docs: update public-facing docs for v0.12.0 and add release checklist

- SECURITY.md: update supported versions table, add memory integrity section
- PRIVACY.md: add provenance hashes and trust state to data types table
- AGENTS.md: update doctor check count (23) and hook file count (35)
- README.md: remove hardcoded doctor check count
- docs/design_context.md: update generated date
- docs/release_checklist.md: comprehensive pre-release checklist

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Author: sgx-labs

AGENTS.md

@@ -47,7 +47,7 @@ cmd/same/
   config_cmd.go        # Config show/edit
   demo_cmd.go          # Interactive demo
   display_cmd.go       # Display mode switching
-  doctor_cmd.go        # 19 diagnostic checks
+  doctor_cmd.go        # 23 diagnostic checks
   feedback_cmd.go      # Note relevance feedback
   graph_cmd.go         # Knowledge graph query/path/stats/rebuild
   guard_cmd.go         # Push protection
@@ -69,7 +69,7 @@ cmd/same/
   web_cmd.go           # Local dashboard server (`same web`)
 
 internal/
-  hooks/               # Claude Code hook handlers (20 files)
+  hooks/               # Claude Code hook handlers (35 files)
     runner.go             # Hook execution engine
     context_surfacing.go  # UserPromptSubmit: surface relevant notes
     session_bootstrap.go  # SessionStart: orient with handoff + decisions

PRIVACY.md

@@ -1,6 +1,6 @@
 # Privacy Policy
 
-**Last updated:** 2026-02-05
+**Last updated:** 2026-03-11
 
 SAME (Stateless Agent Memory Engine) is designed to be local-first and privacy-respecting.
 
@@ -10,6 +10,8 @@ SAME (Stateless Agent Memory Engine) is designed to be local-first and privacy-r
 |-----------|---------------|-----------|
 | Your markdown notes | Read from disk, never transmitted | N/A (your files) |
 | Embeddings (vectors) | Stored locally in SQLite | Until you delete or reindex |
+| Provenance hashes | SHA256 of source files, stored locally in SQLite | Until you delete or reindex |
+| Trust state | Per-note metadata, stored locally in SQLite | Until you delete or reindex |
 | Search queries | Processed locally | Not stored |
 | Config settings | Stored in `.same/config.toml` | Until you delete |
 

README.md

@@ -230,7 +230,7 @@ No telemetry. No cloud. Path traversal blocked. Config files written with owner-
 | `same search <query>` | Search your notes |
 | `same search --all <query>` | Search across all vaults |
 | `same status` | See what SAME is tracking |
-| `same doctor` | Run 19 diagnostic checks |
+| `same doctor` | Run diagnostic checks |
 | `same claim <path> --agent <name>` | Advisory file ownership for multi-agent |
 | `same pin <path>` | Always include a note in sessions |
 | `same graph stats` | Knowledge graph diagnostics |
@@ -294,7 +294,7 @@ cd statelessagent && make install
 <details>
 <summary><strong>Troubleshooting</strong></summary>
 
-Start with `same doctor` -- it runs 19 checks and tells you what's wrong.
+Start with `same doctor` -- it runs 20+ checks and tells you what's wrong.
 
 **"No vault found"** -- Run `same init` from inside your notes folder, or set `VAULT_PATH=/path/to/notes`.
 

SECURITY.md

@@ -4,10 +4,10 @@
 
 | Version | Supported          |
 | ------- | ------------------ |
-| 0.9.x   | :white_check_mark: |
-| 0.8.x   | :white_check_mark: |
-| 0.7.x   | Security fixes only |
-| < 0.7   | :x:                |
+| 0.12.x  | :white_check_mark: |
+| 0.11.x  | :white_check_mark: |
+| 0.10.x  | Security fixes only |
+| < 0.10  | :x:                |
 
 ## Reporting a Vulnerability
 
@@ -61,10 +61,18 @@ SAME is designed with a local-first security model:
 ### Path Traversal Protection
 - MCP `get_note` tool validates paths stay within vault boundary
 - Symlink resolution verifies real path stays inside vault (v0.8.3)
+- Provenance source paths validated before file reads (v0.12.0)
+- Source divergence checks validate stored paths before reads (v0.12.0)
 - Relative path components (`..`) are rejected
 - Null bytes in paths are rejected
 - Windows drive-letter paths are rejected regardless of host OS
 
