Source: This page and
docs/case_studies/vault-memory-github-session-2026-04.md
are kept in sync; edit both when the narrative changes.
Case study: Vault memory ingest, GitHub tracking, and shipping enterprise audit (April 2026)
This case study summarizes a multi-turn working session in Cursor: ingesting external and assistant-generated content into the ClawQL MCP memory_ingest / memory_recall Obsidian vault, prioritizing GitHub work, opening tracking issues, and delivering a concrete feature slice (audit tool, #89) plus docs / Helm / website wiring.
Audience: Operators and contributors who use vault memory for long-running context, GitHub for execution, and want a repeatable pattern for “ingest → prioritize → issue → implement.”
1. Why this session mattered
Long-horizon product work generates more context than any single chat can hold: vendor analyses, roadmap essays, ecosystem posts, and cross-session prioritization. Without a durable store, you re-argue the same design every week. This session used the vault as the system of record for that material, then used GitHub as the system of execution — issues, epics, and shipped code.
Three layers:
| Layer | Tooling | Durability |
|---|---|---|
| Scratch | cache() (optional, in-process LRU) | Lost on process restart — good for ephemeral tool state. |
| Operator trail | audit() (optional, in-process ring buffer) | Not the vault; not compliance-grade logging by itself — see docs/mcp/enterprise-mcp-tools.md. |
| Narrative + graph | memory_ingest / memory_recall | Markdown + [[wikilinks]] (+ optional memory.db hybrid features). |
2. Narrative timeline (April 2026)
- Ingest wave: External threads (e.g. Grok cross-checks, Agent vision, gRPC/Gallery notes) landed in the vault with stable titles and often
append: trueso related updates consolidated instead of fragmenting. - Tracker sync: Open issues were listed, deduped, and extended — e.g.
iac_inspectduplicate closure (#39 → #69), new epics #88–#91 for gateway, enterprise tools, synthetics, Gallery downstream work. - Prioritization: Among schedule/notify/vision (#76–#78), memory epics (#68), docs/evals (#70–#71), docs site (#87), and new items, the group picked #89 for a vertical slice with clear acceptance: one enterprise tool shipped end-to-end.
- Implementation:
audit— design doc, code, tests, Helm/K8s/env/docs/site/Cursor skill — untilnpm testgreen.
3. What was ingested into the vault (memory_ingest)
Structured insights plus verbatim or summarized conversation blocks were stored under stable titles (append-friendly) so Obsidian [[wikilinks]] and memory_recall stay useful:
| Theme | Vault note title (representative) |
|---|---|
| Grok repo analysis vs v3.2.3 | ClawQL MCP v3.2.3 Grok repo analysis (Apr 17 2026) — cross-check vs open issues, suggested issue titles, follow-on design (schedule + sandbox, synthetics, cache vs memory). |
| ClawQL-Agent vision | ClawQL-Agent platform vision and roadmap (2026-04-17) — enterprise framing (DORA/DACI), x402 / public gateway, payment discovery, clawql.com gateway notes. |
| gRPC + Gallery / LinkedIn | ClawQL gRPC MCP transport and Gemma Gallery skill (announcement 2026-04); LinkedIn ecosystem post note. |
| SuperQwen benchmark tweet | SuperQwen3.6-35B Song Jun tweet — ClawQL-Agent model note (2026-04) — third-party claims flagged for verification. |
| Workflow tips | ClawQL MCP cache vs memory_ingest — when to use which. |
| GitHub prioritization | ClawQL open-issues prioritization (2026-04-17) — open/closed snapshot, #39 merged into #69, new issues #88–#91. |
Practice: Prefer memory_ingest for durable decisions; use cache() only for session scratch the user asked not to persist forever.
Ingest hygiene: use wikilinks to connect roadmap ↔ GitHub issue notes ↔ architecture sketches so memory_recall with maxDepth can pull related pages, not only keyword hits.
4. GitHub: issues created and housekeeping
| Action | Detail |
|---|---|
| Closed duplicate | #39 → canonical #69 (iac_inspect). |
| New issues | #88 public gateway / x402 / discovery; #89 enterprise tools epic; #90 synthetic checks + schedule; #91 Gallery fork gRPC (upstream issues disabled). |
| Starter artifact | website/public/.well-known/payments.json placeholder + /.well-known/* cache headers — ties to #88 / #87 (docs deploy). |
Gallery: Issues are disabled on the fork; #91 in this repo tracks downstream PRs.
