Kontour Flow Agents — ensure-session ownership guard
A Flow Agents workflow run's own receipt for its ensure-session ownership guard: two agents claiming the same work item are kept from colliding, recorded as claims with their evidence — including one pre-existing, unrelated test-suite gap the run discloses and waives rather than hides.
Provenance
Merged to main via kontourai/flow-agents#377 ('#291: ensure-session ownership guard + per-actor current.json'); taken verbatim from delivery/trust.bundle at the merge commit.
Claims
Each row is a claim the pipeline recorded — its type, the facet it belongs to, the field or behavior it covers, its recorded value, and the trust status the kernel derived. Read straight from the downloadable artifact.
| Status | Subject / field | Type · facet | Value |
|---|---|---|---|
| verified | kontourai-flow-agents-291/context-map-drift npm run context-map -- --check exit 0, "docs/context-map.md is current." (unaffected by F1-F5 fix) | workflow.check.lint flow-agents.workflow | pass |
| verified | kontourai-flow-agents-291/static-eval-suite bash evals/run.sh static: 30 PASS / 0 FAIL, exit 0, including 35/35 node --test pure-helper unit tests (unchanged count vs prior verify) | workflow.check.test flow-agents.workflow | pass |
| verified | kontourai-flow-agents-291/ensure-session-ownership-guard-integration bash evals/integration/test_ensure_session_ownership_guard.sh: 36/36 assertions PASS, 0 FAIL, exit 0 (AC1,2,3,4,5,6,9) -- now includes new section 3b (F1 cross-tool self-recognition, fix-plan iteratio… | workflow.check.test flow-agents.workflow | pass |
| verified | kontourai-flow-agents-291/current-json-per-actor-integration bash evals/integration/test_current_json_per_actor.sh: 22/22 assertions PASS, 0 FAIL, exit 0 (AC7,8,10,11) -- now includes new section 6 (F3, fix-plan iteration 1) pinning the legacy-current.json-wins… | workflow.check.test flow-agents.workflow | pass |
| verified | kontourai-flow-agents-291/assignment-provider-local-file-integration bash evals/integration/test_assignment_provider_local_file.sh: 34/34 assertions PASS, 0 FAIL, exit 0 -- #290 back-compat suite stays green after the actor_key additive-field fix | workflow.check.test flow-agents.workflow | pass |
| verified | kontourai-flow-agents-291/assignment-provider-github-integration bash evals/integration/test_assignment_provider_github.sh: 45/45 assertions PASS, 0 FAIL, exit 0 -- #290 back-compat suite unaffected | workflow.check.test flow-agents.workflow | pass |
| verified | kontourai-flow-agents-291/pull-work-assignment-join-integration bash evals/integration/test_pull_work_assignment_join.sh: 10/10 assertions PASS, 0 FAIL, exit 0 -- #290 back-compat suite unaffected | workflow.check.test flow-agents.workflow | pass |
| verified | kontourai-flow-agents-291/workflow-sidecar-writer-integration bash evals/integration/test_workflow_sidecar_writer.sh: all checks passed, exit 0 | workflow.check.test flow-agents.workflow | pass |
| verified | kontourai-flow-agents-291/liveness-heartbeat-integration bash evals/integration/test_liveness_heartbeat.sh: all checks passed, exit 0 -- includes F4 hot-path short-circuit restoration coverage (mightHaveActiveSession peek before resolveActor()) | workflow.check.test flow-agents.workflow | pass |
| verified | kontourai-flow-agents-291/workflow-steering-hook-integration bash evals/integration/test_workflow_steering_hook.sh: 9/9 PASS, exit 0 | workflow.check.test flow-agents.workflow | pass |
| verified | kontourai-flow-agents-291/source-tree-validation-summary CI reconcile fix (recast, ADR-0020 class #320/#356): the prior recording named a command-backed check with command "npm run validate:source" (no trailing --), which does not literally match the manife… | workflow.check.diff flow-agents.workflow | pass |