+### Memory Integrity (v0.12.0)
+- Provenance tracking records SHA256 hashes of source files at capture time
+- Trust state (`validated`, `stale`, `contradicted`, `unknown`) affects search ranking
+- Staleness and divergence context tags are sanitized against prompt injection
+- YAML frontmatter values are sanitized to prevent injection via newlines
+
 ### Input Validation
 - All user inputs are validated before processing
 - SQL queries use parameterized statements (no injection risk)

docs/design_context.md

@@ -265,4 +265,4 @@ These features have detailed design docs but no implementation yet. The developm
 ---
 
 *This document was generated from vault design sessions. It contains no PII, client data, or personal information.*
-*Last generated: 2026-02-06*
+*Last generated: 2026-03-11*

docs/release_checklist.md

@@ -0,0 +1,95 @@
+# Release Checklist
+
+Run through this checklist **every release**, no exceptions.
+
+## 1. Version Bump
+
+- [ ] `Makefile` — `VERSION` variable
+- [ ] `npm/package.json` — `"version"`
+- [ ] `server.json` — `"version"`
+- [ ] `CHANGELOG.md` — new section at top
+
+## 2. Build & Test Gate
+
+```bash
+make release-candidate    # precheck + vet + migration test
+go test ./... -count=1    # full test suite
+```
+
+## 3. MCP Tool Count
+
+If tools were added/removed, update the count in **all** of these:
+
+- [ ] `README.md` — badge, MCP tools table, description
+- [ ] `npm/README.md` — heading + table
+- [ ] `AGENTS.md` — `mcp/` line in project structure
+- [ ] `Dockerfile` — OCI label
+- [ ] `server.json` — description
+- [ ] `glama.json` — description + tools array
+- [ ] `npm/package.json` — description
+- [ ] `internal/setup/mcp.go` — print message + tool list
+
+Quick check: `grep -rn "17 tools\|17 MCP" --include='*.md' --include='*.go' --include='*.json' --include='Dockerfile'`
+
+## 4. Doctor Check Count
+
+If checks were added/removed in `doctor_cmd.go`:
+
+- [ ] `AGENTS.md` — `doctor_cmd.go` comment
+- [ ] `README.md` — do NOT hardcode a number (use "20+ checks" or "diagnostic checks")
+
+Quick check: `grep -c 'check(' cmd/same/doctor_cmd.go`
+
+## 5. Public-Facing Docs
+
+- [ ] `SECURITY.md` — supported versions table
+- [ ] `PRIVACY.md` — data types table (add new stored data types)
+- [ ] `CHANGELOG.md` — no self-deprecating language ("aspirational", "inflated", etc.)
+- [ ] `README.md` — no inflated timing claims, feature list current
+- [ ] `docs/design_context.md` — "Last generated" date
+
+## 6. Scrub
+
+- [ ] No PII, banned terms, strategy language (see `.claude/CLAUDE.md`)
+- [ ] No embarrassing TODOs, HACKs, or debug prints in new code
+- [ ] Commit messages are clean (no banned terms — see `.claude/CLAUDE.md`)
+- [ ] No hardcoded test paths or personal directories
+
+Quick check: `git log --oneline HEAD~5..HEAD` — review every message.
+
+## 7. Security
+
+- [ ] New MCP handlers use `neutralizeTags()` on output
+- [ ] New file reads validate paths with `safeVaultPath()`
+- [ ] New XML wrapper tags added to `sanitizeContextTags()` tag list
+- [ ] New frontmatter writes strip newlines from user input
+- [ ] `make security-test` passes
+
+## 8. Tag & Push
+
+```bash
+git tag vX.Y.Z
+same push-allow && git push origin main
+same push-allow && git push origin vX.Y.Z
+```
+
+## 9. GitHub Release
+
+```bash
+gh release create vX.Y.Z --title "vX.Y.Z — Title" --notes-file /tmp/release-notes.md
+```
+
+## 10. npm Publish
+
+```bash
+cd npm && npm publish
+```
+
+Verify: `npm view @sgx-labs/same version` should show the new version.
+
+## 11. Post-Release
+
+- [ ] Verify `npx -y @sgx-labs/same version` shows new version
+- [ ] Verify `curl -fsSL https://statelessagent.com/install.sh | bash` works
+- [ ] Announce on Discord
+- [ ] Check GitHub release page renders correctly