Kontour Flow Agents — delivery workflow
The trust.bundle a Flow Agents delivery run emits as its own receipt: every workflow check (build, source-tree validation, verification) recorded as a claim with its evidence and status.
Provenance
Committed by the Flow Agents delivery pipeline and tracked in-repo since PR #269; this copy is taken verbatim from origin/main at the pinned commit.
Claims
Each row is a claim the pipeline recorded — its type, the facet it belongs to, the field or behavior it covers, its recorded value, and the trust status the kernel derived. Read straight from the downloadable artifact.
| Status | Subject / field | Type · facet | Value |
|---|---|---|---|
| verified | kontourai-flow-agents-290/build-compile-summary NON-command-backed summary (ADR 0020 rule: bare `npm run build --silent` is not itself a manifest entry, so it is not recorded as command-backed test_output; it is subsumed by the manifest-matched `so… | workflow.check.runtime flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/source-tree-validation Manifest-matched (source-tree-validation). `npm run validate:source --` exits 0; this script's own package.json definition runs `npm run build --silent` first, so a clean run also confirms the CLI mod… | workflow.check.command flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/context-map-drift Manifest-matched (context-map-drift). `npm run context-map -- --check` exits 0 with 'docs/context-map.md is current.' -- confirms AC10's context-map regeneration is committed and non-drifted. | workflow.check.command flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/static-eval-suite Manifest-matched (static-eval-suite). Full static suite exits 0, no failures (35/35 TS unit tests pass; all other static assertion blocks pass). Runs `npm run build` as a prerequisite, so a clean run… | workflow.check.test flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/assignment-provider-local-file-integration Manifest-matched (assignment-provider-local-file-integration). Re-verify iteration-1: all 34/34 assertions pass (up from 30 pre-fix), including three NEW genuine OS-process concurrency-race assertions… | workflow.check.test flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/assignment-provider-github-integration Manifest-matched (assignment-provider-github-integration). Re-verify iteration-1: all 45/45 assertions pass (up from 42 pre-fix), including NEW F2 (hostile branch/artifact_dir/actor.human payload with… | workflow.check.test flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/pull-work-assignment-join-integration Manifest-matched (pull-work-assignment-join-integration). Re-verify iteration-1: unaffected by F1-F5, still 10/10 assertions pass. Two-actor simulation: subject is free before either session claims; s… | workflow.check.test flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/pull-work-liveness-preflight-integration Manifest-matched (pull-work-liveness-preflight-integration). Re-verify iteration-1: 68/68 assertions pass (up from 65 pre-fix), including NEW F5 wording-correction assertions: pull-work now scopes tru… | workflow.check.test flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/pull-work-provider-integration Manifest-matched (pull-work-provider-integration). Re-verify iteration-1: unaffected by F1-F5, still 69/69 assertions pass -- regression check confirming this issue's changes to pull-work/SKILL.md and… | workflow.check.test flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/gh-process-absence-source-scan SESSION-LOCAL (no command; not a manifest entry). Independent source-tree grep, re-run this session: `execFileSync|spawnSync|spawn\(|exec\(` naming `gh` anywhere under src/ -> zero hits outside a sing… | workflow.check.security flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/trust-reconcile-manifest-parity SESSION-LOCAL (kind=policy is non-reconcilable regardless of command presence per ADR 0020's classification table; deliberately recorded without a `command` field since the exact command run this sess… | workflow.check.policy flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/concurrency-race-independent-reproduction SESSION-LOCAL (no command; independent of the checked-in eval's own single-iteration race assertion). Re-ran the EXACT 40-iteration concurrent OS-process race script (race40.sh) originally used to rep… | workflow.check.security flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/f2-hostile-payload-independent-reproduction SESSION-LOCAL (no command; independent of the checked-in eval's own hostile