React Doctor found no issues in the changed files. 🎉

_{Reviewed by React Doctor for commit 9ec4d33.}

Fix the following 2 code review issues. Work through them one at a time, proposing concise fixes.

---

### Issue 1 of 2
packages/core/src/sessions/sessionService.ts:1085-1130
**Duplicate save object and drifting `createdAt`**

All nine fields in the first `pendingPrompts.save` call are repeated verbatim in the second — the only difference is `taskRunId`. Because both calls evaluate `recovered?.createdAt ?? Date.now()` independently, the second call's `createdAt` is captured *after* the `await client.createTaskRun(taskId)` round-trip, so the value that actually lands in persistent storage is later than "when the prompt was first written ahead". If this timestamp is ever used for staleness checks or a future reconciler, it will undercount age. Building the base record once before both saves fixes the duplication and pins the timestamp correctly.

### Issue 2 of 2
packages/ui/src/features/sessions/sessionServiceHost.test.ts:189-201
**Write-ahead behaviour is not asserted in the host integration tests**

The `pendingPromptStore` mock is wired in but its methods are never checked in any `connectToTask` test. The new critical-path behaviours — `save` called before `createTaskRun`, `save` called again with `taskRunId` after the run exists, `remove` called only after `sendPrompt` resolves, and the recovery path where `get` returns a saved record and re-drives the prompt — are all exercised by the production code under test but invisible to the suite. A future regression here would pass every existing test.

_{Reviews (1): Last reviewed commit: "fix(sessions): durably write-ahead the s..." | Re-trigger Greptile}

Verdict: 💬 APPROVE WITH NITS

Solid, well-motivated change that slots cleanly into the existing sessionConfigStore/adapterStore shape. No correctness or security blockers — all findings are non-blocking improvements. Both voice reviewers independently said "ship as you see fit".

Key findings

• 🟡 MEDIUM — duplicated write-ahead save block (convergent: paul + xp): the PendingPromptRecord is assembled twice, differing only by taskRunId. Build it once and re-save with { ...pending, taskRunId }.
• 🟡 MEDIUM — recovery is silent: no log/track when a prompt is actually recovered, so we can't tell the safety net is catching anything (or whether the 30s-timeout theory holds in the wild).
• 🟡 MEDIUM — recovery path untested: get() is mocked to undefined everywhere, so createNewLocalSession's recovery branch never executes in a test. Add one where get() returns a record and assert deliver + remove.
• 🟢 LOW — "impossible to lose" oversells it: persist is async fire-and-forget and can be dropped pre-hydration; soften the wording.
• 🟢 LOW — YAGNI: listPrompts() / taskRunId have no consumer until the future reconciler.
• ⚪ NIT: removePrompt guard diverges from the sibling removeConfigOptions.

Convergence

• The duplicated save block was flagged independently by paul and xp → highest-confidence finding.

Reviewer summaries

Automated by QA Swarm — not a human review

Actioned the qa-swarm findings in bc252db:

• ✅ Dedupe the write-ahead save (convergent paul + xp) — record built once, re-saved with { ...pending, taskRunId }.
• ✅ Recovery is observable — log.info("Recovered a written-ahead prompt…", { taskId, ageMs }) when the safety net catches a prompt.
• ✅ Softened "impossible to lose" → "very unlikely" in both the doc comment and the contract, noting persistence is async/best-effort.

Deferred (author's call):

• ⏭ Integration test for the recovery branch — worth pinning, but it means making the store mock return a record in the 950-line host harness; left for a focused follow-up rather than auto-applied.
• ⏭ YAGNI on listPrompts()/taskRunId and the removePrompt guard divergence — both are intentional groundwork for the server-side reconciler; keeping as-is.

Tests stay green: core 162 (sessions), ui host+store suites 122.

Triaged the Codex + Greptile findings (they converged with qa-swarm on the duplicate save, already fixed):

• ✅ Codex P2 — clear only on real delivery (ebc75e6): sendPrompt can resolve without delivering ("queued" when the session is busy, "rate_limited" when sendLocalPrompt swallows the usage-limit error). We now only remove() the write-ahead record when stopReason is neither — otherwise the prompt is kept. Good catch; this was a real (narrow) loss window I'd reintroduced.
• ✅ Greptile P2 — duplicate save / drifting createdAt (bc252db): record built once, so Date.now() is evaluated once too.
• ⏭ Codex P1 — recover owed prompts on the resume-existing route (deferred): correct and important — routeLocalConnect returns resume-existing whenever a run id + log URL exist, so a run stranded by a timed-out first attempt routes to reconnectToLocalSession, which doesn't consult pendingPrompts. The client-side recovery in this PR only covers the create-new route. Full coverage of the resume path belongs with the server-side reconciler / startup-sweep follow-up already called out in the PR description (it needs "resumed run that never received its prompt" detection + tests). Tracking it there rather than widening this PR.
• ⏭ Greptile P2 / paul — integration test for the recovery branch (deferred): same as noted above; follow-up.

Net: two real fixes applied, the deeper resume-path recovery consciously deferred to the reconciler follow-up. Re-pushed at ebc75e6.

Closed out the remaining review threads in 9ec4d33:

• ✅ Codex P1 — recover owed prompts on the resume-existing route: a run stranded before delivery routes to reconnectToLocalSession on the next connect, so it now delivers the owed write-ahead prompt there too — guarded on the resumed log carrying no prompt event yet. Pulled the deliver-then-clear-on-confirmed-delivery logic into a shared deliverWrittenAheadPrompt() so both routes share it.
• ✅ xp YAGNI — listPrompts() / taskRunId: dropped the speculative surface (and the second save that only existed to populate taskRunId) since the reconciler that would consume them isn't in this PR. Bonus: this removes the duplicated save entirely rather than just deduping it.
• ✅ recovery now under test: three e2e tests against the real store — delivery on create-new, delivery on resume-existing, and no delivery when the resumed run already has a prompt event.
• ⚪ removePrompt guard divergence (NIT): intentional — the guard is the safer side; left as-is.

All review threads are now actioned or resolved-by-design. Local: core 162 + ui sessions 224 green; core + ui typecheck clean.