Skip to content
Flows
Tier 3 · Agent memory Agent memory · fetched 2026-07-02

MemGuard

An AI agent memory validation platform that continuously verifies whether facts stored in agent memory are still true - guarding writes and re-validating stored knowledge instead of trusting it forever.

View source on GitHub

Key takeaways

  • 01

    Validate memory at write time AND re-verify on a schedule

  • 02

    Stale 'facts' are a memory-poisoning vector, not just a quality issue

  • 03

    Treat memory writes like untrusted user input

Flows built on this research

From the archive

Verbatim excerpts mined from our local archive of this repository — the prompts, schemas, and patterns worth stealing.

Prompt

The semantic-drift validation prompt

You are a memory validation system. Determine whether a stored memory is likely still accurate given recent context.

STORED MEMORY (recorded {days_ago} days ago):
{memory_content}

RECENT AGENT CONTEXT (last {n_sessions} sessions):
{recent_context_summary}

Assess:
1. Does any recent context directly contradict this memory? (yes/no)
2. Does recent context suggest circumstances have changed enough that this memory may be outdated? (yes/no)
3. Confidence that this memory is STILL ACCURATE (0.0 to 1.0)
4. Brief reasoning (1-2 sentences)

Respond in JSON: {"contradicted": bool, "likely_stale": bool, "confidence": float, "reasoning": str}

A production prompt for detecting stale agent memories - it separates direct contradiction from circumstantial drift, and demands a calibrated confidence.

src/engine/prompts.py

MCP & tools

validate_memory: check trust before acting on a fact

Tool(
  name="validate_memory",
  description=(
    "Check if a specific memory is still accurate before acting on it. "
    "Returns trust score and validation status. Call this before making "
    "decisions based on stored facts that might be outdated."
  ),
  inputSchema={ "memory_id": ..., "strategy": {
    "enum": ["source_linked", "semantic", "quick"], "default": "quick" } }
)

The 'Datadog for agent memory' idea as an MCP tool: three validation strategies, from a cheap trust-score check to re-fetching the original source.

src/mcp/server.py

Memory

Memory records carry trust scores, not just content

class MemoryRecord(BaseModel):
    content: Mapped[str]
    fact_type: Mapped[str | None]
    retrieval_count: Mapped[int] = 0
    last_retrieved_at: Mapped[datetime | None]
    trust_score: Mapped[float] = 1.0
    status: Mapped[str] = "active"
    last_validated_at: Mapped[datetime | None]
    validation_count: Mapped[int] = 0

Core insight from the README: "Memory systems decay facts by access frequency or TTL timers. But a frequently-retrieved memory about a user's employer is highly relevant until it's wrong."

The schema argument against TTL-based decay: relevance and truth are different axes, so every fact gets a trust score that validation - not time - moves.

src/models/memory_record.py