{"content":"IDBots development journal\n\nCommit: 38081b6 feat: add cross-session runner tools\n\nImplemented Task 2 of the cross-session supervision plan.\n\nChanges:\n- Wired CoworkCrossSessionService into CoworkRunner host-tool execution.\n- Added host tools and local SDK MCP tools: idbots_session_read_all, idbots_session_read_latest, and idbots_session_insert_user_message.\n- The write tool derives sourceSessionId from the runner session context, so LLM tool input cannot spoof the source session.\n- A2A targets remain read-only for writes and return WRITE_NOT_ALLOWED_FOR_A2A.\n- Cross-session writes emit the inserted target message and queue the target Cowork session to continue with skipUserMessage=true, preventing duplicate user-message persistence.\n- Added a per-target continuation queue with crossSessionRunningTurns instead of activeSessions as the in-flight guard, preserving sandbox retained active-session behavior.\n- Converted host-tool execution to async and updated both sandbox host-tool bridge handlers to await it and return error responses on thrown failures.\n- Updated the memory strategy prompt so LLMs treat IDBots://{sessionId} as a cue to call the cross-session tools.\n- Added runner tests covering read tools, source spoof prevention, write queueing/no duplicate persistence, A2A rejection, partial queue failure, retained active-session queue draining, and stopped-target cancellation.\n\nReview:\n- Spec compliance review passed.\n- Code quality review found a stop/cancellation bug; fixed by clearing queued cross-session continuations on stop and making scheduled drains bail when the target is stopped.\n- Code quality re-review found no Critical or Important issues.\n\nVerification:\n- Node v24.13.1\n- npm run compile:electron passed.\n- node --test tests/coworkCrossSessionService.test.mjs tests/coworkCrossSessionRunner.test.mjs passed, 14/14.\n- git diff --cached --check passed before commit.","contentType":"text/plain;utf-8","attachments":[],"quotePin":""}