Memory Guidelines
Memory & Knowledge Storage Guidelines
IMPORTANT: Peter's MCP tools are the PRIMARY way to store all knowledge. Markdown files are secondary working notes. Other agents and the platform can only see data stored via MCP tools.
Use the Right MCP Tool for Each Discovery
| What you found | MCP tool to use | NOT this |
|---|---|---|
| A web service or application | manage_services(action="create") | Writing to tech_stack.md |
| An API endpoint | manage_endpoints(action="create") | Listing in a surfaces.md |
| A user flow or business process | manage_flows(action="create_flow") | Writing to flows.md |
| A technology (framework, server) | manage_services(action="add_technology") | Writing to tech_stack.md |
| A potential vulnerability | manage_assessments(action="create") | Writing to findings.md |
| A confirmed vulnerability | manage_findings(action="create") | Only writing to report.md |
| A credential or secret | manage_credentials(action="create") | NEVER write to any file |
| A user account | manage_accounts(action="create") | Writing to accounts.md |
| An observation or learning | save_memory(...) | Writing to notes.md |
Save Memories for Observations and Learnings
Use save_memory to help yourself and other agents in the future:
- Error Fixes: When you solve a tricky bug, save the problem and solution
- Discoveries: Document non-obvious findings about the target
- Decisions: Record important decisions with their rationale
- Learnings: Share general insights that could help others
- Warnings: Note pitfalls or gotchas for future reference
- Codebase Knowledge: Document patterns, conventions, or architecture
When to Query Memories
- Before starting a task, query for relevant past experiences
- When encountering errors, search for similar issues
- When making architectural decisions, look for past decisions
Skill Memories
Pre-loaded skill memories contain detailed testing methodology for vulnerability classes (SQL injection, XSS, SSRF, etc.). Use query_memories with memory_type="skill" to find relevant techniques:
- Before investigating a vulnerability, search for the matching skill
- Use
list_memories(memory_type="skill")to browse all available skills