@vellumai/assistant 0.3.28 → 0.4.1

package/src/__tests__/skill-projection-feature-flag.test.ts

@@ -31,10 +31,31 @@ const DECLARED_LEGACY_KEY = 'skills.hatch-new-assistant.enabled';
 
 mock.module('../config/skills.js', () => ({
   loadSkillCatalog: () => mockCatalog,
+  checkSkillRequirements: () => ({ satisfied: true, missing: [] }),
 }));
 
 mock.module('../config/loader.js', () => ({
   getConfig: () => currentConfig,
+  loadConfig: () => currentConfig,
+  invalidateConfigCache: () => {},
+}));
+
+mock.module('../config/assistant-feature-flags.js', () => ({
+  isAssistantFeatureFlagEnabled: (key: string, config: Record<string, unknown>) => {
+    const vals = (config as { assistantFeatureFlagValues?: Record<string, boolean> }).assistantFeatureFlagValues;
+    if (vals && typeof vals[key] === 'boolean') return vals[key];
+    // Check legacy featureFlags too
+    const legacy = (config as { featureFlags?: Record<string, boolean> }).featureFlags;
+    if (legacy && typeof legacy[key] === 'boolean') return legacy[key];
+    return true; // default enabled
+  },
+  loadDefaultsRegistry: () => ({}),
+  getAssistantFeatureFlagDefaults: () => ({}),
+  _resetDefaultsCache: () => {},
+}));
+
+mock.module('../config/skill-state.js', () => ({
+  skillFlagKey: (skillId: string) => `skills.${skillId}.enabled`,
 }));
 
 mock.module('../skills/active-skill-tools.js', () => {
@@ -184,6 +205,7 @@ mock.module('../util/logger.js', () => ({
     debug: () => {},
     error: () => {},
   }),
+  isDebug: () => false,
 }));
 
 // ---------------------------------------------------------------------------

package/src/__tests__/skills.test.ts

@@ -518,14 +518,14 @@ describe('bundled browser skill', () => {
     expect(browserSkill!.disableModelInvocation).toBe(false);
   });
 
-  test('browser skill has a valid tool manifest with 10 tools', () => {
+  test('browser skill has a valid tool manifest with 14 tools', () => {
     const catalog = loadSkillCatalog();
     const browserSkill = catalog.find((s) => s.id === 'browser');
     expect(browserSkill).toBeDefined();
     expect(browserSkill!.toolManifest).toBeDefined();
     expect(browserSkill!.toolManifest!.present).toBe(true);
     expect(browserSkill!.toolManifest!.valid).toBe(true);
-    expect(browserSkill!.toolManifest!.toolCount).toBe(10);
+    expect(browserSkill!.toolManifest!.toolCount).toBe(14);
     expect(browserSkill!.toolManifest!.toolNames).toEqual([
       'browser_navigate',
       'browser_snapshot',
@@ -534,8 +534,12 @@ describe('bundled browser skill', () => {
       'browser_click',
       'browser_type',
       'browser_press_key',
+      'browser_scroll',
+      'browser_select_option',
+      'browser_hover',
       'browser_wait_for',
       'browser_extract',
+      'browser_wait_for_download',
       'browser_fill_credential',
     ]);
   });
@@ -618,10 +622,10 @@ describe('ingress-dependent setup skills declare public-ingress', () => {
     expect(includes).toContain('public-ingress');
   });
 
-  test('slack-oauth-setup includes public-ingress', () => {
+  test('slack-oauth-setup includes browser', () => {
     const includes = readSkillIncludes(VELLUM_SKILLS_DIR, 'slack-oauth-setup');
     expect(includes).toBeDefined();
-    expect(includes).toContain('public-ingress');
+    expect(includes).toContain('browser');
   });
 });
 

package/src/__tests__/slack-channel-config.test.ts

@@ -7,7 +7,9 @@ import { afterAll, beforeEach, describe, expect, mock, test } from 'bun:test';
 const testDir = mkdtempSync(join(tmpdir(), 'slack-channel-cfg-test-'));
 
