Own your AI memory. Take it everywhere.
Project description
Cortex
Git for AI memory. Local-first, MCP-native.
Cortex is a local memory layer for AI agents. It gives you a user-owned graph on disk with Git-like commits, branches, merge, blame, and source-backed retraction — and an MCP server any agent can read from.
No Cortex cloud. No Cortex API key. Your agent keeps using its own LLM; Cortex is just where the memory lives. Optional model-based extraction uses your own provider key.
Works with: Claude Code · Cursor · Codex · Windsurf · Copilot · Gemini CLI · ChatGPT · Grok · OpenClaw · Hermes
python3.11 -m pip install --upgrade "cortex-identity @ git+https://github.com/Junebugg1214/Cortex-AI.git@main"
cortex init
cortex mind remember self "We use TypeScript and Supabase"
cortex mind mount self --to codex --project . --task "product strategy"
Demos: retraction · portability · audience (also available as asciinema casts)
Local-first. No Cortex cloud, no Cortex key. Integrate over MCP, local REST, or SDK. Model extraction is opt-in and uses your own provider key.
This README is intentionally implementation-aligned. Examples use supported commands and supported input formats on a fresh install.
Install
The current Mind CLI (cortex init, cortex mind ...) is available from the
GitHub build. A plain pip install cortex-identity may install an older PyPI
wheel whose help output does not include init or mind.
python3.11 -m pip install --upgrade "cortex-identity @ git+https://github.com/Junebugg1214/Cortex-AI.git@main"
cortex --help # should list init and mind
On Windows, if pip says the user Scripts directory is not on PATH, add it for
the current terminal before running cortex:
py -3.11 -m pip install --user --upgrade "cortex-identity @ git+https://github.com/Junebugg1214/Cortex-AI.git@main"
set "PATH=%APPDATA%\Python\Python311\Scripts;%PATH%"
cortex --help
For development from source:
git clone https://github.com/Junebugg1214/Cortex-AI.git
cd Cortex-AI
python3.11 -m pip install -e ".[dev]"
cortex --help
Quickstart: create a local Mind and mount it into Codex
mkdir cortex-demo
cd cortex-demo
cortex init
cortex mind remember self "We use TypeScript and Supabase."
cortex mind compose self --to codex --task "product strategy"
cortex mind mount self --to codex --project . --task "product strategy"
cortex mind mount writes a Cortex-managed block into AGENTS.md while preserving content outside the Cortex markers.
Use cortex mount watch when you have a graph file you want to keep mounted after changes. An example appears in the extraction section below.
Extraction
Create a supported source file:
cat > policy_v3.md <<'EOF_POLICY'
# Policy v3
Data retention is 90 days.
We use Python, TypeScript, and Supabase.
Please keep compliance summaries concise.
EOF_POLICY
Extract it into a Cortex graph:
cortex extract run policy_v3.md --output policy_v3.context.json
cortex mount watch --project . --graph policy_v3.context.json --interval 30 --to codex
Default extraction is local and rule-based. Model and hybrid extraction are available when configured, and all current backends use the typed extraction contract described in docs/EXTRACTION.md.
Model extraction is opt-in:
export CORTEX_HOT_PATH_BACKEND=model
export CORTEX_ANTHROPIC_API_KEY=sk-ant-...
cortex extract run policy_v3.md --output policy_v3.context.json
PDFs require pre-conversion to a supported text or JSON format before ingest. See docs/INGEST_FORMATS.md for the exact loader catalog, and docs/EXTRACTION.md for pipeline stages, diagnostics, replay, evals, and the cost-aware router.
Versioning workflow
cortex commit policy_v3.context.json -m "Initial policy memory"
cortex log --limit 5
cortex branch policy-review --switch
cortex commit policy_v3.context.json -m "Review policy context"
cortex branch switch main
cortex merge policy-review --dry-run
Cortex stores graph snapshots with refs and branch pointers under .cortex/. Recent versions use a Merkle-chained version id that folds ancestry metadata into the commit digest while leaving the graph hash as the content hash.
Retraction and provenance
Cortex can retract source-backed graph content when nodes and edges carry provenance. The current safe workflow is to inspect source lineage first, then retract with a dry run:
cortex source list --mind self
After cortex source list shows a real source id, use cortex source retract <source-id> --mind self --dry-run before confirming a retraction. Extraction and merge paths attach provenance for generated nodes so retraction has lineage to follow.
Portability
Cortex can write target-specific context files and artifacts. Round-trip pull support is narrower than write support.
| Target | Write / mount | Round-trip (pull) |
|---|---|---|
| Claude | ✅ | ✅ |
| Notion | ✅ | ✅ |
| SystemPrompt | ✅ | ✅ |
| Claude Code | ✅ | ⚠ write-only |
| Codex | ✅ | ⚠ write-only |
| Cursor | ✅ | ⚠ write-only |
| Copilot | ✅ | ⚠ write-only |
| Windsurf | ✅ | ⚠ write-only |
| Gemini CLI | ✅ | ⚠ write-only |
| ChatGPT export artifacts | ✅ | ⚠ write-only |
| Grok export artifacts | ✅ | ⚠ write-only |
| Hermes runtime context | ✅ | ⚠ write-only |
Examples:
cortex sync policy_v3.context.json --to codex --project .
cortex mount watch --project . --graph policy_v3.context.json --to codex cursor
cortex source status --project .
cortex status --project .
cortex sync and cortex mount watch preserve user content outside Cortex marker blocks when writing instruction files.
