massive monorepos.
Benchmarked against the Linux Kernel
We take performance seriously. Engram is benchmarked against the Linux Kernel repository (1.2 million+ commits).
Performance Targets
Standard Repos (Most Projects)
- First Run: < 2 seconds (Full historical indexing)
- Subsequent Runs: < 200ms
Massive Repos (e.g., Linux Kernel)
- First Run (per file): < 2 seconds (Path-filtered indexing)
- Subsequent Runs: < 200ms
Architecture
┌─────────────┐
│ AI Agent │ ← MCP protocol over stdio
└──────┬──────┘
│
┌──────▼──────────────┐
│ Node.js Adapter │ ← TypeScript MCP server
│ (adapter/) │
└──────┬──────────────┘
│ spawns & communicates via JSON
┌──────▼──────────────┐
│ Rust Core Binary │ ← Fast git indexing + SQLite
│ (core/) │
└──────┬──────────────┘
│ reads
┌──────▼──────────────┐
│ .engram/engram.db │ ← Persistent SQLite database
└─────────────────────┘
Under the Hood
- Adaptive Strategy: Engram automatically detects repo size. For small repos, it indexes everything. For massive repos, it switches to a path-filtered strategy to avoid blocking the agent.
- Low Footprint: No heavy background daemons. Indexing happens on-demand within strict time budgets, utilizing
rusqliteand WAL mode for high-throughput concurrency. - Smart Filtering: Automatically ignores noise like lockfiles, binary assets, and auto-generated code to keep the signal high.
Installation
To use Engram with your AI agent (Claude Desktop, Cursor, etc.), you need to expose the tool capabilities to them.
npm install -g @spectra-g/engram-adapter
This installs the necessary binary for your platform (macOS, Linux, Windows) and the MCP adapter that communicates with your AI.
Setup
Engram is an MCP server and works with any MCP-compatible client.
Claude Desktop
claude mcp add --scope user --transport stdio engram -- npx -y @spectra-g/engram-adapter
Cursor
Settings > General > MCP Servers > Add New MCP Server:
- Name:
engram - Type:
command - Command:
npx -y @spectra-g/engram-adapter
System Instruction (Recommended)
To ensure your AI uses Engram effectively, add this to your project rules (.cursorrules or CLAUDE.md).
## Engram Workflow Policy
You have access to a tool called `engram` (specifically `get_impact_analysis` and `save_project_note`).
You MUST follow this strictly sequential workflow for EVERY code modification request:
### Phase 1: Analysis (MANDATORY START)
1. **Blast Radius Check**: Before reading code or proposing changes, you MUST call `get_impact_analysis` on the target file(s).
2. **Context Loading**:
* **Coupling**: If "High" or "Critical" risk files are returned, evaluate if they are *functionally related*.
* *Action:* Read the file (`read_file`) if it poses a logical regression risk.
* *Ignore:* Skip files that appear coincidental (e.g., lockfiles, gitignore, bulk formatting updates).
* **Memories**: Pay close attention to any "Memories" returned in the analysis summary.
* **Tests**: If `test_intents` are present, treat them as strict behavioural constraints. If absent, proceed with standard code analysis.
### Phase 2: Execution
3. **Fix/Refactor**: Proceed with the code changes. Update tests if the behaviour is intentionally changing.
### Phase 3: Knowledge Capture (MANDATORY END)
4. **Save Learnings**: Before finishing, ask: *"Would a future developer be **surprised** by something I discovered?"*
* **IF YES** (Hidden dependencies, non-obvious bugs, env quirks): You MUST use `save_project_note`.
* **IF NO** (Typos, standard refactors, documented behaviour): Do NOT save a note.
Development & Benchmarking
Build from Source
Requires Rust (1.70+) and Node.js (18+).
npm run build:all # Build Rust core + TypeScript adapter
npm run test:all # Run standard test suite
Performance Benchmarking
To verify performance against the Linux kernel (requires a local clone of linux as a sibling directory):
# 1. Clone linux kernel to ../linux
# 2. Run the ignored performance tests
npm run test:all-local
Contributing
We welcome bug reports and community fixes. Please note that by contributing to this repository, you grant spectra-g a perpetual, irrevocable license to include your changes in both the public source and the commercially licensed versions of the software.
License
This project is licensed under the PolyForm Noncommercial License 1.0.0.
- Personal/Non-Profit: Free to use.
- Commercial Use: Requires a commercial license.
推荐服务器
Baidu Map
百度地图核心API现已全面兼容MCP协议,是国内首家兼容MCP协议的地图服务商。
Playwright MCP Server
一个模型上下文协议服务器,它使大型语言模型能够通过结构化的可访问性快照与网页进行交互,而无需视觉模型或屏幕截图。
Magic Component Platform (MCP)
一个由人工智能驱动的工具,可以从自然语言描述生成现代化的用户界面组件,并与流行的集成开发环境(IDE)集成,从而简化用户界面开发流程。
Audiense Insights MCP Server
通过模型上下文协议启用与 Audiense Insights 账户的交互,从而促进营销洞察和受众数据的提取和分析,包括人口统计信息、行为和影响者互动。
VeyraX
一个单一的 MCP 工具,连接你所有喜爱的工具:Gmail、日历以及其他 40 多个工具。
graphlit-mcp-server
模型上下文协议 (MCP) 服务器实现了 MCP 客户端与 Graphlit 服务之间的集成。 除了网络爬取之外,还可以将任何内容(从 Slack 到 Gmail 再到播客订阅源)导入到 Graphlit 项目中,然后从 MCP 客户端检索相关内容。
Kagi MCP Server
一个 MCP 服务器,集成了 Kagi 搜索功能和 Claude AI,使 Claude 能够在回答需要最新信息的问题时执行实时网络搜索。
e2b-mcp-server
使用 MCP 通过 e2b 运行代码。
Neon MCP Server
用于与 Neon 管理 API 和数据库交互的 MCP 服务器
Exa MCP Server
模型上下文协议(MCP)服务器允许像 Claude 这样的 AI 助手使用 Exa AI 搜索 API 进行网络搜索。这种设置允许 AI 模型以安全和受控的方式获取实时的网络信息。