 mock.module('../config/loader.js', () => ({
-  getConfig: () => ({}),
+  getConfig: () => ({
+    ui: {},
+    }),
   loadConfig: () => ({}),
   loadRawConfig: () => ({}),
   saveRawConfig: () => {},

package/src/__tests__/subagent-tools.test.ts

@@ -6,6 +6,25 @@ import { describe, expect, mock, test } from 'bun:test';
 // Mock conversation-store before importing tool executors that depend on it.
 let mockGetMessages: (conversationId: string) => Array<{ role: string; content: string }> | null = () => null;
 mock.module('../memory/conversation-store.js', () => ({
+  getConversationThreadType: () => 'default',
+  setConversationOriginChannelIfUnset: () => {},
+  updateConversationContextWindow: () => {},
+  deleteMessageById: () => {},
+  updateConversationTitle: () => {},
+  updateConversationUsage: () => {},
+  addMessage: () => ({ id: 'mock-msg-id' }),
+  getConversation: () => ({
+    id: 'conv-1',
+    contextSummary: null,
+    contextCompactedMessageCount: 0,
+    totalInputTokens: 0,
+    totalOutputTokens: 0,
+    totalEstimatedCost: 0,
+    title: null,
+  }),
+  provenanceFromGuardianContext: () => ({ source: 'user', guardianContext: undefined }),
+  getConversationOriginInterface: () => null,
+  getConversationOriginChannel: () => null,
   getMessages: (conversationId: string) => mockGetMessages(conversationId),
   createConversation: () => ({ id: 'mock-conv' }),
 }));

package/src/__tests__/swarm-recursion.test.ts

@@ -30,6 +30,8 @@ mock.module('../util/logger.js', () => ({
 
 mock.module('../config/loader.js', () => ({
   getConfig: () => ({
+    ui: {},
+    
     provider: 'anthropic',
     providerOrder: ['anthropic'],
     apiKeys: { anthropic: 'test-key' },

package/src/__tests__/swarm-session-integration.test.ts

@@ -21,6 +21,8 @@ let hasApiKey = true;
 
 mock.module('../config/loader.js', () => ({
   getConfig: () => ({
+    ui: {},
+    
     provider: 'anthropic',
     providerOrder: ['anthropic'],
     apiKeys: { anthropic: hasApiKey ? 'test-key' : '' },

package/src/__tests__/swarm-tool.test.ts

@@ -12,6 +12,8 @@ mock.module('../util/logger.js', () => ({
 
 mock.module('../config/loader.js', () => ({
   getConfig: () => ({
+    ui: {},
+    
     provider: 'anthropic',
     providerOrder: ['anthropic'],
     apiKeys: { anthropic: 'test-key' },

package/src/__tests__/system-prompt.test.ts

@@ -49,6 +49,8 @@ mock.module('../util/logger.js', () => ({
 
 mock.module('../config/loader.js', () => ({
   getConfig: () => ({
+    ui: {},
+    
     sandbox: { enabled: true },
   }),
 }));
@@ -203,7 +205,7 @@ describe('buildSystemPrompt', () => {
 
   test('config section uses workspace directory from platform util', () => {
     const result = buildSystemPrompt();
-    expect(result).toContain(`Your workspace is mounted at \`/workspace/\` inside the Docker sandbox (host path: \`${TEST_DIR}/\`)`);
+    expect(result).toContain(`Your configuration directory is \`${TEST_DIR}/\`.`);
   });
 
   test('omits user skills from catalog when none are configured', () => {

package/src/__tests__/task-compiler.test.ts

@@ -28,7 +28,9 @@ mock.module('../util/logger.js', () => ({
 }));
 
 mock.module('../config/loader.js', () => ({
-  getConfig: () => ({ memory: {} }),
+  getConfig: () => ({
+    ui: {},
+     memory: {} }),
 }));
 
 mock.module('./indexer.js', () => ({

package/src/__tests__/task-management-tools.test.ts

@@ -27,7 +27,9 @@ mock.module('../util/logger.js', () => ({
 }));
 