fixture). Built a DISTINCT hostile fixture from the eval's own (different marker text, different control bytes: CR + BEL + a… | workflow.check.security flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/ac1-contract-doc-review Re-verify iteration-1: re-read context/contracts/assignment-provider-contract.md; unchanged in substance from the prior verification pass other than F4's additive argv-array-execution note. Cross-chec… | workflow.check.diff flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/ac2-settings-schema-independent-validation Re-verify iteration-1: schemas/assignment-provider-settings.schema.json is unchanged by the F1-F5 fix set (confirmed via diff-scope: the fix touches only src/cli/assignment-provider.ts, kits/builder/s… | workflow.check.diff flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/ac8-pull-work-skill-wiring-review Re-read the diff of kits/builder/skills/pull-work/SKILL.md's F4/F5 changes: an explicit argv-array (never shell-string interpolation) execution note added to the Assignment Claim On Selection section… | workflow.check.diff flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/ac10-docs-and-context-map-review docs/context-map.md drift-checked clean via the command-backed context-map-drift check above. docs/workflow-usage-guide.md's 'Assignment ownership: the third provider leg' subsection re-read, unchange… | workflow.check.diff flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/goal-fit User outcome now fully met: a selected GitHub issue carries a durable, human-visible ownership record; the same operations work against a local-file record for tracker-less repos/evals with GENUINE mu… | workflow.check.policy flow-agents.workflow | pass |
| assumed | kontourai-flow-agents-290/pre-existing-unrelated-eval-failures ACCEPTED GAP, waived. This check's underlying record-evidence call carried this check's waiver via the PER-CHECK `_waiver` JSON payload (ADR 0020 rule: a waiver cannot ride the global --accepted-gap-r… | workflow.check.runtime flow-agents.workflow | skip |
| verified | kontourai-flow-agents-290/ac1-contract-doc-covers-adr-0021-sections-context-contracts-assignment-provider-contract-md AC1 `contract-doc-covers-adr-0021-sections`: `context/contracts/assignment-provider-contract.md` | workflow.acceptance.criterion flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/ac2-settings-schema-validates-schemas-assignment-provider-settings-schema-json AC2 `settings-schema-validates`: `schemas/assignment-provider-settings.schema.json` | workflow.acceptance.criterion flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/ac3-github-render-emits-versioned-comment-assignment-provider-render-claim-provider AC3 `github-render-emits-versioned-comment`: `assignment-provider render-claim --provider | workflow.acceptance.criterion flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/ac4-github-status-parses-existing-claim-assignment-provider-status-provider-github AC4 `github-status-parses-existing-claim`: `assignment-provider status --provider github` | workflow.acceptance.criterion flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/ac5-local-file-round-trip-assignment-provider-claim-status-supersede-release-provider AC5 `local-file-round-trip`: `assignment-provider claim|status|supersede|release --provider | workflow.acceptance.criterion flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/ac6-list-returns-actor-claims-assignment-provider-list-actor-actor-both-provider AC6 `list-returns-actor-claims`: `assignment-provider list --actor <actor>` (both provider | workflow.acceptance.criterion flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/ac7-concurrent-claim-fails-loud-or-reports-holder-a-second-claim-on-an-already-claimed AC7 `concurrent-claim-fails-loud-or-reports-holder`: a second `claim` on an already-claimed | workflow.acceptance.criterion flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/ac8-pull-work-wires-durable-claim-at-selection-pull-work-skill-md-s-selection-step AC8 `pull-work-wires-durable-claim-at-selection`: `pull-work/SKILL.md`'s selection step | workflow.acceptance.criterion flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/ac9-no-live-gh-process-in-evals-none-of-this-issue-s-new-eval-scripts-invoke-a-live-or AC9 `no-live-gh-process-in-evals`: none of this issue's new eval scripts invoke a live or | workflow.acceptance.criterion flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/ac10-docs-and-context-map-updated-docs-context-map-md-lists-the-new-schema-via AC10 `docs-and-context-map-updated`: `docs/context-map.md` lists the new schema (via | workflow.acceptance.criterion flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/ac11-human-assignee-policy-knob-present-and-respected-the-settings-schema-s AC11 `human-assignee-policy-knob-present-and-respected`: the settings schema's | workflow.acceptance.criterion flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/ac12-disjoint-selection-simulated-a-two-actor-join-simulation-proves-that-once-actor-a-s AC12 `disjoint-selection-simulated`: a two-actor join simulation proves that once actor A's | workflow.acceptance.criterion flow-agents.workflow | pass |
