← All receipts

Kontour Flow Agents — ensure-session ownership guard

Flow Agents ownership-guard bundle

A Flow Agents workflow run's own receipt for its ensure-session ownership guard: two agents claiming the same work item are kept from colliding, recorded as claims with their evidence — including one pre-existing, unrelated test-suite gap the run discloses and waives rather than hides.

24 verified 1 assumed
Download raw .bundle schemaVersion 5 · 25 claims · 14 evidence

Provenance

Merged to main via kontourai/flow-agents#377 ('#291: ensure-session ownership guard + per-actor current.json'); taken verbatim from delivery/trust.bundle at the merge commit.

Repository
kontourai/flow-agents
Source path
delivery/trust.bundle
Pinned commit
20eed88f025980eab845ff588ed4cd188f6b0d2a
Bundle source
flow-agents/workflow-sidecar;statusFunctionVersion=2

Claims

What was gated, and how it landed

Each row is a claim the pipeline recorded — its type, the facet it belongs to, the field or behavior it covers, its recorded value, and the trust status the kernel derived. Read straight from the downloadable artifact.

Status Subject / field Type · facet Value
verified kontourai-flow-agents-291/context-map-drift npm run context-map -- --check exit 0, "docs/context-map.md is current." (unaffected by F1-F5 fix) workflow.check.lint flow-agents.workflow pass
verified kontourai-flow-agents-291/static-eval-suite bash evals/run.sh static: 30 PASS / 0 FAIL, exit 0, including 35/35 node --test pure-helper unit tests (unchanged count vs prior verify) workflow.check.test flow-agents.workflow pass
verified kontourai-flow-agents-291/ensure-session-ownership-guard-integration bash evals/integration/test_ensure_session_ownership_guard.sh: 36/36 assertions PASS, 0 FAIL, exit 0 (AC1,2,3,4,5,6,9) -- now includes new section 3b (F1 cross-tool self-recognition, fix-plan iteratio… workflow.check.test flow-agents.workflow pass
verified kontourai-flow-agents-291/current-json-per-actor-integration bash evals/integration/test_current_json_per_actor.sh: 22/22 assertions PASS, 0 FAIL, exit 0 (AC7,8,10,11) -- now includes new section 6 (F3, fix-plan iteration 1) pinning the legacy-current.json-wins… workflow.check.test flow-agents.workflow pass
verified kontourai-flow-agents-291/assignment-provider-local-file-integration bash evals/integration/test_assignment_provider_local_file.sh: 34/34 assertions PASS, 0 FAIL, exit 0 -- #290 back-compat suite stays green after the actor_key additive-field fix workflow.check.test flow-agents.workflow pass
verified kontourai-flow-agents-291/assignment-provider-github-integration bash evals/integration/test_assignment_provider_github.sh: 45/45 assertions PASS, 0 FAIL, exit 0 -- #290 back-compat suite unaffected workflow.check.test flow-agents.workflow pass
verified kontourai-flow-agents-291/pull-work-assignment-join-integration bash evals/integration/test_pull_work_assignment_join.sh: 10/10 assertions PASS, 0 FAIL, exit 0 -- #290 back-compat suite unaffected workflow.check.test flow-agents.workflow pass
verified kontourai-flow-agents-291/workflow-sidecar-writer-integration bash evals/integration/test_workflow_sidecar_writer.sh: all checks passed, exit 0 workflow.check.test flow-agents.workflow pass
verified kontourai-flow-agents-291/liveness-heartbeat-integration bash evals/integration/test_liveness_heartbeat.sh: all checks passed, exit 0 -- includes F4 hot-path short-circuit restoration coverage (mightHaveActiveSession peek before resolveActor()) workflow.check.test flow-agents.workflow pass
verified kontourai-flow-agents-291/workflow-steering-hook-integration bash evals/integration/test_workflow_steering_hook.sh: 9/9 PASS, exit 0 workflow.check.test flow-agents.workflow pass
verified kontourai-flow-agents-291/source-tree-validation-summary CI reconcile fix (recast, ADR-0020 class #320/#356): the prior recording named a command-backed check with command "npm run validate:source" (no trailing --), which does not literally match the manife… workflow.check.diff flow-agents.workflow pass
verified kontourai-flow-agents-291/trust-reconcile-manifest-parity-summary CI reconcile fix (recast, ADR-0020 class #320/#356): bash evals/integration/test_trust_reconcile_manifest.sh is a meta manifest-parity self-check, not itself a manifest/required-lane command, so it ca… workflow.check.diff flow-agents.workflow pass