 mock.module('../config/loader.js', () => ({
-  getConfig: () => ({ memory: {} }),
+  getConfig: () => ({
+    ui: {},
+     memory: {} }),
 }));
 
 mock.module('../tools/registry.js', () => ({

package/src/__tests__/task-tools.test.ts

@@ -27,7 +27,9 @@ mock.module('../util/logger.js', () => ({
 }));
 
 mock.module('../config/loader.js', () => ({
-  getConfig: () => ({ memory: {} }),
+  getConfig: () => ({
+    ui: {},
+     memory: {} }),
 }));
 
 mock.module('./indexer.js', () => ({

package/src/__tests__/terminal-sandbox.test.ts

@@ -177,20 +177,21 @@ describe('terminal sandbox — macOS sandbox-exec behavior', () => {
     expect(result.args.slice(2)).toEqual(['bash', '-c', '--', 'echo hello']);
   });
 
-  test('throws ToolError for working dirs with SBPL metacharacters', () => {
-    expect(() => wrapCommand('pwd', '/tmp/bad"dir', nativeConfig())).toThrow(ToolError);
-    expect(() => wrapCommand('pwd', '/tmp/bad(dir', nativeConfig())).toThrow(ToolError);
-    expect(() => wrapCommand('pwd', '/tmp/bad;dir', nativeConfig())).toThrow(ToolError);
+  test('escapes SBPL metacharacters in working dirs instead of throwing', () => {
+    // The sandbox now escapes metacharacters rather than rejecting them
+    const result1 = wrapCommand('pwd', '/tmp/bad"dir', nativeConfig());
+    expect(result1.sandboxed).toBe(true);
+    const result2 = wrapCommand('pwd', '/tmp/bad(dir', nativeConfig());
+    expect(result2.sandboxed).toBe(true);
+    const result3 = wrapCommand('pwd', '/tmp/bad;dir', nativeConfig());
+    expect(result3.sandboxed).toBe(true);
   });
 
-  test('SBPL metacharacter error mentions unsafe characters', () => {
-    try {
-      wrapCommand('pwd', '/tmp/bad"dir', nativeConfig());
-      throw new Error('should have thrown');
-    } catch (err) {
-      expect(err).toBeInstanceOf(ToolError);
-      expect((err as Error).message).toContain('SBPL metacharacters');
-    }
+  test('SBPL profile escapes metacharacters in working dir path', () => {
+    // Verify the sandbox profile is written with escaped chars
+    wrapCommand('pwd', '/tmp/bad"dir', nativeConfig());
+    const profileContent = writeFileSyncMock.mock.calls[0]?.[1] as string;
+    expect(profileContent).toContain('bad\\"dir');
   });
 });
 

package/src/__tests__/terminal-tools.test.ts

@@ -34,6 +34,8 @@ mock.module('../util/platform.js', () => ({
 
 mock.module('../config/loader.js', () => ({
   getConfig: () => ({
+    ui: {},
+    
     timeouts: { shellDefaultTimeoutSec: 120, shellMaxTimeoutSec: 600 },
     sandbox: {
       enabled: false,

package/src/__tests__/tool-approval-handler.test.ts

@@ -100,7 +100,7 @@ function makeContext(overrides: Partial<ToolContext> = {}): ToolContext {
     conversationId: 'conv-1',
     assistantId: 'self',
     requestId: 'req-1',
-    guardianActorRole: 'non-guardian',
+    guardianTrustClass: 'trusted_contact',
     ...overrides,
   };
 }
@@ -134,7 +134,7 @@ describe('ToolApprovalHandler / pre-exec gate grant check', () => {
     );
     expect(mintResult.ok).toBe(true);
 
