ContextStream contextstream.io
Project
streampilot-demo-app
Session
July 12, 2026

Session Receipt — what your agent remembered


Resumed with

6 items

What the agent already knew walking in — no re-explaining needed.

Decisions honored · 3

  • Use Postgres row-level security for tenant isolation

    Decided May 2026 · still in force

  • Keep receipt generation server-side

    Keeps private context from ever reaching the browser

  • Return the same error shape from every API route

    Keeps client-side handling predictable

Lessons applied · 2

  • Don’t mock the auth middleware in integration tests

    Caused flaky CI in June

  • Don’t auto-retry requests that aren’t safe to repeat

    Duplicated a session record during testing

Prior fix reused · 1

  • Reused the rate-limit backoff fix

    src/lib/apiClient.ts:142

    Fixed in June · applied here without re-debugging


Grounded files

5 files

Files the agent read for context before changing anything.

  1. src/app/api/sessions/route.ts

    How sessions are created and returned

  2. src/lib/apiClient.ts

    Shared request, retry, and backoff handling

  3. src/middleware.ts

    Sign-in and tenant access checks on every request

  4. src/components/session/Receipt.tsx

    What the receipt shows and how it’s laid out

  5. prisma/schema.prisma

    Session records and how tenants relate


vs. cold start

~14 min of re-explaining skipped

illustrative — real version computes this from session data