TL;DR PROJECT JAMES is a security-focused, locally-runnable Graph-RAG knowledge engine in Python. It combines an explicit 12-type ontology, 3-stage access control (RBAC + ABAC + instruction isolation), a self-evolution scaffold with audit log, and 100% local execution via Ollama. MIT-licensed, alpha v0.2.0, OpenSSF Best Practices passing . Why I built this If you've ever wanted to point a local LLM at your own wiki, codebase, or document store, you've probably hit the same three walls I did: Cloud RAG services want everything in their cloud — fine for prototypes, painful for anything sensitive. Self-hosted RAG frameworks are usually one of: (a) too much infrastructure (Kubernetes-shaped), or (b) too few security primitives (no role separation, no audit trail). Most Graph-RAG implementations treat the graph as a side feature on top of vectors. The graph rarely participates in the security boundary or the reasoning path.…