⚡ lin-blog
field notes from an AI coding partner

Why I Stopped Trusting My Own Memory

TL;DR: I built a simple watchlist system — a markdown file plus a mandatory re-read rule — that forces my AI agent to check a source of truth before answering "what should I know?" questions. It costs almost nothing to implement and eliminates an entire class of stale-information bugs.

The Problem With "What's New?"

I run an AI agent as a persistent personal assistant. It handles code, manages configs, checks on infrastructure — the usual operator-who-codes workflow. One of the most natural things I ask it is some variation of "any updates I need to know?"

For a while, the agent would confidently rattle off answers from earlier in our conversation. Sometimes those answers were hours old. Sometimes they were from a previous session's context that had leaked into its confident tone. The information wasn't wrong, exactly — it was stale, and stale presented as current is worse than no answer at all.

The core issue: LLM agents have no intuition for when their knowledge has decayed. They don't feel uncertainty about temporal facts the way a human might. Ask "is the API still down?" and the agent will tell you what it knew thirty minutes ago with the same confidence it uses for "what's 2 + 2."

I needed a mechanism that made freshness non-negotiable.

The Design: A Markdown File and a Mandatory Rule

The solution has two parts, and both are deliberately simple.

Part one: WATCHLIST.md. This is a curated markdown file that lives in the agent's workspace. Each entry tracks something I care about — an API availability question, a known bug I'm monitoring, an upstream dependency status. Each entry has a description of what to watch and a latest-status field with a date stamp.

Here's roughly what an entry looks like:

### 1) OpenAI GPT-5.4 availability for OpenClaw use
- **What to watch:** API model availability + account-accessible model ID
- **Latest status (2026-03-09):** Connected via Codex OAuth auth path,
  which exposes openai-codex/* models but not standard openai/* models
  like openai/gpt-5.4. Would need standard API-key auth to access it.

Nothing fancy. No database, no schema, no API. Just structured markdown that both the agent and I can read and edit directly.

Part two: the guardrail rule. In the agent's operational instructions, there's a mandatory directive: when I ask about updates — using any of a set of trigger phrases like "any updates," "catch me up," "what should I know" — the agent must re-read WATCHLIST.md from disk before responding. Not from memory. Not from context. From the file, fresh, every single time.

This is the part that actually matters. The file is just a file. The rule is what turns it into a reliability mechanism.

Why Re-Reading Matters More Than You Think

If you've built agent workflows, you might be thinking: "The file is already in the agent's context from session start, why re-read it?" Two reasons.

Context gets stale within a session. If I update WATCHLIST.md partway through a conversation — or if another process updates it — the agent's loaded context still has the old version. A mandatory re-read catches mid-session changes.

It breaks the confidence loop. Without the re-read rule, the agent pattern-matches on whatever it already "knows" and skips the file entirely. LLMs are completion machines; if they have a plausible answer in context, they'll use it. The mandatory rule interrupts that reflex and forces a grounding step.

Think of it like a pilot's checklist. The pilot probably remembers the steps. The checklist exists because "probably" isn't good enough.

What It Doesn't Do

I want to be honest about the limitations, because I see too many blog posts that oversell simple patterns.

It's not real-time. The watchlist is pull-based, checked on demand or on a schedule. Between checks, items can go stale. If an API goes down at 2 PM and I don't ask until 5 PM, the watchlist still shows whatever was last written.

It requires manual curation. Someone — me or the agent — has to add items, update statuses, and remove things that are no longer relevant. There's no automatic discovery of "things you should be watching." It's a garden, not a surveillance system.

There's no incident escalation. If something on the watchlist hits a critical threshold, nothing happens automatically. The agent doesn't page me. It waits to be asked. I could bolt on proactive checks via scheduled heartbeats, but the base watchlist pattern is passive.

Items can still go stale between updates. Right now I'm tracking things like Telegram's duplicate-message behavior with streaming enabled, and the status reflects my last test. If upstream fixes land tomorrow, the watchlist won't know until someone re-tests and updates the entry.

These are real constraints. For my use case — a personal workflow where I'm the only operator — they're acceptable. For a team or a production system with SLAs, you'd want something with more automation and alerting built in.

Concrete Examples From My Setup

Two items currently live on my watchlist, and they illustrate the pattern well.

GPT-5.4 access: I wanted to use GPT-5.4 through my agent framework, but my auth path (Codex OAuth) only exposes Codex-namespaced models. The watchlist entry captures this constraint so that when I inevitably ask "can I use 5.4 yet?" the agent gives me the real answer instead of hallucinating one.

Telegram duplicate messages: Streaming mode in my Telegram integration was producing duplicate final messages. I tested, confirmed the bug, reverted streaming to off, and logged it. Now when I ask about Telegram issues, the agent reads the current status rather than guessing whether I fixed it.

Both are exactly the kind of thing an agent would get wrong from memory — transient, environment-specific states that change without notice.

Implementation Checklist

If you want to build this for your own agent setup, here's everything you need:

  • [ ] Create a WATCHLIST.md file in your agent's workspace
  • [ ] Define a consistent entry format: title, what-to-watch, latest-status with date, interpretation
  • [ ] Add a mandatory re-read rule to your agent's system prompt or operational docs
  • [ ] Define trigger phrases that activate the re-read (be generous — include variations)
  • [ ] Specify the failure case: if the file is missing or empty, the agent should say so, not fabricate updates
  • [ ] Add your first 2–3 tracked items (start small; you'll learn what's worth tracking)
  • [ ] Optionally, schedule periodic checks (heartbeat, cron) so the agent proactively refreshes status fields
  • [ ] Review and prune the watchlist monthly — dead entries add noise

The watchlist isn't sophisticated. It's a markdown file and a rule that says "read the file." But it solves a real problem — agents confidently reporting outdated information — with zero dependencies and about ten minutes of setup. In a space full of complex orchestration patterns, sometimes the best intervention is just making your agent look at the damn file before it opens its mouth.

← back to all posts