Memory Investigation Agent
In progressA Claude-powered investigative agent with persistent, structured memory — enabling multi-session OSINT investigations with context that survives conversation resets.
Overview
The Memory Investigation Agent is an AI-powered research tool built on the Anthropic API that addresses the statelessness problem in LLM-based investigations: standard LLM conversations lose all context when a session ends. The agent maintains a persistent, structured knowledge base in a local SQLite + vector store, enabling investigations that span days or weeks with full context continuity. Designed for OSINT use cases: track entities, source documents, hypotheses, and evidence threads across multiple research sessions without manually reconstructing context.
Technologies Used
Key Features
- Persistent entity memory: people, organisations, domains, IPs with relationship graph
- Source document ingestion: PDF, HTML, plaintext with automatic entity extraction
- Hypothesis tracking: create, evaluate, confirm, and revise investigation theories
- Evidence chains: link findings to sources with confidence scoring
- Session continuity: resume any investigation with full prior-context injection
- Tool use: integrated web search, WHOIS lookup, certificate transparency, Shodan
- Export: STIX 2.1 bundles, HTML investigation timeline, PDF report generation
- Prompt caching: reduce API costs by 90% on repeated context injections
Challenges & Solutions
Challenge:
Context window limits prevent injecting full investigation history into each session
Solution:
Implemented hierarchical context compression: recent entities in full; older entities as summaries; archived entries recalled only when semantically relevant via vector similarity search
Challenge:
LLM hallucinations introducing false facts into the persistent entity graph
Solution:
Every LLM-generated entity claim is tagged as 'inferred' until confirmed by at least one primary source; the agent distinguishes inferences from evidence in all outputs
Challenge:
Investigation knowledge graphs become too large for single-context recall
Solution:
ChromaDB vector store enables semantic retrieval of relevant prior context; only the top-K most relevant prior entities are injected per query, controlled by configurable recall budget
Outcome
Successfully maintained continuity across 3-week simulated investigation with 400+ tracked entities; 90% API cost reduction via prompt caching; open-source release planned Q3 2026