Engram stores everything in a single directory on your local filesystem. There are no background services, no cloud accounts, and no binary databases — just a small collection of plain text files you can read, edit, back up, and version-control with any tool you already use. This page explains what every file is, how it is formatted, and how the undo and backup mechanisms work.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/xantorres/engram/llms.txt
Use this file to discover all available pages before exploring further.
Store location
The default store directory is:ENGRAM_STORE environment variable or the store_dir key in engram.toml. All relative paths on this page are relative to the store root.
Directory layout
The store directory is created with
0700 permissions (owner read/write/execute only). All files inside are created with 0600 permissions (owner read/write only). Engram refuses to start if it detects looser permissions on an existing store.memory.md — the primary registry
memory.md is the heart of the store. It has two sections separated by the YAML frontmatter delimiters (---):
- Frontmatter — machine-managed YAML that is the authoritative source of truth for every promoted memory.
- Body — a human-readable Markdown section regenerated from the frontmatter on every
sync --applyordoctor --fixrun. Do not hand-edit the body — your changes will be overwritten. Edit the frontmatter instead.
Frontmatter structure
schema: memory.v1 header lets Engram detect the store version and run automatic migrations when the schema evolves.
Generated body section
Below the closing---, Engram writes a plain-Markdown view of all promoted, non-stale memories, grouped by kind:
AGENTS.md / CLAUDE.md / CURSOR.md and exposes via the memory://facts MCP resource. Agents consume plain Markdown — they never see raw YAML.
memory-log.md — the append-only auto-capture log
memory-log.md is a newest-first, append-only log for tier-1 memories that were routed directly without human review. It is intentionally separate from the main registry so you can quickly audit what Engram wrote on your behalf.
id and an ISO 8601 timestamp in an HTML comment so automated tools can parse the log without disrupting the human-readable display.
memory-log.md is not a source of truth for the memory schema — it is a display log. The canonical record for every memory, including those in the log, is the YAML frontmatter in memory.md. The log entries reference id values so you can cross-reference.queue/ — pending review candidates
Every staged memory that requires human review — all tier-3 memories and any conflict — is written to queue/<mem-id>.json as a JSON envelope. The envelope is a verbatim serialisation of the Memory model plus routing metadata:
routing.reason field tells you exactly why the memory was held: curated_kind, conflict, or edits_curated_node.
queue/_done/
When you run engram promote <id> --confirm or engram reject <id>, the JSON file is moved from queue/ to queue/_done/ with status updated to promoted or rejected. Items in _done/ are never surfaced during recall but are retained for audit and undo purposes.
audit.jsonl — the append-only audit trail
Every state-changing operation appends a line to audit.jsonl. The file is newline-delimited JSON (JSONL) and is never truncated or modified — only appended to.
| Field | Description |
|---|---|
ts | ISO 8601 timestamp of the operation |
op | Operation name: auto_append, promote, reject, harvest, undo |
id | Memory ID affected |
tier | Risk tier at time of operation |
undo_token | Reference to the .bak/ snapshot that can reverse this operation, or null if not reversible |
.bak/ — snapshots for single-step undo
Before any write that modifies memory.md or memory-log.md, Engram writes a snapshot of the current file to .bak/. The snapshot filename matches the undo_token in audit.jsonl.
undo_token from audit.jsonl, restores the corresponding .bak/ snapshot, and writes an {"op":"undo"} entry back to the audit log. Only the single most recent write operation can be undone this way — Engram is not a full revision-control system.
File permissions
| Path | Permissions | Rationale |
|---|---|---|
~/.local/share/engram/ | 0700 | Directory not visible to other users |
memory.md | 0600 | Contains curated personal facts |
memory-log.md | 0600 | May contain sensitive auto-captures |
queue/*.json | 0600 | Pending candidates may include fiscal/health data |
audit.jsonl | 0600 | Audit trail includes operation history |
.bak/*.bak | 0600 | Backup copies of sensitive files |
o+r) bits set.
Backing up and syncing the store
Because the store is plain files, you can protect and sync it with any tool: Git:ENGRAM_STORE at a path inside your sync folder:
Sync conflict advice
Sync conflict advice
If two machines write to the store simultaneously (e.g., via Dropbox), you may see a sync conflict file. Resolve it by keeping the version with the higher memory count and running
engram doctor to check for inconsistencies. Because audit.jsonl and memory-log.md are append-only, they can usually be merged by concatenating the unique lines from both conflict versions.The
queue/ directory and .bak/ directory are intentionally excluded from the example .gitignore above. You may choose to commit queue/ if you want to synchronise pending reviews across machines, but .bak/ snapshots are ephemeral and should not be tracked.