-    const context = makeContext({ guardianActorRole: 'non-guardian' });
+    const context = makeContext({ guardianTrustClass: 'trusted_contact' });
     const result = await handler.checkPreExecutionGates(
       toolName, input, context, 'host', 'high', Date.now(), emitLifecycleEvent,
     );
@@ -149,7 +149,7 @@ describe('ToolApprovalHandler / pre-exec gate grant check', () => {
     const toolName = 'bash';
     const input = { command: 'rm -rf /' };
 
-    const context = makeContext({ guardianActorRole: 'non-guardian' });
+    const context = makeContext({ guardianTrustClass: 'trusted_contact' });
     const result = await handler.checkPreExecutionGates(
       toolName, input, context, 'host', 'high', Date.now(), emitLifecycleEvent,
     );
@@ -177,7 +177,7 @@ describe('ToolApprovalHandler / pre-exec gate grant check', () => {
       }),
     );
 
-    const context = makeContext({ guardianActorRole: 'unverified_channel' });
+    const context = makeContext({ guardianTrustClass: 'unknown' });
     const result = await handler.checkPreExecutionGates(
       toolName, input, context, 'host', 'high', Date.now(), emitLifecycleEvent,
     );
@@ -189,7 +189,7 @@ describe('ToolApprovalHandler / pre-exec gate grant check', () => {
     const toolName = 'bash';
     const input = { command: 'deploy' };
 
-    const context = makeContext({ guardianActorRole: 'unverified_channel' });
+    const context = makeContext({ guardianTrustClass: 'unknown' });
     const result = await handler.checkPreExecutionGates(
       toolName, input, context, 'host', 'high', Date.now(), emitLifecycleEvent,
     );
@@ -212,7 +212,7 @@ describe('ToolApprovalHandler / pre-exec gate grant check', () => {
       }),
     );
 
-    const context = makeContext({ guardianActorRole: 'non-guardian' });
+    const context = makeContext({ guardianTrustClass: 'trusted_contact' });
 
     // First invocation — should consume the grant and allow
     const first = await handler.checkPreExecutionGates(
@@ -241,7 +241,7 @@ describe('ToolApprovalHandler / pre-exec gate grant check', () => {
       }),
     );
 
-    const context = makeContext({ guardianActorRole: 'non-guardian' });
+    const context = makeContext({ guardianTrustClass: 'trusted_contact' });
     const result = await handler.checkPreExecutionGates(
       toolName, invokeInput, context, 'host', 'high', Date.now(), emitLifecycleEvent,
     );
@@ -264,7 +264,7 @@ describe('ToolApprovalHandler / pre-exec gate grant check', () => {
       }),
     );
 
-    const context = makeContext({ guardianActorRole: 'non-guardian' });
+    const context = makeContext({ guardianTrustClass: 'trusted_contact' });
     const result = await handler.checkPreExecutionGates(
       toolName, input, context, 'host', 'high', Date.now(), emitLifecycleEvent,
     );
@@ -277,7 +277,7 @@ describe('ToolApprovalHandler / pre-exec gate grant check', () => {
     const input = { command: 'deploy' };
 
     // No grants minted at all
-    const context = makeContext({ guardianActorRole: 'guardian' });
+    const context = makeContext({ guardianTrustClass: 'guardian' });
     const result = await handler.checkPreExecutionGates(
       toolName, input, context, 'host', 'high', Date.now(), emitLifecycleEvent,
     );
@@ -290,7 +290,7 @@ describe('ToolApprovalHandler / pre-exec gate grant check', () => {
     const toolName = 'bash';
     const input = { command: 'deploy' };
 
-    const context = makeContext({ guardianActorRole: undefined });
+    const context = makeContext({ guardianTrustClass: undefined });
     const result = await handler.checkPreExecutionGates(
       toolName, input, context, 'host', 'high', Date.now(), emitLifecycleEvent,
     );
@@ -309,7 +309,7 @@ describe('ToolApprovalHandler / pre-exec gate grant check', () => {
       }),
     );
 