verified kontourai-flow-agents-291/full-gate-summary iteration-1 re-verify full-gate narrative (NOT command-backed by design): npm run build --silent exit 0 (folded here, not recorded as a standalone command-backed check, since it is already a prerequis… workflow.check.diff flow-agents.workflow pass
assumed kontourai-flow-agents-291/pre-existing-failure-baseline Three eval suites carry failures independently reproduced as pre-existing baselines, unrelated to the #291 iteration-1 fix: test_goal_fit_hook.sh (1 FAIL, exit 1), test_goal_fit_escape_hatch.sh (5 FAI… workflow.check.policy flow-agents.workflow pass
verified kontourai-flow-agents-291/ac1-ensure-session-refuses-fresh-other-actor-ensure-session-on-a-subject-with-a-fresh-other-actor-local-file-assignment-claim-liveness-fresh-actor-differs-exits-nonzero-with-a-remediation-message-naming-the-holder-and-suggesting-other-work-or-takeover-source-new-guard-block-in-src-cli-workflow-sidecar-ts-ensuresession-inserted-before-fs-mkdirsync-dir AC1 `ensure-session-refuses-fresh-other-actor`: `ensure-session` on a subject with a fresh OTHER-actor local-file assignment claim (liveness fresh, actor differs) exits nonzero with a remediation mess… workflow.acceptance.criterion flow-agents.workflow pass
verified kontourai-flow-agents-291/ac2-ensure-session-supersede-stale-only-ensure-session-on-a-reclaimable-stale-subject-refuses-without-supersede-stale-remediation-names-the-flag-and-succeeds-transitioning-the-assignment-record-to-the-new-actor-via-the-reused-supersede-logic-when-supersede-stale-is-passed-source-src-cli-assignment-provider-ts-performlocalsupersede-new-export-called-from-ensuresession AC2 `ensure-session-supersede-stale-only`: `ensure-session` on a `reclaimable` (stale) subject refuses without `--supersede-stale` (remediation names the flag) and succeeds, transitioning the assignme… workflow.acceptance.criterion flow-agents.workflow pass
verified kontourai-flow-agents-291/ac3-ensure-session-human-held-ask-first-ensure-session-on-a-human-held-subject-refuses-never-auto-reclaims-remediation-asks-the-user-to-confirm-before-proceeding-source-the-same-guard-block-s-human-held-branch AC3 `ensure-session-human-held-ask-first`: `ensure-session` on a `human-held` subject refuses (never auto-reclaims), remediation asks the user to confirm before proceeding (source: the same guard bloc… workflow.acceptance.criterion flow-agents.workflow pass
verified kontourai-flow-agents-291/ac4-ensure-session-self-reentry-ensure-session-resuming-a-session-under-the-same-actor-s-own-fresh-claim-succeeds-with-no-spurious-refusal-source-guard-s-self-is-holder-branch AC4 `ensure-session-self-reentry`: `ensure-session` resuming a session under the SAME actor's own fresh claim succeeds with no spurious refusal (source: guard's `self_is_holder` branch) workflow.acceptance.criterion flow-agents.workflow pass
verified kontourai-flow-agents-291/ac5-ensure-session-claims-on-free-ensure-session-on-a-free-subject-succeeds-and-establishes-a-durable-local-file-assignment-claim-for-the-entering-actor-verified-via-assignment-provider-status-immediately-after-source-guard-s-free-branch-calling-performlocalclaim AC5 `ensure-session-claims-on-free`: `ensure-session` on a `free` subject succeeds AND establishes a durable local-file assignment claim for the entering actor, verified via `assignment-provider statu… workflow.acceptance.criterion flow-agents.workflow pass
verified kontourai-flow-agents-291/ac6-ensure-session-concurrent-race-safety-two-concurrent-ensure-session-invocations-on-the-same-fresh-free-subject-never-both-become-the-claim-holder-one-wins-and-the-loser-sees-a-held-refused-outcome-on-retry-source-existing-root-level-withlock-in-workflow-sidecar-ts-main-unchanged-plus-withsubjectlock-in-assignment-provider-ts-unchanged-now-reached-via-the-new-exported-performlocalclaim-performlocalsupersede AC6 `ensure-session-concurrent-race-safety`: two concurrent `ensure-session` invocations on the same fresh-free subject never both become the claim holder, one wins and the loser sees a `held`/refused… workflow.acceptance.criterion flow-agents.workflow pass