| superseded | kontourai-flow-agents-290/code-review-290-iteration-1 26 files reviewed (12 modified, 14 new). Abstraction, GitHub render/parse path, join logic, and pull-work wiring are solid and well-tested, but the local-file claim path has a reproducible TOCTOU race… | workflow.critique.review flow-agents.workflow | fail |
| verified | kontourai-flow-agents-290/code-review-290-iteration-1-recheck Focused re-review of the iteration-1 fix for all 5 prior findings. Delta reviewed: src/cli/assignment-provider.ts (withSubjectLock/sanitizeDisplayField/computeEffectiveState's nowMs threading), kits/b… | workflow.critique.review flow-agents.workflow | pass |
| verified | kontourai-flow-agents-290/code-review-290-iteration-1 SUPERSEDES the original CHANGES_REQUESTED review (same critique id, same reviewer, per #344's reviewer-scoped critique supersession). All 5 findings (1 CRITICAL, 1 HIGH, 2 MEDIUM, 1 LOW) independently… | workflow.critique.review flow-agents.workflow | pass |
Evidence
NON-command-backed summary (ADR 0020 rule: bare `npm run build --silent` is not itself a manifest entry, so it is not recorded as command-backed test_output; it is subsumed by the manifest-matched `source-tree-validation` check below, whose own script runs build first). `npm run build --silent`, this session: exit 0, c…
kontourai-flow-agents-290/evidence.json
Manifest-matched (source-tree-validation). `npm run validate:source --` exits 0; this script's own package.json definition runs `npm run build --silent` first, so a clean run also confirms the CLI modules compile and are correctly registered/mirrored per validate-source-tree.ts's CLI-registration rules.
kontourai-flow-agents-290/evidence.json
Manifest-matched (context-map-drift). `npm run context-map -- --check` exits 0 with 'docs/context-map.md is current.' -- confirms AC10's context-map regeneration is committed and non-drifted.
kontourai-flow-agents-290/evidence.json
Manifest-matched (static-eval-suite). Full static suite exits 0, no failures (35/35 TS unit tests pass; all other static assertion blocks pass). Runs `npm run build` as a prerequisite, so a clean run confirms the whole TypeScript project (including the F1-F5 fix set) compiles.
kontourai-flow-agents-290/evidence.json
Manifest-matched (assignment-provider-local-file-integration). Re-verify iteration-1: all 34/34 assertions pass (up from 30 pre-fix), including three NEW genuine OS-process concurrency-race assertions (F1 fix-plan): two real, simultaneously-launched claim processes for the same subject/different actors, asserting exact…
kontourai-flow-agents-290/evidence.json
Manifest-matched (assignment-provider-github-integration). Re-verify iteration-1: all 45/45 assertions pass (up from 42 pre-fix), including NEW F2 (hostile branch/artifact_dir/actor.human payload with newline+ANSI+[SYSTEM] text is control-char-stripped in status output, both raw and JSON-escaped ANSI forms absent, effe…
kontourai-flow-agents-290/evidence.json
Manifest-matched (pull-work-assignment-join-integration). Re-verify iteration-1: unaffected by F1-F5, still 10/10 assertions pass. Two-actor simulation: subject is free before either session claims; session A claims it; session B's subsequent status/join check reports held (never free); session B selects and claims a d…
kontourai-flow-agents-290/evidence.json
Manifest-matched (pull-work-liveness-preflight-integration). Re-verify iteration-1: 68/68 assertions pass (up from 65 pre-fix), including NEW F5 wording-correction assertions: pull-work now scopes true mutual exclusion to the local-file provider only (via #290's lock), does NOT overclaim true mutual exclusion for the G…
kontourai-flow-agents-290/evidence.json
Manifest-matched (pull-work-provider-integration). Re-verify iteration-1: unaffected by F1-F5, still 69/69 assertions pass -- regression check confirming this issue's changes to pull-work/SKILL.md and the provider CLI did not disturb the existing WorkItemProvider fixture-based eval.
