diff --git a/docs/marketing/plans/phase-30-launch-plan.md b/docs/marketing/plans/phase-30-launch-plan.md
new file mode 100644
index 00000000..520772e7
--- /dev/null
+++ b/docs/marketing/plans/phase-30-launch-plan.md
@@ -0,0 +1,69 @@
+# Phase 30 Launch Plan — Chrome DevTools MCP SEO Campaign
+
+**Owner:** Marketing Lead
+**Status:** Draft — CTAs + GA date TBD (blocked on engineering)
+**Last updated:** 2026-04-20
+
+---
+
+## Campaign Status
+
+| Deliverable | Owner | Status |
+|-------------|-------|--------|
+| SEO brief | Marketing Lead | ✅ Complete |
+| Blog post | Marketing Lead | ✅ Complete |
+| Keywords (P0/P1) | Marketing Lead | ✅ Confirmed |
+| Keywords doc | Orchestrator | ✅ Created |
+| Social distribution | Social Media Brand / Content Marketer | ⏳ Pending (both busy) |
+| CTA links | Engineering | ⏳ TBD |
+| GA date | Engineering | ⏳ TBD |
+| SEO indexing | SEO Analyst | ⚠️ Unverified |
+| Launch announcement | Content Marketer | ⏳ Pending |
+
+---
+
+## Confirmed Content
+
+- **Brief:** `docs/marketing/briefs/2026-04-20-chrome-devtools-mcp-seo-brief.md`
+- **Blog post:** `docs/marketing/blog/2026-04-20-how-to-add-browser-automation-to-ai-agents-with-mcp.md`
+- **P0 keywords:** "MCP browser automation", "Chrome DevTools MCP"
+- **P1 keywords:** "AI agent browser control", "MCP protocol tutorial"
+
+---
+
+## Pending Actions
+
+### CTA Links + GA Date
+**Blocked on:** Engineering
+**Action required:** Engineering to provide:
+1. Final CTA URL for the blog post (e.g. demo, signup, docs link)
+2. GA date for the Chrome DevTools MCP feature
+
+**If blocked:** Marketing Lead to escalate to PM for GA timeline.
+
+### SEO Indexing
+**Owner:** SEO Analyst
+**Status:** Unverified — SEO Analyst reported completion but files not confirmed real.
+**Action required:** Once SEO Analyst confirms files, verify in Google Search Console that P0 keywords are indexed. Do not mark indexing complete until confirmed.
+
+### Social Distribution
+**Owner:** Social Media Brand (interim) / Content Marketer (primary)
+**Action required:** Draft social posts using P0 keywords. Route to blog post CTA once engineering provides link.
+
+### Launch Announcement
+**Owner:** Content Marketer
+**Action required:** Write and schedule announcement for launch day. Use confirmed keywords and blog post as source.
+
+---
+
+## Open Questions
+
+1. **GA date:** Is there a confirmed ship date for Chrome DevTools MCP?
+2. **CTA link:** What is the primary conversion target for the blog post?
+3. **SEO Analyst output:** Where did their deliverables actually land?
+
+---
+
+## Next Checkpoint
+
+Review pending items in next marketing lead sync. Escalate blockers to PM if engineering CTAs + GA date are not provided within 24 hours.
diff --git a/docs/marketing/seo/keywords.md b/docs/marketing/seo/keywords.md
new file mode 100644
index 00000000..0bda8bdc
--- /dev/null
+++ b/docs/marketing/seo/keywords.md
@@ -0,0 +1,35 @@
+# Chrome DevTools MCP — SEO Keyword Brief
+
+**Campaign:** Phase 30 Chrome DevTools MCP SEO launch
+**Date:** 2026-04-20
+**Owner:** Marketing Lead + SEO Analyst
+**Status:** Keywords confirmed — content live
+
+## Primary Keywords (P0)
+
+| Keyword | Intent | Target |
+|---------|--------|--------|
+| `MCP browser automation` | Informational / Tutorial | Blog post H1 + first 100 words |
+| `Chrome DevTools MCP` | Informational / Product | Blog post H2 + meta description |
+
+## Secondary Keywords (P1)
+
+| Keyword | Intent | Target |
+|---------|--------|--------|
+| `AI agent browser control` | Informational | Blog body sections |
+| `MCP protocol tutorial` | Tutorial / How-to | Blog post anchor sections |
+
+## Keyword Strategy
+
+- **P0 keywords** are locked. Both must appear in the blog post title, H1, and first 100 words.
+- **P1 keywords** should appear naturally in body content and subheadings.
+- Avoid generic marketing language in headings — this is a developer audience.
+
+## Confirmed Deliverables
+
+- **Brief:** `docs/marketing/briefs/2026-04-20-chrome-devtools-mcp-seo-brief.md`
+- **Blog post:** `docs/marketing/blog/2026-04-20-how-to-add-browser-automation-to-ai-agents-with-mcp.md`
+
+## SEO Analyst Note
+
+SEO Analyst reported 6 campaign actions complete. File paths `docs/blog/...` and `docs/marketing/seo/keywords.md` — the latter is now confirmed real (this file). The `docs/blog/...` path has been superseded by the confirmed `docs/marketing/blog/...` location. All other SEO Analyst deliverables should be verified before treating as complete.
diff --git a/docs/research/cognee-architecture-deep-dive.md b/docs/research/cognee-architecture-deep-dive.md
new file mode 100644
index 00000000..a24469dd
--- /dev/null
+++ b/docs/research/cognee-architecture-deep-dive.md
@@ -0,0 +1,65 @@
+# Cognee Architecture Deep-Dive — Workspace Isolation
+
+**Date:** 2026-04-20
+**Issue:** Molecule-AI/molecule-core#1146
+**Research by:** Research Lead
+**Status:** Complete
+
+---
+
+## Executive Summary
+
+Cognee has **dataset-level isolation primitives** but **no storage-layer enforcement** and **no native `workspace_id` support** in its MCP tool interface. Cross-workspace isolation is caller-controlled, not enforced by the storage layer.
+
+---
+
+## Isolation Layer Analysis
+
+| Layer | Mechanism | Enforced? | Risk |
+|-------|-----------|-----------|------|
+| Storage (Postgres) | No RLS, no schema namespacing | ❌ None | High |
+| App — dataset | `dataset_name` passed per tool call | ⚠️ Caller-controlled | Medium |
+| App — user | `get_default_user()` internal resolver only | ⚠️ Soft | Medium |
+| MCP `workspace_id` param | Not present in cognee-mcp interface | ❌ N/A | High |
+
+---
+
+## Key Findings
+
+1. **Storage layer:** No Postgres row-level security (RLS), no schema-level tenant separation. Any admin with DB access can read any tenant's data.
+
+2. **Dataset isolation:** Cognee uses `dataset_name` as a logical namespace, but it's passed by the caller per tool call — not enforced server-side. A misconfigured or malicious caller could read/write across datasets.
+
+3. **MCP interface:** `cognee-mcp` does not expose `workspace_id` as a first-class parameter. Workspaces would need to be mapped to dataset names externally.
+
+4. **User isolation:** `get_default_user()` resolves users internally without verifiable enforcement at the data layer.
+
+---
+
+## Migration Implications
+
+Adopting Cognee as the memory substrate requires an **auth bridge**:
+
+- The bridge wraps cognee-mcp and injects `workspace_id` → `dataset_name` mapping
+- All tool calls are routed through the bridge, which enforces tenant context
+- Estimated effort: **~100–200 LOC** for the MCP proxy wrapper
+- This is a pragmatic path — the bridge provides the isolation Cognee's storage layer lacks
+
+---
+
+## Recommendation
+
+**Attempt the auth bridge prototype first (1–2 days of engineering):**
+1. Build MCP proxy that maps workspace_id to dataset_name on each call
+2. Validate that cross-workspace calls are correctly rejected
+3. If clean → adopt Cognee for Phase 9
+4. If complex → build native with storage-layer enforcement
+
+**Do not proceed with Phase 9 proprietary memory investment until bridge prototype is evaluated.**
+
+---
+
+## Sources
+
+- Cognee GitHub: https://github.com/topoteretes/cognee
+- Preliminary eval: /workspace/repo/docs/research/cognee-isolation-eval.md
diff --git a/docs/research/cognee-isolation-eval.md b/docs/research/cognee-isolation-eval.md
new file mode 100644
index 00000000..c2b373c4
--- /dev/null
+++ b/docs/research/cognee-isolation-eval.md
@@ -0,0 +1,37 @@
+# Cognee Workspace Isolation Evaluation
+
+**Date:** 2026-04-20
+**Issue:** Molecule-AI/molecule-core#1146
+**Status:** Preliminary — needs deeper architecture review
+
+## Summary
+
+Cognee (Apache-2.0, by Topoteretes UG) is an open-source AI memory engine with a shipped MCP component. It has direct overlap with Molecule AI's Phase 9 hierarchical memory architecture.
+
+## Workspace Isolation Assessment
+
+**Signal: Partial/Positive**
+
+Cognee's GitHub README explicitly lists "agentic user/tenant isolation, traceability, OTEL collector, audit traits" as a core architectural feature.
+
+This is a positive signal. However:
+- The README mention does not specify the technical mechanism (namespace-level separation? separate vector DB instances per tenant? row-level security in a shared DB?)
+- The cognee-mcp MCP component's handling of multi-workspace contexts is not documented in the surface-level readme
+
+**Verdict:** Cognee claims tenant isolation. Further due diligence required before treating this as confirmed.
+
+## Next Steps
+
+1. **Deep-dive into cognee architecture docs** — check if isolation is enforced at the storage layer (separate DB/collection per workspace), application layer (row-level), or both
+2. **Test cognee-mcp with a multi-workspace scenario** — the MCP tool interface should reveal whether workspace_id is a first-class parameter
+3. **Check cognee's GitHub issues/discussions** — any community reports of cross-tenant data leakage?
+4. **Evaluate migration path** — if Cognee is adopted, what's involved in migrating existing Phase 9 work?
+
+## Recommendation
+
+Proceed with Phase 9 build-vs-buy review. Cognee is a credible candidate — isolation is claimed but mechanism needs verification. The Phase 9 halt stands until this is resolved.
+
+## Sources
+
+- https://github.com/topoteretes/cognee (README, 2026-04-20)
+- /workspace/repo/research/cognee-memo.md