verified kontourai-flow-agents-291/ac7-current-json-per-actor-isolation-after-actor-b-runs-ensure-session-on-a-different-subject-actor-a-s-own-current-session-resolution-workflow-sidecar-current-actor-aware-still-resolves-to-a-s-own-session-directory-source-per-actor-dual-write-read-in-writecurrent-currentdir-src-cli-workflow-sidecar-ts AC7 `current-json-per-actor-isolation`: after actor B runs `ensure-session` on a different subject, actor A's own current-session resolution (`workflow:sidecar -- current`, actor-aware) still resolves… workflow.acceptance.criterion flow-agents.workflow pass
verified kontourai-flow-agents-291/ac8-current-json-compat-shim-fallback-an-actor-with-no-per-actor-current-file-yet-or-an-unresolved-actor-still-resolves-via-the-legacy-global-current-json-exactly-as-before-this-change-every-named-existing-consumer-stop-goal-fit-js-evidence-capture-js-liveness-heartbeat-js-flow-agents-statusline-js-produces-identical-output-against-a-legacy-only-pre-migration-artifact-root-fixture-source-fallback-branch-in-scripts-hooks-lib-current-pointer-js-readcurrentpointer AC8 `current-json-compat-shim-fallback`: an actor with no per-actor current file yet, or an unresolved actor, still resolves via the legacy global `current.json` exactly as before this change; every n… workflow.acceptance.criterion flow-agents.workflow pass
verified kontourai-flow-agents-291/ac9-remediation-sanitized-refusal-remediation-messages-never-contain-raw-control-ansi-bytes-from-actor-holder-assignee-reason-fields-verified-against-a-crafted-hostile-liveness-event-and-a-hostile-effective-state-json-fixture-source-reuse-of-stripcontrolcharsfordisplay-already-in-workflow-sidecar-ts-at-every-interpolation-site-in-the-new-guard-s-die-messages AC9 `remediation-sanitized`: refusal/remediation messages never contain raw control/ANSI bytes from actor/holder/assignee/reason fields, verified against a crafted hostile liveness event and a hostile… workflow.acceptance.criterion flow-agents.workflow pass
verified kontourai-flow-agents-291/ac10-config-protection-covers-per-actor-current-config-protection-js-s-protected-path-and-bash-redirect-detectors-block-direct-writes-redirects-to-kontourai-flow-agents-current-actor-json-exactly-as-they-already-do-for-kontourai-flow-agents-current-json-source-new-pattern-in-checkprotectedpathpattern-and-redirect-protected-re AC10 `config-protection-covers-per-actor-current`: `config-protection.js`'s protected-path and Bash-redirect detectors block direct writes/redirects to `.kontourai/flow-agents/current/<actor>.json` ex… workflow.acceptance.criterion flow-agents.workflow pass
verified kontourai-flow-agents-291/ac11-gate-scoping-actor-correct-record-gate-claim-writetrustbundle-s-flowdefinition-dual-emit-scoping-resolves-active-flow-id-active-step-id-from-the-calling-actor-s-own-current-pointer-not-a-different-actor-s-more-recently-written-legacy-pointer-source-actor-aware-update-to-declaredclaimtypesfor-writetrustbundle-s-scopedflowagentsdir-check-and-resolveactiveflowstep-in-src-lib-flow-resolver-ts AC11 `gate-scoping-actor-correct`: `record-gate-claim` / `writeTrustBundle`'s FlowDefinition dual-emit scoping resolves `active_flow_id`/`active_step_id` from the CALLING actor's own current-pointer,… workflow.acceptance.criterion flow-agents.workflow pass

Evidence

What supports the claims

Open questions

Gaps this receipt does not hide

Verify it yourself

Recompute this exact file

Download the raw .bundle above, then run it through the named validator — validateTrustBundle from @kontourai/surface. The CLI wraps it and exits non-zero if the artifact is not a well-formed trust.bundle.

validate this receipt
$ npx @kontourai/[email protected] report \
--input flow-agents-ownership-guard.trust.bundle --format summary
# exit 0 prints the trust summary; a broken file exits 1

Prefer the library directly? The CLI just calls it:

node — the named validator
import { validateTrustBundle } from "@kontourai/surface";
import { readFileSync } from "node:fs";
validateTrustBundle(JSON.parse(readFileSync("flow-agents-ownership-guard.trust.bundle", "utf8")));
# throws if the bundle is invalid; returns the parsed bundle otherwise