| verified | kontourai-flow-agents-291/trust-reconcile-manifest-parity-summary CI reconcile fix (recast, ADR-0020 class #320/#356): bash evals/integration/test_trust_reconcile_manifest.sh is a meta manifest-parity self-check, not itself a manifest/required-lane command, so it ca… | workflow.check.diff flow-agents.workflow | pass |
| verified | kontourai-flow-agents-291/full-gate-summary iteration-1 re-verify full-gate narrative (NOT command-backed by design): npm run build --silent exit 0 (folded here, not recorded as a standalone command-backed check, since it is already a prerequis… | workflow.check.diff flow-agents.workflow | pass |
| assumed | kontourai-flow-agents-291/pre-existing-failure-baseline Three eval suites carry failures independently reproduced as pre-existing baselines, unrelated to the #291 iteration-1 fix: test_goal_fit_hook.sh (1 FAIL, exit 1), test_goal_fit_escape_hatch.sh (5 FAI… | workflow.check.policy flow-agents.workflow | pass |
| verified | kontourai-flow-agents-291/ac1-ensure-session-refuses-fresh-other-actor-ensure-session-on-a-subject-with-a-fresh-other-actor-local-file-assignment-claim-liveness-fresh-actor-differs-exits-nonzero-with-a-remediation-message-naming-the-holder-and-suggesting-other-work-or-takeover-source-new-guard-block-in-src-cli-workflow-sidecar-ts-ensuresession-inserted-before-fs-mkdirsync-dir AC1 `ensure-session-refuses-fresh-other-actor`: `ensure-session` on a subject with a fresh OTHER-actor local-file assignment claim (liveness fresh, actor differs) exits nonzero with a remediation mess… | workflow.acceptance.criterion flow-agents.workflow | pass |
| verified | kontourai-flow-agents-291/ac2-ensure-session-supersede-stale-only-ensure-session-on-a-reclaimable-stale-subject-refuses-without-supersede-stale-remediation-names-the-flag-and-succeeds-transitioning-the-assignment-record-to-the-new-actor-via-the-reused-supersede-logic-when-supersede-stale-is-passed-source-src-cli-assignment-provider-ts-performlocalsupersede-new-export-called-from-ensuresession AC2 `ensure-session-supersede-stale-only`: `ensure-session` on a `reclaimable` (stale) subject refuses without `--supersede-stale` (remediation names the flag) and succeeds, transitioning the assignme… | workflow.acceptance.criterion flow-agents.workflow | pass |
| verified | kontourai-flow-agents-291/ac3-ensure-session-human-held-ask-first-ensure-session-on-a-human-held-subject-refuses-never-auto-reclaims-remediation-asks-the-user-to-confirm-before-proceeding-source-the-same-guard-block-s-human-held-branch AC3 `ensure-session-human-held-ask-first`: `ensure-session` on a `human-held` subject refuses (never auto-reclaims), remediation asks the user to confirm before proceeding (source: the same guard bloc… | workflow.acceptance.criterion flow-agents.workflow | pass |
| verified | kontourai-flow-agents-291/ac4-ensure-session-self-reentry-ensure-session-resuming-a-session-under-the-same-actor-s-own-fresh-claim-succeeds-with-no-spurious-refusal-source-guard-s-self-is-holder-branch AC4 `ensure-session-self-reentry`: `ensure-session` resuming a session under the SAME actor's own fresh claim succeeds with no spurious refusal (source: guard's `self_is_holder` branch) | workflow.acceptance.criterion flow-agents.workflow | pass |
| verified | kontourai-flow-agents-291/ac5-ensure-session-claims-on-free-ensure-session-on-a-free-subject-succeeds-and-establishes-a-durable-local-file-assignment-claim-for-the-entering-actor-verified-via-assignment-provider-status-immediately-after-source-guard-s-free-branch-calling-performlocalclaim AC5 `ensure-session-claims-on-free`: `ensure-session` on a `free` subject succeeds AND establishes a durable local-file assignment claim for the entering actor, verified via `assignment-provider statu… | workflow.acceptance.criterion flow-agents.workflow | pass |
| verified | kontourai-flow-agents-291/ac6-ensure-session-concurrent-race-safety-two-concurrent-ensure-session-invocations-on-the-same-fresh-free-subject-never-both-become-the-claim-holder-one-wins-and-the-loser-sees-a-held-refused-outcome-on-retry-source-existing-root-level-withlock-in-workflow-sidecar-ts-main-unchanged-plus-withsubjectlock-in-assignment-provider-ts-unchanged-now-reached-via-the-new-exported-performlocalclaim-performlocalsupersede AC6 `ensure-session-concurrent-race-safety`: two concurrent `ensure-session` invocations on the same fresh-free subject never both become the claim holder, one wins and the loser sees a `held`/refused… | workflow.acceptance.criterion flow-agents.workflow | pass |
| verified | kontourai-flow-agents-291/ac7-current-json-per-actor-isolation-after-actor-b-runs-ensure-session-on-a-different-subject-actor-a-s-own-current-session-resolution-workflow-sidecar-current-actor-aware-still-resolves-to-a-s-own-session-directory-source-per-actor-dual-write-read-in-writecurrent-currentdir-src-cli-workflow-sidecar-ts AC7 `current-json-per-actor-isolation`: after actor B runs `ensure-session` on a different subject, actor A's own current-session resolution (`workflow:sidecar -- current`, actor-aware) still resolves… | workflow.acceptance.criterion flow-agents.workflow | pass |
| verified | kontourai-flow-agents-291/ac8-current-json-compat-shim-fallback-an-actor-with-no-per-actor-current-file-yet-or-an-unresolved-actor-still-resolves-via-the-legacy-global-current-json-exactly-as-before-this-change-every-named-existing-consumer-stop-goal-fit-js-evidence-capture-js-liveness-heartbeat-js-flow-agents-statusline-js-produces-identical-output-against-a-legacy-only-pre-migration-artifact-root-fixture-source-fallback-branch-in-scripts-hooks-lib-current-pointer-js-readcurrentpointer AC8 `current-json-compat-shim-fallback`: an actor with no per-actor current file yet, or an unresolved actor, still resolves via the legacy global `current.json` exactly as before this change; every n… | workflow.acceptance.criterion flow-agents.workflow | pass |
| verified | kontourai-flow-agents-291/ac9-remediation-sanitized-refusal-remediation-messages-never-contain-raw-control-ansi-bytes-from-actor-holder-assignee-reason-fields-verified-against-a-crafted-hostile-liveness-event-and-a-hostile-effective-state-json-fixture-source-reuse-of-stripcontrolcharsfordisplay-already-in-workflow-sidecar-ts-at-every-interpolation-site-in-the-new-guard-s-die-messages AC9 `remediation-sanitized`: refusal/remediation messages never contain raw control/ANSI bytes from actor/holder/assignee/reason fields, verified against a crafted hostile liveness event and a hostile… | workflow.acceptance.criterion flow-agents.workflow | pass |
| verified | kontourai-flow-agents-291/ac10-config-protection-covers-per-actor-current-config-protection-js-s-protected-path-and-bash-redirect-detectors-block-direct-writes-redirects-to-kontourai-flow-agents-current-actor-json-exactly-as-they-already-do-for-kontourai-flow-agents-current-json-source-new-pattern-in-checkprotectedpathpattern-and-redirect-protected-re AC10 `config-protection-covers-per-actor-current`: `config-protection.js`'s protected-path and Bash-redirect detectors block direct writes/redirects to `.kontourai/flow-agents/current/<actor>.json` ex… | workflow.acceptance.criterion flow-agents.workflow | pass |
| verified | kontourai-flow-agents-291/ac11-gate-scoping-actor-correct-record-gate-claim-writetrustbundle-s-flowdefinition-dual-emit-scoping-resolves-active-flow-id-active-step-id-from-the-calling-actor-s-own-current-pointer-not-a-different-actor-s-more-recently-written-legacy-pointer-source-actor-aware-update-to-declaredclaimtypesfor-writetrustbundle-s-scopedflowagentsdir-check-and-resolveactiveflowstep-in-src-lib-flow-resolver-ts AC11 `gate-scoping-actor-correct`: `record-gate-claim` / `writeTrustBundle`'s FlowDefinition dual-emit scoping resolves `active_flow_id`/`active_step_id` from the CALLING actor's own current-pointer,… | workflow.acceptance.criterion flow-agents.workflow | pass |
Evidence
npm run context-map -- --check exit 0, "docs/context-map.md is current." (unaffected by F1-F5 fix)
kontourai-flow-agents-291/evidence.json
bash evals/run.sh static: 30 PASS / 0 FAIL, exit 0, including 35/35 node --test pure-helper unit tests (unchanged count vs prior verify)
kontourai-flow-agents-291/evidence.json
bash evals/integration/test_ensure_session_ownership_guard.sh: 36/36 assertions PASS, 0 FAIL, exit 0 (AC1,2,3,4,5,6,9) -- now includes new section 3b (F1 cross-tool self-recognition, fix-plan iteration 1) verifying assignment-provider status --self-actor <bare> recognizes an ensure-session claim made under FLOW_AGENTS_…
kontourai-flow-agents-291/evidence.json
bash evals/integration/test_current_json_per_actor.sh: 22/22 assertions PASS, 0 FAIL, exit 0 (AC7,8,10,11) -- now includes new section 6 (F3, fix-plan iteration 1) pinning the legacy-current.json-wins-over-newer-state.json behavior for a resolved single actor
kontourai-flow-agents-291/evidence.json
bash evals/integration/test_assignment_provider_local_file.sh: 34/34 assertions PASS, 0 FAIL, exit 0 -- #290 back-compat suite stays green after the actor_key additive-field fix
kontourai-flow-agents-291/evidence.json
bash evals/integration/test_assignment_provider_github.sh: 45/45 assertions PASS, 0 FAIL, exit 0 -- #290 back-compat suite unaffected
kontourai-flow-agents-291/evidence.json
bash evals/integration/test_pull_work_assignment_join.sh: 10/10 assertions PASS, 0 FAIL, exit 0 -- #290 back-compat suite unaffected
kontourai-flow-agents-291/evidence.json
bash evals/integration/test_workflow_sidecar_writer.sh: all checks passed, exit 0
kontourai-flow-agents-291/evidence.json
bash evals/integration/test_liveness_heartbeat.sh: all checks passed, exit 0 -- includes F4 hot-path short-circuit restoration coverage (mightHaveActiveSession peek before resolveActor())
kontourai-flow-agents-291/evidence.json
bash evals/integration/test_workflow_steering_hook.sh: 9/9 PASS, exit 0
kontourai-flow-agents-291/evidence.json
CI reconcile fix (recast, ADR-0020 class #320/#356): the prior recording named a command-backed check with command "npm run validate:source" (no trailing --), which does not literally match the manifest's source-tree-validation entry ("npm run validate:source --") -- and would be redundant with that manifest lane's own…
kontourai-flow-agents-291/evidence.json
CI reconcile fix (recast, ADR-0020 class #320/#356): bash evals/integration/test_trust_reconcile_manifest.sh is a meta manifest-parity self-check, not itself a manifest/required-lane command, so it cannot be a command-backed (test_output) reconcilable claim -- recast as a non-command-backed folded summary. Result obser…
kontourai-flow-agents-291/evidence.json
iteration-1 re-verify full-gate narrative (NOT command-backed by design): npm run build --silent exit 0 (folded here, not recorded as a standalone command-backed check, since it is already a prerequisite step inside every npm-run-* manifest command above). Independently reproduced (a) the HIGH fix -- claimed under FLOW…
kontourai-flow-agents-291/evidence.json
Three eval suites carry failures independently reproduced as pre-existing baselines, unrelated to the #291 iteration-1 fix: test_goal_fit_hook.sh (1 FAIL, exit 1), test_goal_fit_escape_hatch.sh (5 FAIL, exit 1), test_session_resume_roundtrip.sh (13 FAIL, exit 1) -- identical failure counts to the prior (pre-fix) verify…
kontourai-flow-agents-291/evidence.json
Open questions
Verify it yourself
Download the raw .bundle above, then run it through the named validator — validateTrustBundle from @kontourai/surface. The CLI wraps it and exits non-zero if the artifact is not a well-formed trust.bundle.
Prefer the library directly? The CLI just calls it: