Feature Request: Project Isolation Controls
Problem Statement
Currently, Basic Memory allows unrestricted access to project switching and cross-project operations via MCP tools. This creates security concerns when using projects as isolation boundaries for different AI agents or use cases, as memories could potentially leak between projects.
Current Cross-Project Capabilities:
- Project management tools:
list_memory_projects(), switch_project(), create_memory_project(), etc.
- Content tools with optional
project parameters for cross-project access
- No access controls or restrictions on project discovery/switching
Use Case
Users want to:
- Use different projects for different AI agents/contexts
- Prevent memory leakage between isolated workflows
- Maintain strict security boundaries between projects
- Avoid accidental cross-project contamination
As noted by @wreed4 in #110:
"Using a project as a security boundary would be a very useful capability. Plus, if the agent can change projects, but it's previously read information from project 1 into its context, there seems like there'd be a pretty high likelihood for it to 'leak' memories into project 2."
Proposed Solution
Add granular configuration options to BasicMemoryConfig to control project isolation:
# Project security settings
disable_project_switching: bool = Field(
default=False,
description="Disable tools that allow switching between projects"
)
disable_cross_project_operations: bool = Field(
default=False,
description="Disable project parameter in content tools"
)
restrict_project_discovery: bool = Field(
default=False,
description="Prevent listing all available projects"
)Implementation Details
1. Project Management Tool Filtering
When disable_project_switching=True:
- Remove these tools from MCP registration:
list_memory_projects()switch_project()create_memory_project()delete_project()set_default_project()
- Keep only read-only project info:
get_current_project()
2. Cross-Project Parameter Validation
When disable_cross_project_operations=True:
- Remove/ignore optional
project parameters from content tools
- Reject operations that specify a project different from current session
- All operations work only within the currently active project
3. Project Discovery Restriction
When restrict_project_discovery=True:
list_memory_projects() returns only current project (if enabled)- Prevent enumeration of all available projects
- Error messages don't leak project names
Configuration Options
Option 1: MCP Server Arguments
# Disable all project switching
uvx basic-memory --no-project-switching mcp
# Disable cross-project operations
uvx basic-memory --no-cross-project mcp
# Strict isolation mode
uvx basic-memory --project-isolation mcp
Option 2: Configuration File
{
"project_security": {
"disable_project_switching": true,
"disable_cross_project_operations": true,
"restrict_project_discovery": true
}
}Option 3: Environment Variables
BASIC_MEMORY_DISABLE_PROJECT_SWITCHING=true
BASIC_MEMORY_DISABLE_CROSS_PROJECT=true
BASIC_MEMORY_RESTRICT_PROJECT_DISCOVERY=true
Benefits
- ✅ Security: Maintains strict isolation boundaries for multi-agent scenarios
- ✅ Data Safety: Prevents accidental cross-project contamination
- ✅ Backward Compatibility: Defaults preserve current behavior
- ✅ Granular Control: Users can choose which restrictions to apply
- ✅ Simple Implementation: Clear configuration-driven approach
Acceptance Criteria
Priority
Medium-High - Important for users requiring security isolation between projects, enables broader adoption in multi-agent environments.
Related Issues
Implementation Areas
src/basic_memory/config.py - Add configuration optionssrc/basic_memory/mcp/server.py - Conditional tool registrationsrc/basic_memory/mcp/tools/ - Parameter validation in content toolssrc/basic_memory/cli/ - Add CLI flags for common scenarios- Documentation updates for security configuration
Feature Request: Project Isolation Controls
Problem Statement
Currently, Basic Memory allows unrestricted access to project switching and cross-project operations via MCP tools. This creates security concerns when using projects as isolation boundaries for different AI agents or use cases, as memories could potentially leak between projects.
Current Cross-Project Capabilities:
list_memory_projects(),switch_project(),create_memory_project(), etc.projectparameters for cross-project accessUse Case
Users want to:
As noted by @wreed4 in #110:
Proposed Solution
Add granular configuration options to
BasicMemoryConfigto control project isolation:Implementation Details
1. Project Management Tool Filtering
When
disable_project_switching=True:list_memory_projects()switch_project()create_memory_project()delete_project()set_default_project()get_current_project()2. Cross-Project Parameter Validation
When
disable_cross_project_operations=True:projectparameters from content tools3. Project Discovery Restriction
When
restrict_project_discovery=True:list_memory_projects()returns only current project (if enabled)Configuration Options
Option 1: MCP Server Arguments
Option 2: Configuration File
{ "project_security": { "disable_project_switching": true, "disable_cross_project_operations": true, "restrict_project_discovery": true } }Option 3: Environment Variables
Benefits
Acceptance Criteria
Priority
Medium-High - Important for users requiring security isolation between projects, enables broader adoption in multi-agent environments.
Related Issues
Implementation Areas
src/basic_memory/config.py- Add configuration optionssrc/basic_memory/mcp/server.py- Conditional tool registrationsrc/basic_memory/mcp/tools/- Parameter validation in content toolssrc/basic_memory/cli/- Add CLI flags for common scenarios