Why track duplicates explicitly: reduces split-brain prioritization (“which issue is the real iac_inspect?”) and keeps search / execute automation aligned with a single canonical thread.
5. Prioritization snapshot (session)
- Open work included #76–#78 (schedule, notify, vision), #69 / memory epics, #87 (docs site), #88–#91 (new).
- Suggested order discussed: dedupe
iac_inspect(done), optional tools #76 → #77 → #78, memory under #68, docs #70 / eval #71, public gateway when ready. - Picked for implementation: #89 — design doc + first vertical slice.
Rationale: #89 was scoped to ship something observable in MCP + Helm + docs — a forcing function for optional-tool plumbing (CLAWQL_ENABLE_*, chart values, website tables) that future enterprise tools (metrics, governance) reuse.
6. Why audit was the right vertical slice
The enterprise epic needed a tool that is:
- Optional — off by default; no surprise behavior for existing deployments.
- Inspectable — operators can
listrecent events without SSHing to grep logs. - Bounded — ring buffer + max entries env (
CLAWQL_AUDIT_MAX_ENTRIES); not a silent unbounded log file on disk by default. - Documentable — pairs naturally with
docs/mcp/enterprise-mcp-tools.mdthreat-model language.
Not a replacement for memory_ingest: audit is for runtime MCP events; the vault is for human-readable narrative.
7. Work completed: enterprise audit (#89)
- Design:
docs/mcp/enterprise-mcp-tools.md— flags, threat model, futuremetrics/governance. - Code:
src/clawql-audit.ts—append/list/clear; unconditional registration insrc/tools.ts(noCLAWQL_ENABLE_AUDIT; optional flags insrc/clawql-optional-flags.tscover other tools). - Tests:
src/clawql-audit.test.ts, extended optional-flags + stdio smoke (src/server.test.ts). - Docs / env:
docs/mcp/mcp-tools.md,.env.example,README.md,CHANGELOG.md. - Ops:
docs/deployment/deploy-k8s.md,docs/deployment/helm.md—auditis ClawQL Core (no Helm/env toggle). - Website & Cursor: site copy (
website/src/app/tools/page.mdx, related MDX),.cursor/skills/clawql-vault-memory/SKILL.md— clarifiesauditvs vault.
Tests: npm test green before merge.
8. Optional tools: audit vs cache vs vault
| Tool | Env | Persists? | Use for |
|---|---|---|---|
cache | ClawQL Core (always on) | No (in-process LRU) | Session scratch, tool handoff state. |
audit | always on (no env gate) | No (ring buffer) | Operator-visible MCP event trail in-session. |
memory_ingest | on by default; vault path + DB sidecar; CLAWQL_ENABLE_MEMORY=0 to hide | Yes (Markdown + DB) | Decisions, runbooks, cross-session recall. |
9. Helm and website wiring
Docs and Helm describe audit as ClawQL Core (with search / execute, always on, no opt-out) so docs.clawql.com matches the diagram and the server’s tool list.
10. Outcomes and follow-ups
| Outcome | Notes |
|---|---|
| Vault | Searchable narrative for roadmap, payments, gRPC, and GitHub state — refresh stale cross-links (e.g. closed issues) when re-calling. |
| Tracker | #89 remains an epic until metrics / governance ship; audit v1 satisfies “one vertical slice.” |
| Next builds | #76–#78, #88 payment gateway hardening, Gallery gRPC via #91, #90 synthetics. |
| Deploy | Validate /.well-known/payments.json on docs.clawql.com after #87. |
11. References
- MCP tools: mcp-tools.md
- Enterprise design: enterprise-mcp-tools.md
- Vault memory skill: integrations/cursor-vault-memory.md
- Issues: #88–#91, #89
Website (readable summary): /case-studies/vault-memory-github-session-2026-04 on docs.clawql.com.
Token estimates for this doc are not the focus; the win is durable graph + executable backlog with one shipped slice per milestone.