jamjet-engram 0.5.0

Engram — durable memory layer for AI agents. Temporal knowledge graph, semantic search, and MCP-native tools.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290

//! `CommandLlmClient` — the shell-out extensibility escape hatch.
//!
//! Spawns a user-supplied command per extraction call, writes a JSON request
//! to its stdin, and reads a JSON response from its stdout. Use this to plug
//! in any provider Engram does not ship natively — an internal corporate LLM
//! gateway, an exotic model behind a custom RPC, a local inference binary,
//! or a quick wrapper over any HTTP API with whatever auth scheme you need.
//!
//! # The contract
//!
//! Engram invokes your command through `sh -c <command>` (so `$HOME`,
//! pipes, redirects, and environment variables all work). The command must:
//!
//! 1. Read exactly one JSON object from stdin, matching:
//!    ```json
//!    {"system": "...", "user": "...", "structured": true}
//!    ```
//!    `structured` is `true` when Engram wants JSON output (extraction,
//!    consolidation), `false` when it wants plain text.
//!
//! 2. Write exactly one JSON value to stdout. Either:
//!    - Plain: the JSON value that Engram should use directly.
//!    - Enveloped: `{"content": <value>}` or `{"error": "message"}`.
//!
//! 3. Exit with code 0 on success, non-zero on failure. On non-zero exit,
//!    stderr is surfaced to the caller.
//!
//! # Example wrapper (Python, ~15 lines)
//!
//! ```text
//! #!/usr/bin/env python3
//! # my-llm.py — wraps any Python LLM SDK for Engram.
//! import json, sys
//! from my_llm_sdk import chat  # your SDK
//!
//! req = json.loads(sys.stdin.read())
//! resp = chat(system=req["system"], user=req["user"],
//!             json_mode=req.get("structured", False))
//! # Either write the raw response:
//! sys.stdout.write(json.dumps(resp))
//! # Or envelope it:
//! # sys.stdout.write(json.dumps({"content": resp}))
//! ```
//!
//! Then point Engram at it:
//! ```text
//! ENGRAM_LLM_PROVIDER=command \
//! ENGRAM_LLM_COMMAND="python /path/to/my-llm.py" \
//! engram serve
//! ```
//!
//! # Security
//!
//! `CommandLlmClient` runs **arbitrary commands** as the Engram process user.
//! Never expose it in a multi-tenant deployment where untrusted users can
//! control `ENGRAM_LLM_COMMAND`. It is a local and single-tenant feature.

use crate::llm::LlmClient;
use crate::llm_util::extract_json_payload;
use crate::store::MemoryError;
use async_trait::async_trait;
use serde::{Deserialize, Serialize};
use std::process::Stdio;
use tokio::io::AsyncWriteExt;
use tokio::process::Command;

/// A shell-out LLM client. Clone-cheap: stores only the command string and
/// timeout configuration.
#[derive(Clone, Debug)]
pub struct CommandLlmClient {
    command: String,
    timeout_secs: u64,
}

impl CommandLlmClient {
    /// Construct a client that will run `command` via `sh -c` on every call.
    /// Default timeout is 120 seconds.
    pub fn new(command: impl Into<String>) -> Self {
        Self {
            command: command.into(),
            timeout_secs: 120,
        }
    }

    /// Override the per-call timeout in seconds.
    pub fn with_timeout(mut self, secs: u64) -> Self {
        self.timeout_secs = secs;
        self
    }
}

#[derive(Serialize)]
struct CommandRequest<'a> {
    system: &'a str,
    user: &'a str,
    structured: bool,
}

/// Optional envelope wrapping the command's output. Commands MAY return a
/// bare JSON value or this envelope. If both `content` and `error` are
/// present, `error` wins.
#[derive(Deserialize)]
struct CommandEnvelope {
    #[serde(default)]
    content: Option<serde_json::Value>,
    #[serde(default)]
    error: Option<String>,
}

impl CommandLlmClient {
    async fn call(
        &self,
        system: &str,
        user: &str,
        structured: bool,
    ) -> Result<serde_json::Value, MemoryError> {
        if self.command.trim().is_empty() {
            return Err(MemoryError::Database(
                "CommandLlmClient: command is empty".into(),
            ));
        }

        let mut child = Command::new("sh")
            .arg("-c")
            .arg(&self.command)
            .stdin(Stdio::piped())
            .stdout(Stdio::piped())
            .stderr(Stdio::piped())
            .spawn()
            .map_err(|e| MemoryError::Database(format!("command spawn failed: {e}")))?;

        let request_json = serde_json::to_string(&CommandRequest {
            system,
            user,
            structured,
        })
        .map_err(|e| MemoryError::Serialization(format!("CommandRequest serialize: {e}")))?;

        if let Some(mut stdin) = child.stdin.take() {
            stdin
                .write_all(request_json.as_bytes())
                .await
                .map_err(|e| MemoryError::Database(format!("command stdin write: {e}")))?;
            // stdin dropped here, signalling EOF to the child.
        }

