Enterprise AI adoption currently hits a wall not at the level of model capability, but at the boundary of data sovereignty. For years, the trade-off has been binary: utilize the immense reasoning power of cloud-based LLMs while risking proprietary data leakage, or settle for isolated local models that lack the structural intelligence to handle complex corporate knowledge. This tension has created a demand for systems that do not just retrieve text, but understand the relational architecture of information without ever sending a single packet to an external API. This is the gap that JAMES seeks to close, positioning itself as a local-first knowledge engine that prioritizes the integrity of the graph over the convenience of the cloud.
The Platform Skeleton and the Three-Stage Security Pipeline
The release of JAMES v0.3.0, dubbed the Platform Skeleton, marks a pivotal transition from theoretical design to executable infrastructure. On May 17, 2026, the project integrated its cognitive middleware layer directly into the main branch, moving the system's core logic out of design documents and into production-ready code. This version is not merely a feature update but a hardening of the foundation, having cleared all six axes of Foundation Hardening by May 13, 2026. The commitment to security is quantified by the project's adherence to the Open Source Security Foundation (OpenSSF) Best Practices, where it recorded a 111% Tiered achievement rate under project #12806. This metric signals a shift from academic experimentation toward a tool designed for environments where security is a non-negotiable requirement.
To enforce this security, JAMES employs a rigorous three-stage pipeline that governs every interaction with the knowledge base. The process begins with the pre_check stage, which acts as a firewall against prompt injection attacks, ensuring that malicious inputs cannot manipulate the engine's internal logic. Once the input is cleared, the system invokes Attribute-Based Access Control (ABAC) during the retrieval phase. Unlike traditional role-based access, ABAC dynamically determines permissions based on the specific attributes of the data and the requester, providing granular control over who can see which node in the knowledge graph. The final stage is the post_filter and PII (Personally Identifiable Information) masking layer, which scrubs sensitive data from the output before it reaches the user. This end-to-end enforcement ensures that security policies are not optional add-ons but are baked into the data flow itself.
Parallel to these security measures, the system has matured its knowledge management capabilities. The migration of the Knowledge Cascade from Phase A to Phase E is now complete, successfully integrating 213 entities and 656 relations. This migration represents more than a data transfer; it establishes a hierarchical understanding of knowledge that allows the engine to perform complex reasoning across linked concepts. To ensure this infrastructure can scale to enterprise needs, the project adopted the MIT license and implemented bcrypt for password hashing alongside SHA-256 transparent migration (PR #173). These choices reflect a pragmatic approach to authentication and licensing, ensuring the system remains both open and robust.
For developers looking to deploy this infrastructure locally, the setup is designed for immediate utility:
git clone https://github.com/Hashevolution/James-RAG-Evol
cp .env.example .env
pip install -r requirements.txt
ollama pull gemma2:2b
python server_llmwiki.pyCognitive Middleware and the Gemma 4 Benchmark
The true distinction of JAMES v0.3.0 lies in its move away from standard Retrieval-Augmented Generation (RAG). Traditional RAG systems typically function as simple pipelines: they find relevant text chunks and stuff them into a prompt. JAMES replaces this linear process with a modular cognitive middleware layer. By decoupling the reasoning process into a verification engine (PR #290), a planner for task decomposition (PR #297), and a tool router (PR #295), the system transforms the LLM from a simple text generator into a coordinator of logical operations. This architecture allows developers to visualize the exact reasoning path the system took to reach an answer, turning the 'black box' of AI into a transparent, traceable graph of decisions.
This structural transparency was put to the test through a collaboration with Ali Afana, resulting in a regression test suite consisting of 83 distinct injection attack scenarios. The team used this suite to benchmark three variants of Gemma 4: the E4B, the 26B MoE, and the 31B Dense models. To ensure the results were scientifically valid, the team introduced the injection-fixtures schema v1.1 (PR #311 $ ightarrow$ #317 $ ightarrow$ #322), which standardized data normalization and context catalogs. This infrastructure allows the team to quantitatively measure how resilient each model variant is to adversarial inputs, providing a blueprint for selecting the right model based on the specific security profile of the deployment.
However, the development process has also revealed the inherent instabilities of current-generation models. During the integration of the Gemma 4 E4B model into the cognitive pipeline, the team observed five instances of empty responses. Rather than suppressing these failures, the JAMES team has documented them publicly, analyzing four separate hypotheses to identify the root cause. This transparency is critical for the broader AI community, as it highlights the gap between a model's general benchmark performance and its reliability when constrained by a strict cognitive middleware layer. The goal of this modularity is not to eliminate error entirely, but to make those errors observable and replaceable. By isolating the planner from the router and the verifier, the system ensures that a failure in one model variant does not collapse the entire knowledge engine.
To maintain this level of engineering rigor, the project has implemented a ruff F-class baseline for static analysis and integrated a lint workflow via GitHub Actions (PR #205). These tools prevent the accumulation of technical debt and ensure that the codebase remains maintainable as it scales. The result is a system where the logic of the Graph-RAG is separated from the weights of the LLM, allowing the underlying model to be swapped as newer, more efficient versions emerge without rebuilding the security or cognitive layers.
As the project moves toward v0.4, the focus will shift toward multi-user environments and high-load stress testing. For now, the v0.3.0 Platform Skeleton provides a definitive reference for any team needing to index technical documentation or internal wikis in a strictly local environment. By combining a typed-graph approach with a modular cognitive layer, JAMES offers a path toward AI systems that are not just intelligent, but auditable and secure.
This architecture transforms the local LLM from a chatbot into a verifiable knowledge operating system.
