Add ask_for_memory_deletion MCP tool (with human

Tinker

Home Epics Add ask_for_memory_deletion MCP tool (with human confirmation)Edit

Add ask_for_memory_deletion MCP tool (with human confirmation)

Cancel

Title *

Project *

Description

Add a safe memory deletion mechanism that prevents agents from arbitrarily deleting organizational knowledge.

## Problem

Agents should NOT be able to directly delete memories - this could lead to:
- Loss of important architectural decisions
- Removal of bug fixes/solutions
- Erasure of system knowledge
- Potential "rogue agent" scenarios

## Solution: Request-Approval Flow

Create `ask_for_memory_deletion` MCP tool that:
1. Agent requests deletion (provides memory_id and reason)
2. Request is logged/stored for human review
3. Human confirms/rejects via UI or separate approval flow
4. Only after human confirmation is memory actually deleted

## Tool Specification

**Tool Name:** `ask_for_memory_deletion`

**Parameters:**
- `memory_id` (required) - ID of memory to delete
- `reason` (required) - Why this memory should be deleted

**Returns:**
- Confirmation that deletion request was submitted
- Request ID for tracking
- Status: "pending_human_review"

**What it does:**
- Creates a `MemoryDeletionRequest` record
- Stores: memory_id, requesting_agent_id, reason, status, created_at
- Does NOT delete the actual memory
- Logs the request for human review

## Human Approval Flow (Separate)

Options for human approval:
1. **Rails UI** - `/admin/memory_deletion_requests` index page
2. **CLI command** - `rails tinker:memory_deletion:review`
3. **API endpoint** - `POST /api/v1/memory_deletion_requests/:id/approve`

## Database Changes

Create table:
```ruby
create_table :memory_deletion_requests do |t|
  t.integer :memory_id, null: false
  t.integer :requesting_agent_id, null: false
  t.text :reason, null: false
  t.string :status, default: 'pending'
  t.integer :reviewed_by_agent_id
  t.text :review_notes
  t.timestamps
end
```

## Acceptance Criteria

1. `ask_for_memory_deletion` tool creates request record (not deletion)
2. Request includes memory_id, agent_id, reason, timestamp
3. Human can view all pending deletion requests
4. Human can approve/reject deletion requests
5. Only approved deletions actually remove memory
6. All deletion attempts are logged (audit trail)
7. Agents cannot bypass this flow

## Security Considerations

- No direct `delete_memory` tool exists
- Only humans (or Orchestrator with special privilege?) can approve
- Audit log of all deletion requests and outcomes
- Optional: Require 2-factor approval for certain memory types (decision, error)

## Files to Create/Modify

**New:**
- `app/models/memory_deletion_request.rb`
- `app/controllers/api/v1/memory_deletion_requests_controller.rb`
- `spec/models/memory_deletion_request_spec.rb`
- `spec/controllers/api/v1/memory_deletion_requests_controller_spec.rb`

**Modify:**
- `db/schema.rb` - add memory_deletion_requests table
- `mcp-bridge/src/tools/index.ts` - add ask_for_memory_deletion tool
- Admin UI (optional) - deletion request review interface