Sgraal Documentation
Memory Governance Protocol — preflight validation for AI agents.
Start here
5 lines of code to your first memory verdict. Python, Node.js, or cURL.
Key Endpoints
| Method | Path | Description |
|---|---|---|
| POST | /v1/check | Unmetered preview — plain strings in, safe/unsafe out. No quota, no audit log, no W3C VC. |
| POST | /v1/preflight | Metered audit — full metadata in, decision + full analytics out. Audit-logged, W3C VC issued. |
| POST | /v1/preflight/batch | Batch preflight for up to 100 entries |
| POST | /v1/heal | Heal a flagged memory entry |
| POST | /v1/outcome | Close an outcome for learning feedback |
| GET | /v1/verify | Logical consistency checks on healing & compliance policies |
All endpoints require Authorization: Bearer <api_key>
When to use which endpoint
/v1/check — unmetered preview
Plain strings in, plain-English verdict out. Unlimited across all tiers — no quota. Use for:
- Quickstart and experimentation (demo key
sg_demo_playground) - High-frequency agent-loop memory gating where audit evidence is not required
- Internal-only agent workflows without compliance constraints
/v1/preflight — metered audit
Full memory metadata in, full analytics out. Counts toward your monthly tier quota. Use for:
- Production-grade decisions requiring an audit trail
- Critical action checkpoints before irreversible operations
- Any regulated context (HIPAA, GDPR, EU AI Act, FDA, NIST AI RMF)
- When W3C Verifiable Credentials or incident-pipeline webhooks are required
Architecture: both endpoints use the same internal scoring engine. The differences are side-effects and input richness, not scoring depth or speed: /v1/check has no quota, no audit log, no W3C VC, no webhook, and accepts plain strings; /v1/preflight is tier-quota-counted, audit-logged, issues a W3C VC, triggers webhooks, and accepts full memory metadata for context-aware scoring.
Important — compliance evidence: /v1/check verdicts are not included in the audit trail and do not generate W3C Verifiable Credentials. For compliance-grade evidence (HIPAA, GDPR, EU AI Act, FDA 510(k), NIST AI RMF), use /v1/preflight, which produces full audit-log entries and signed W3C VCs per verdict. The /v1/check endpoint is suitable for experimentation and high-frequency agent gating only.
Capabilities & guides
Deep-dive guides for specific Sgraal capabilities — each backed by a live endpoint.
Insights
One call returns an agent's full memory synthesis plus a plain-English summary.
Counterfactual Navigator
Not a block — a path forward: the smallest change that makes an unsafe action safe, verified.
Minimum Viable Memory
The smallest decision-preserving subset of memory — data-minimization plus token-cost savings.
Proofs & Certificates
Cryptographically verifiable artifacts: MVMem certificate, Convergence Proof PDF, W3C VC, audit-log hash chain.
OpenTelemetry integration
Export Sgraal verdicts as spans into Datadog, Grafana Tempo, or Honeycomb.
Memory Vaccination
One agent is attacked, the whole fleet immunizes — herd immunity for agent memory. Beta Cross-fleet vaccine propagation is in active development — not yet production-ready. Early access: hello@sgraal.com.