Deduplication
Deduplication today uses lexical label similarity plus graph-neighbor overlap. It does not use embeddings. Duplicate candidates are compacted transitively, so if A matches B and B matches C above threshold, all three can collapse into one canonical node even when A and C are below threshold directly.
Remotes and federation
Remotes today are local-filesystem paths only. Network transport is on the roadmap.
Federation bundles are signed graph exports for cross-instance sharing. Signature verification reports structured failures for malformed bundles, untrusted keys, and invalid signatures.
Agent runtime
The agent runtime commands are available under the admin namespace:
$ cortex admin agent monitor --interval 300
$ cortex admin agent compile --mind personal --output cv
$ cortex admin agent status
MCP and local service surfaces
cortex serve mcp --help
cortex serve --help
cortex admin openapi --help
The HTTP server is intended for local or operator-managed deployments. Put it behind a real TLS/auth/rate-limit boundary before exposing it beyond localhost.
Core commands
| Command | Purpose |
|---|---|
cortex init |
Initialize .cortex and the default Mind |
cortex mind remember |
Add a fact or preference to a Mind |
cortex mind compose |
Preview a target-specific runtime slice |
cortex mind mount |
Write a Mind slice into supported local tool files |
cortex mount watch |
Poll a graph and refresh mounted context files |
cortex extract run |
Convert supported input files into a Cortex graph |
cortex sync |
Propagate context across configured targets |
cortex compose |
Render context without writing a persistent mount |
cortex commit |
Save a graph snapshot to the version store |
cortex branch |
Create or list memory branches |
cortex branch switch |
Switch active branch |
cortex merge |
Merge another memory branch |
cortex diff |
Compare two versions |
cortex debug review |
Review a graph or branch before merge |
cortex source |
Inspect and retract source lineage from Minds |
cortex pack |
Manage Brainpacks |
cortex audience |
Manage audience disclosure policies |
cortex remote |
Push/pull local-filesystem remotes |
cortex verify |
Verify signed exports |
cortex admin integrity check |
Verify store lineage, version chains, and checksums |
cortex admin doctor |
Inspect and repair local store/config issues |
Run cortex COMMAND --help for the exact flags supported by your installed version.
Development
git clone https://github.com/Junebugg1214/Cortex-AI.git
cd Cortex-AI
python3.11 -m pip install -e ".[dev]"
ruff check cortex tests
python3.11 -m pytest tests -q --tb=short
Status
Cortex is production-fit for disciplined local-first and small-team self-hosted workflows. It is not a hosted memory cloud, not a cloud multi-tenant service, and not a default LLM extractor. The strongest current core is versioned graph storage, branch/merge/review, source-backed retraction, local tool mounts, audience filtering, and MCP/local service integration.
License
MIT. See LICENSE.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file cortex_identity-1.6.0.tar.gz.
File metadata
- Download URL: cortex_identity-1.6.0.tar.gz
- Upload date:
- Size: 757.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
26e88eb8ce8b1ff6e3d8d4970f8114f9b060e4e9e1f2080ede9f89b4fde206e6
|
|
| MD5 |
f1ca0e99263c0d58ad020ccbeeb8ef44
|
|
| BLAKE2b-256 |
d54c529dbae614456dcee3945b87e73a48537aefd57e9c11933fc6a2206d3c25
|
Provenance
The following attestation bundles were made for cortex_identity-1.6.0.tar.gz:
Publisher:
publish.yml on Junebugg1214/Cortex-AI
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
cortex_identity-1.6.0.tar.gz -
Subject digest:
26e88eb8ce8b1ff6e3d8d4970f8114f9b060e4e9e1f2080ede9f89b4fde206e6 - Sigstore transparency entry: 1359340034
- Sigstore integration time:
-
Permalink:
Junebugg1214/Cortex-AI@7a3894d38ee8f107370b32647dd1d25fab2a62ca -
Branch / Tag:
refs/tags/v1.6.0 - Owner: https://github.com/Junebugg1214
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@7a3894d38ee8f107370b32647dd1d25fab2a62ca -
Trigger Event:
push
-
Statement type:
File details
Details for the file cortex_identity-1.6.0-py3-none-any.whl.
File metadata
- Download URL: cortex_identity-1.6.0-py3-none-any.whl
- Upload date:
- Size: 679.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b4caf3f9087a390024757865d2c9c3a671ae9083760beb19494fec5a6e2543c1
|
|
| MD5 |
7d3302b3823f406d9f1fc72b270003c7
|
|
| BLAKE2b-256 |
93d38a87f61a54711c3237508d99b4014cfdfe283301ba90ab11ce19a4b68c48
|
Provenance
The following attestation bundles were made for cortex_identity-1.6.0-py3-none-any.whl:
Publisher:
publish.yml on Junebugg1214/Cortex-AI
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
cortex_identity-1.6.0-py3-none-any.whl -
Subject digest:
b4caf3f9087a390024757865d2c9c3a671ae9083760beb19494fec5a6e2543c1 - Sigstore transparency entry: 1359340069
- Sigstore integration time:
-
Permalink:
Junebugg1214/Cortex-AI@7a3894d38ee8f107370b32647dd1d25fab2a62ca -
Branch / Tag:
refs/tags/v1.6.0 - Owner: https://github.com/Junebugg1214
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@7a3894d38ee8f107370b32647dd1d25fab2a62ca -
Trigger Event:
push
-
Statement type: