session-capture — agent-session capture & provenance unlock
Record, for **every** pipeline agent conversation (Think/Plan/Build/Verify/Learn) on **both** Claude Code and Codex, the session pointer plus full provenance — the moment each fact is knowable — so Anatomia starts banking a labeled dataset of every run immediately. This is the "Scope 0" unlock from the anatrace spike: it closes Anatomia's process-trust gap (today the proof verifies the *outcome* but trusts that each agent followed its mandate) by first capturing the raw material that later scopes will verify and analyze.
verdict PASSscore 35 / 35findings 12 (2 risk · 1 debt · 9 obs)duration 14h 30mrejection cycles 0shipped Jun 8, 2026surface cli
Pipeline timeline
Intent to proven code in 14h 30m across Think, Plan, and 2 Build→Verify phases.
Think657m
Plan21m
Build 136m
Verify 16m
Build 2103m
Verify 25m
Assertion ledger
35 claims, each independently verified. Showing 8 — show all →
| ID | Says | Matcher | |
|---|---|---|---|
| A001 | Every launched agent is tagged with which harness it runs on | verified | ok |
| A002 | Every launched agent is tagged with its pipeline role | verified | ok |
| A003 | Each session records a fingerprint of the agent definition it ran | verified | ok |
| A004 | Tagging a session never strips the agent's existing environment | verified | ok |
| A005 | A build launched inside a work item's worktree is tagged with that work item | verified | ok |
| A006 | Think and Learn sessions, which have no work item, are tagged with an empty slug | verified | ok |
| A007 | Planning can be tied to a specific work item when the user names it | verified | ok |
| A008 | Each session is recorded with the pointer to its own transcript | verified | ok |
Findings 12 total
debtpackages/cli/tests/commands/init/assets-capture-hooks.test.ts→ scope
Codex capture install/prune path (applyCodexCaptureHooks) has zero automated test coverage — init integration test runs only --platforms claude
riskpackages/cli/src/commands/init/assets.ts→ scope
Codex config.toml [features] hooks=true is written only when the file is absent — a customer with a pre-existing .codex/config.toml that lacks the flag, turning capture on, gets hooks.json but no enablement, so the SessionStart hook silently never fires
obspackages/cli/src/commands/init/assets.ts→ monitor
pruneCaptureHook leaves empty hook-event arrays — a project whose only SessionStart entry was ours becomes "SessionStart": [] after flip-off (harmless cruft, no hook fires)
obspackages/cli/tests/commands/_capture.test.ts→ monitor
A013 no-network is a static source-scan (asserts no network-module imports / no fetch() in the capture source), not a runtime network counter — would not catch network I/O reached via an already-imported transitive module. Spec-sanctioned enforcement approach; low risk given capture path is fs+os only
obspackages/cli/src/commands/run.ts→ acknowledge
Empirical cwd/slug checkpoint from spec-1 (confirm real cwd of an ana run build/verify launch) has no in-repo evidence. Slug resolves via detectWorktreeSlug(projectRoot), unit-tested with a worktree-meta fixture; clean-degrade (empty slug) covers the worst case regardless
+7more findings
Integrity seal
scopesha256:3113946389f3b...
contractsha256:130cc607fb298...
plansha256:060998173c096...
spec-1sha256:02c3503620b3f...
spec-2sha256:ba2ee107e68ca...
build-report-1sha256:4cb3949e37e55...
build-data-1sha256:41663716e5895...
verify-report-1sha256:f03de33e3d240...
verify-data-1sha256:ca819e28f003b...
build-report-2sha256:4b61be9963e02...
build-data-2sha256:a294313700e71...
verify-report-2sha256:6cb4f0e80136a...
verify-data-2sha256:ee1dcac19597b...
audit cmd$ ana proof audit session-capture → all hashes match