Team review

Local agent memory without a new cloud data boundary.

A practical checklist for engineering leads and security reviewers evaluating Link for a small team, repo, or design partner pilot.

Deployment Model

Link is designed as a local personal or repo-local memory layer. Each developer runs the CLI, optional skills, and MCP server on their own machine. The web viewer is optional and only serves the local UI.

No server dependency lnk serve is only the human web viewer. CLI, skills, and MCP access work directly against local Markdown files when the viewer is closed. 
brew install gowtham0992/link/link
lnk init ~/link
lnk health ~/link
lnk connect codex ~/link

Data Boundaries

  • raw/ contains private source material and is gitignored by default.
  • wiki/ contains structured Markdown pages, memories, logs, and backlinks.
  • link-mcp talks over stdio to the local agent client. It does not require serve.py.
  • The installed product has no telemetry, hosted backend, or outbound API calls.
  • Secret-looking values are scanned before capture, ingest, Obsidian import, and doctor checks.
lnk ingest-status ~/link
lnk doctor ~/link
lnk validate ~/link

Memory Approval Gates

Agents can propose memories, but durable memory should be explicit and reviewable. Link keeps memory as Markdown with type, scope, visibility, project, source, review status, optional review dates, and optional expiry dates.

lnk propose-memories raw/notes.md ~/link
lnk memory-inbox ~/link
lnk review-memory memory-name ~/link
lnk archive-memory memory-name ~/link --reason stale

For temporary context, use expires_at. For decisions that should be re-confirmed, use review_after. For team handoff, keep personal context at visibility: private and only mark memories project or team after the user explicitly approves sharing them.

Team Sharing Pattern

The safest early team workflow is Git-backed sharing of reviewed wiki pages. Keep raw sources local unless the team explicitly decides to share them.

lnk team-sync ~/link --remote git@example.com:team/link-memory.git
lnk compliance-export ~/link --output link-audit.json
lnk backup ~/link

lnk team-sync is read-only. It checks Git state, raw-source protection, review readiness, and whether active visibility: private memories would be swept into a broad git add wiki. It prints paste-safe commands instead of pushing data for you.

Audit Packet

lnk compliance-export creates a redacted JSON packet for review. It includes readiness, validation status, memory review counts, operation markers, recent audit log metadata, and safe next actions. Raw source contents and memory bodies are excluded.

lnk compliance-export ~/link --output link-audit.json
lnk wins ~/link
lnk memory-log ~/link

Current Limits

  • Link is local-first and single-user by default. It is not an SSO-backed team server.
  • The local web viewer has no authentication and should not be exposed beyond loopback.
  • Git sharing is intentionally manual so teams see exactly what is being committed.
  • Access control is currently based on local files, project filters, and review workflow, not centralized RBAC.

Security Review Checklist

  1. Run lnk health ~/link and verify readiness is green.
  2. Run lnk doctor ~/link and resolve secret or validation warnings.
  3. Run lnk compliance-export ~/link --output link-audit.json.
  4. Confirm raw/, backups, caches, and local MCP Python markers are ignored by Git.
  5. Review wiki/log.md, lnk memory-log ~/link, and lnk wins ~/link.
  6. Only share reviewed wiki/ pages whose memories are marked visibility: project or visibility: team.