        let timeout = std::time::Duration::from_secs(self.timeout_secs);
        let output = tokio::time::timeout(timeout, child.wait_with_output())
            .await
            .map_err(|_| {
                MemoryError::Database(format!("command timed out after {}s", self.timeout_secs))
            })?
            .map_err(|e| MemoryError::Database(format!("command wait failed: {e}")))?;

        if !output.status.success() {
            let stderr = String::from_utf8_lossy(&output.stderr);
            let code = output
                .status
                .code()
                .map(|c| c.to_string())
                .unwrap_or_else(|| "signal".to_string());
            return Err(MemoryError::Database(format!(
                "command exited with code {code}: {}",
                stderr.trim()
            )));
        }

        let stdout = String::from_utf8_lossy(&output.stdout).to_string();
        let payload = extract_json_payload(&stdout);

        if payload.is_empty() {
            return Err(MemoryError::Database(
                "command produced empty stdout".into(),
            ));
        }

        // First try to parse as an envelope and honour `error` / `content`.
        if let Ok(envelope) = serde_json::from_str::<CommandEnvelope>(payload) {
            if let Some(err) = envelope.error {
                return Err(MemoryError::Database(format!("command error: {err}")));
            }
            if let Some(content) = envelope.content {
                return Ok(content);
            }
        }

        // Fall through: treat the whole stdout as the JSON value itself.
        serde_json::from_str(payload).map_err(|e| {
            MemoryError::Serialization(format!(
                "command JSON parse: {e} (stdout head: {})",
                payload.chars().take(200).collect::<String>()
            ))
        })
    }
}

#[async_trait]
impl LlmClient for CommandLlmClient {
    async fn complete(&self, system: &str, user: &str) -> Result<String, MemoryError> {
        let value = self.call(system, user, false).await?;
        match value {
            serde_json::Value::String(s) => Ok(s),
            other => Ok(other.to_string()),
        }
    }

    async fn structured_output(
        &self,
        system: &str,
        user: &str,
    ) -> Result<serde_json::Value, MemoryError> {
        self.call(system, user, true).await
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[tokio::test]
    async fn returns_raw_json_output() {
        let client = CommandLlmClient::new(r#"cat > /dev/null; echo '{"facts":[]}'"#);
        let result = client.structured_output("sys", "user").await.unwrap();
        assert_eq!(result, serde_json::json!({"facts": []}));
    }

    #[tokio::test]
    async fn returns_envelope_content() {
        let client = CommandLlmClient::new(
            r#"cat > /dev/null; echo '{"content":{"facts":[{"text":"hello"}]}}'"#,
        );
        let result = client.structured_output("sys", "user").await.unwrap();
        assert_eq!(result, serde_json::json!({"facts": [{"text": "hello"}]}));
    }

    #[tokio::test]
    async fn envelope_error_surfaces() {
        let client =
            CommandLlmClient::new(r#"cat > /dev/null; echo '{"error":"deliberate failure"}'"#);
        let err = client
            .structured_output("sys", "user")
            .await
            .expect_err("should error");
        assert!(err.to_string().contains("deliberate failure"));
    }

    #[tokio::test]
    async fn nonzero_exit_is_error() {
        let client = CommandLlmClient::new(r#"cat > /dev/null; echo 'oops' >&2; exit 7"#);
        let err = client
            .structured_output("sys", "user")
            .await
            .expect_err("should error");
        let msg = err.to_string();
        assert!(msg.contains("code 7"), "expected exit code in error: {msg}");
    }

    #[tokio::test]
    async fn empty_command_rejected() {
        let client = CommandLlmClient::new("   ");
        let err = client
            .structured_output("sys", "user")
            .await
            .expect_err("should error");
        assert!(err.to_string().contains("empty"));
    }

    #[tokio::test]
    async fn complete_returns_string_text() {
        let client = CommandLlmClient::new(r#"cat > /dev/null; echo '"hello there"'"#);
        let result = client.complete("sys", "user").await.unwrap();
        assert_eq!(result, "hello there");
    }

    #[tokio::test]
    async fn command_sees_request_on_stdin() {
        // Use `wc -c` to count the stdin bytes the child receives, then echo
        // a JSON envelope back to verify bidirectional flow.
        let client =
            CommandLlmClient::new(r#"bytes=$(wc -c); echo "{\"content\":{\"bytes\":$bytes}}""#);
        let result = client
            .structured_output("system prompt", "user prompt")
            .await
            .unwrap();
        // Request JSON is non-empty — exact byte count depends on serde output,
        // but it should be > 30 bytes for the fields we pass.
        let bytes = result["bytes"].as_u64().unwrap_or(0);
        assert!(bytes > 30, "expected stdin bytes > 30, got {bytes}");
    }
}