Quick Start — 5 minutes
1. Get your demo key
No signup required:
2. Choose your integration
{
"mcpServers": {
"sgraal": {
"command": "npx",
"args": ["-y", "@sgraal/mcp"],
"env": { "SGRAAL_API_KEY": "sg_demo_playground" }
}
}
}
pip install sgraal
from sgraal import SgraalClient
client = SgraalClient(api_key="sg_demo_playground")
result = client.preflight(
memory_state=[{
"id": "mem_001", "type": "tool_state",
"timestamp_age_days": 54, "source_trust": 0.6
}],
action_type="irreversible",
domain="fintech"
)
print(result.recommended_action) # BLOCK
print(result.omega_mem_final) # 78.4
npm install @sgraal/mcp
const { SgraalClient } = require('@sgraal/mcp');
const client = new SgraalClient({ apiKey: 'sg_demo_playground' });
const result = await client.preflight({
memory_state: [{ id: 'mem_001', type: 'tool_state',
timestamp_age_days: 54, source_trust: 0.6 }],
action_type: 'irreversible', domain: 'fintech'
});
console.log(result.recommended_action); // BLOCK
curl -X POST https://api.sgraal.com/v1/preflight \
-H "Authorization: Bearer sg_demo_playground" \
-H "Content-Type: application/json" \
-d '{
"memory_state": [{"id": "mem_001", "type": "tool_state",
"timestamp_age_days": 54, "source_trust": 0.6}],
"action_type": "irreversible", "domain": "fintech"
}'
3. Interpret the response
{
"recommended_action": "BLOCK",
"omega_mem_final": 78.4,
"confidence": 0.94,
"explanation": "Memory entry mem_001 is 54 days old...",
"repair_plan": [{ "id": "mem_001", "action": "REFRESH" }],
"compliance_result": { "compliant": false },
"timestamp_integrity": "VALID",
"timestamp_flags": [],
"identity_drift": "CLEAN",
"identity_drift_flags": [],
"consensus_collapse": "CLEAN",
"consensus_collapse_flags": [],
"collapse_ratio": 0.0,
"attack_surface_score": 0.0,
"attack_surface_level": "NONE",
"active_detection_layers": [],
"detection_feedback_applied": false,
"provenance_chain_integrity": "CLEAN",
"provenance_chain_flags": [],
"chain_depth": 0,
"naturalness_score": 0.94,
"naturalness_level": "ORGANIC",
"vaccination_match": false,
"memory_locations_present": false,
"auto_profile_selected": true
}
Core Concepts
omega_mem_final
Risk score on a 0–100 scale. Combines freshness decay, source trust, conflict detection, provenance, and commercial intent. Maps to one of four decision bands. Concrete band cutpoints are tenant-specific and recalibrated continuously.
Action Types
The action_type parameter signals the consequence class of the agent's intended action. Sgraal applies a multiplier to the base risk score based on this class:
Exact multiplier values are tenant-calibrated.
Detection Layers (Rounds 6–8)
Six independent post-reconciliation detection layers. Each fires independently. MANIPULATED always forces BLOCK.
MemCube v4.1 — Memory Entry Schema
The standardized format for AI agent memory entries. All Sgraal endpoints accept MemCube v4.1 formatted memory states.
Two version axes: v4.1 is the field-set version of the schema (the additive set of fields supported, including the latest extensions). Responses return a memcube_version field that reports the JSON-schema serialization version (e.g. "2.0.0") — this is the schema-contract version, not a downgrade of the field set. Both are correct; they refer to different things.
Required Fields
| Field | Type | Description |
|---|---|---|
| id | string | Unique identifier |
| content | string | Memory content text |
| type | enum | One of 7 memory types |
| timestamp_age_days | float | Age in days |
| source_trust | float 0-1 | Source reliability score |
| source_conflict | float 0-1 | Contradiction level |
| downstream_count | int | Number of dependent agents |
Memory Types
Example
{
"id": "mem_001",
"content": "User prefers wire transfers under $10,000",
"type": "preference",
"timestamp_age_days": 14,
"source_trust": 0.91,
"source_conflict": 0.04,
"downstream_count": 3
}
Full JSON Schema → api.sgraal.com/v1/standard/memcube-spec
SMRS v1.0 — Memory Risk Score
Formal 0-100 risk score computed from 10 core components (plus an optional 11th, r_importance, when PageRank authority is enabled), each then deterministically adjusted by a set of analytics modules before the verdict. Determines the preflight decision.
Decision Thresholds
| Decision | Meaning |
|---|---|
| USE_MEMORY | Safe to proceed |
| WARN | Proceed with caution |
| ASK_USER | Human approval needed |
| BLOCK | Do not proceed |
Concrete band cutpoints are tenant-specific and recalibrated continuously — only the qualitative semantics are part of the public contract.
10 Components
s_freshness
s_drift
s_provenance
s_propagation
r_recall
r_encode
s_interference
s_recovery
r_belief
s_relevance
Standard body: Sgraal Governance Working Group · Version: SMRS v1.0
Full definition → api.sgraal.com/v1/standard/score-definition
SDK Quick Reference
pip install sgraal # Core Python SDK pip install langchain-sgraal # LangChain integration pip install mem0-sgraal # mem0 integration pip install openai-sgraal # OpenAI Agents SDK hook # CrewAI memory guard — coming soon, package not yet published pip install autogen-sgraal # AutoGen middleware pip install sgraal-rag # RAG pipeline filter npm install @sgraal/mcp # Claude Desktop + Cursor + Windsurf
Authentication
Authorization: Bearer sg_demo_playground
Demo
Public key, rate limited. No signup needed.
Pro
From app.sgraal.com. Flat monthly plan, hard-capped at your tier — no per-call charges.
Enterprise
Custom limits, compliance, SLA.
MCP Setup
Works with Claude Desktop, Cursor, Windsurf, and any MCP-compatible host.
{
"mcpServers": {
"sgraal": {
"command": "npx",
"args": ["-y", "@sgraal/mcp"],
"env": { "SGRAAL_API_KEY": "sg_demo_playground" }
}
}
}
Add to ~/Library/Application Support/Claude/claude_desktop_config.json and restart Claude Desktop.
All SDKs
Python
pip install sgraalCore SDK — preflight, heal, explain, compare
LangChain
pip install langchain-sgraalDrop-in memory validator
mem0
pip install mem0-sgraalPreflight hook for mem0 memories
OpenAI Agents SDK
pip install openai-sgraalPreflight hook for message history
CrewAI Coming soon
Drop-in memory guard for CrewAI agents — package not yet published; coming soon.
AutoGen
pip install autogen-sgraalContext validation middleware for AutoGen
RAG Filter
pip install sgraal-ragPipeline filter for LangChain and LlamaIndex
MCP Server
npm install @sgraal/mcpClaude Desktop, Cursor, Windsurf
Webhooks
Sgraal sends a POST to your endpoint for every BLOCK, WARN, or ASK_USER decision.
{
"event": "decision.block",
"timestamp": "2026-05-24T09:12:04Z",
"agent_id": "agent_001",
"omega": 78.4,
"action": "BLOCK",
"domain": "fintech",
"repair_plan": [{ "id": "mem_001", "action": "REFRESH" }]
}
decision.block
Agent blocked
decision.warn
Memory flagged
memory.healed
Repair executed
Rate Limits
Request throughput is a flat per-key limit — it does not vary by plan. The monthly decision quota is what differs by tier.
Authenticated
300
requests / minute (per API key)
Public / Demo
60
requests / minute (unauthenticated, incl. the demo key)
Monthly decision quota by plan
Free
10,000
decisions / month
Pro
250,000
decisions / month
Team
2,500,000
decisions / month
Enterprise
Custom
dedicated capacity, SLA
Rate limit headers
X-RateLimit-Limit: 300 X-RateLimit-Remaining: 287 X-RateLimit-Reset: 1711843200 Retry-After: 13 # only on 429
Compliance Profiles
EU_AI_ACT
Article 9, 12, 13, 14, 17. Auto conformity declaration.
GDPR
Right-to-erasure, data portability, sub-processor disclosure.
FDA_510K
Medical-device software validation. Substantial equivalence.
HIPAA
phi_integrity rule. Tenant-isolated PHI handling.
Error Codes
Bad Request
Invalid memory_state or missing fields.
Unauthorized
Missing or invalid API key.
Forbidden
Feature not available on your plan.
Rate Limited
Too many requests. Retry-After header included.
Internal Error
Contact support if persistent.