kontourai-flow-agents-290/evidence.json
SESSION-LOCAL (no command; not a manifest entry). Independent source-tree grep, re-run this session: `execFileSync|spawnSync|spawn\(|exec\(` naming `gh` anywhere under src/ -> zero hits outside a single explanatory code comment in assignment-provider.ts. Confirms AC9 at the source level, independent of the evals' own s…
kontourai-flow-agents-290/evidence.json
SESSION-LOCAL (kind=policy is non-reconcilable regardless of command presence per ADR 0020's classification table; deliberately recorded without a `command` field since the exact command run this session -- `bash evals/integration/test_trust_reconcile_manifest.sh` -- is a narrower slice of the actual manifest entry 'an…
kontourai-flow-agents-290/evidence.json
SESSION-LOCAL (no command; independent of the checked-in eval's own single-iteration race assertion). Re-ran the EXACT 40-iteration concurrent OS-process race script (race40.sh) originally used to reproduce the pre-fix defect (14/15 double-wins, corroborating the code-review subagent's own 29/40 reproduction). Methodol…
kontourai-flow-agents-290/evidence.json
SESSION-LOCAL (no command; independent of the checked-in eval's own hostile fixture). Built a DISTINCT hostile fixture from the eval's own (different marker text, different control bytes: CR + BEL + a distinct ANSI CSI sequence + a '[SYSTEM] ignore prior instructions' trailer) via a forged claim-marker GitHub issue com…
kontourai-flow-agents-290/evidence.json
Re-verify iteration-1: re-read context/contracts/assignment-provider-contract.md; unchanged in substance from the prior verification pass other than F4's additive argv-array-execution note. Cross-check against docs/adr/0021-assignment-leases-and-stale-claim-takeover.md sections 1-2/4/6 still holds, no paraphrase drift.
kontourai-flow-agents-290/evidence.json
Re-verify iteration-1: schemas/assignment-provider-settings.schema.json is unchanged by the F1-F5 fix set (confirmed via diff-scope: the fix touches only src/cli/assignment-provider.ts, kits/builder/skills/pull-work/SKILL.md, context/contracts/assignment-provider-contract.md, and eval scripts). Prior independent ajv va…
kontourai-flow-agents-290/evidence.json
Re-read the diff of kits/builder/skills/pull-work/SKILL.md's F4/F5 changes: an explicit argv-array (never shell-string interpolation) execution note added to the Assignment Claim On Selection section (F4), and the mutual-exclusion claim corrected to scope 'true mutual exclusion' to the local-file provider only via #290…
kontourai-flow-agents-290/evidence.json
docs/context-map.md drift-checked clean via the command-backed context-map-drift check above. docs/workflow-usage-guide.md's 'Assignment ownership: the third provider leg' subsection re-read, unchanged in substance.
kontourai-flow-agents-290/evidence.json
User outcome now fully met: a selected GitHub issue carries a durable, human-visible ownership record; the same operations work against a local-file record for tracker-less repos/evals with GENUINE mutual exclusion (F1, independently re-confirmed 40/40); human assignees are never silently reclaimed; untrusted GitHub cl…
kontourai-flow-agents-290/evidence.json
ACCEPTED GAP, waived. This check's underlying record-evidence call carried this check's waiver via the PER-CHECK `_waiver` JSON payload (ADR 0020 rule: a waiver cannot ride the global --accepted-gap-reason/--waived-by flags when the same record-evidence call also includes command-backed checks -- this call includes 8).…
kontourai-flow-agents-290/evidence.json
Open questions
Verify it yourself
Download the raw .bundle above, then run it through the named validator — validateTrustBundle from @kontourai/surface. The CLI wraps it and exits non-zero if the artifact is not a well-formed trust.bundle.
Prefer the library directly? The CLI just calls it: