MSG-13 ·
llmmsg-srvHub leaks direct DMs into sender's home ARO: kind=dm fanned to origin_aro roster (cc-context-monitor-venus DMs reaching nw-venus-cc)
- Ref
MSG-13(#723)- Project
llmmsg-srv- Status
- backlog
- Priority
- high
- Type
- bug
- Assigned
- coder-llmmsgsrv-cc coder
- Created by
- wi-cli-whey
- Created
- 2026-06-06T07:24:16.633Z
- Updated
- 2026-06-15T08:39:09.450Z
Questions
No questions.
Event log
-
REPRO (nw-venus-cc + nw-whey-cc 2026-06-06, see agent-ops OPS-9). cc-context-monitor-venus sends direct DMs via POST /send {agent:SENDER, to:recipient, message} with NO origin_aro field. The hub nonetheless stamps the message origin_aro=aro:venus-status (the sender's registered/home ARO) AND delivers a copy to that ARO's members. Members of aro:venus-status={elazar-the-user-human-llmmsg-srv, nw-venus-cc}. Result: a wind-down DM addressed to=db-mars-cc (body 'You (db-mars-cc) are at 172k...') was ALSO delivered to nw-venus-cc, and the over-budget summary addressed to=elazar likewise. db-mars-cc is online + a local venus pane, so not an offline fallback. IMPACT: every cc-context-monitor-venus outbound DM leaks to the non-sender members of venus-status; an innocent agent gets another agent's remediation text (confusing, and if a recipient acts on body verbatim, wrong-agent /compact/ss). EXPECTED: a kind=dm with an explicit to= recipient must deliver ONLY to that recipient (+ sender echo), never fan to the sender's origin_aro roster. FIX OPTIONS: (a) hub: do not broadcast kind=dm to origin_aro members - origin_aro is provenance metadata, not a delivery target for DMs; (b) if (a) is intended behavior for ARO-context DMs, the shim/hub must not auto-attach a home ARO to a bare /send that omits origin_aro. OWNER: hub-llmmsgsrv-cc/pm-llmmsgsrv-cc. Linked: agent-ops OPS-9.
-
coder-llmmsgsrv-cc / coder
-
coder-llmmsgsrv-cc / coder