-    const context = makeContext({ guardianActorRole: 'non-guardian', requestId: 'req-1' });
+    const context = makeContext({ guardianTrustClass: 'trusted_contact', requestId: 'req-1' });
     const result = await handler.checkPreExecutionGates(
       toolName, input, context, 'host', 'high', Date.now(), emitLifecycleEvent,
     );
@@ -333,7 +333,7 @@ describe('ToolApprovalHandler / pre-exec gate grant check', () => {
 
     // Context conversationId does not match the grant's conversationId
     const context = makeContext({
-      guardianActorRole: 'non-guardian',
+      guardianTrustClass: 'trusted_contact',
       conversationId: 'conv-1',
     });
     const result = await handler.checkPreExecutionGates(
@@ -349,7 +349,7 @@ describe('ToolApprovalHandler / pre-exec gate grant check', () => {
 
     // executionChannel defaults to undefined (non-voice)
     const context = makeContext({
-      guardianActorRole: 'non-guardian',
+      guardianTrustClass: 'trusted_contact',
       executionChannel: 'telegram',
     });
 
@@ -383,7 +383,7 @@ describe('ToolApprovalHandler / pre-exec gate grant check', () => {
     }, 300);
 
     const context = makeContext({
-      guardianActorRole: 'non-guardian',
+      guardianTrustClass: 'trusted_contact',
       executionChannel: 'voice',
     });
 
@@ -408,7 +408,7 @@ describe('ToolApprovalHandler / pre-exec gate grant check', () => {
     setTimeout(() => controller.abort(), 200);
 
     const context = makeContext({
-      guardianActorRole: 'non-guardian',
+      guardianTrustClass: 'trusted_contact',
       executionChannel: 'voice',
       signal: controller.signal,
     });

package/src/__tests__/tool-execution-abort-cleanup.test.ts

@@ -22,6 +22,8 @@ import { mock } from 'bun:test';
 
 mock.module('../config/loader.js', () => ({
   getConfig: () => ({
+    ui: {},
+    
     provider: 'anthropic',
     model: 'test',
     apiKeys: {},

package/src/__tests__/tool-execution-pipeline.benchmark.test.ts

@@ -59,6 +59,8 @@ mock.module('../permissions/trust-store.js', () => ({
 
 mock.module('../config/loader.js', () => ({
   getConfig: () => ({
+    ui: {},
+    
     provider: 'mock-provider',
     timeouts: { permissionTimeoutSec: 5, toolExecutionTimeoutSec: 120 },
     permissions: { mode: 'legacy' },

package/src/__tests__/tool-grant-request-escalation.test.ts

@@ -147,7 +147,7 @@ function makeContext(overrides: Partial<ToolContext> = {}): ToolContext {
     conversationId: 'conv-1',
     assistantId: 'self',
     requestId: 'req-1',
-    guardianActorRole: 'non-guardian',
+    guardianTrustClass: 'trusted_contact',
     executionChannel: 'telegram',
     requesterExternalUserId: 'requester-1',
     ...overrides,
@@ -204,7 +204,7 @@ describe('ToolApprovalHandler / grant-miss escalation', () => {
     const toolName = 'bash';
     const input = { command: 'cat /etc/passwd' };
 
-    const context = makeContext({ guardianActorRole: 'non-guardian' });
+    const context = makeContext({ guardianTrustClass: 'trusted_contact' });
     const result = await handler.checkPreExecutionGates(
       toolName, input, context, 'host', 'high', Date.now(), emitLifecycleEvent,
     );
@@ -231,7 +231,7 @@ describe('ToolApprovalHandler / grant-miss escalation', () => {
     const toolName = 'bash';
     const input = { command: 'deploy' };
 
-    const context = makeContext({ guardianActorRole: 'non-guardian' });
+    const context = makeContext({ guardianTrustClass: 'trusted_contact' });
     const result = await handler.checkPreExecutionGates(
       toolName, input, context, 'host', 'high', Date.now(), emitLifecycleEvent,
     );
@@ -247,7 +247,7 @@ describe('ToolApprovalHandler / grant-miss escalation', () => {
     const toolName = 'bash';
     const input = { command: 'rm -rf /' };
 
-    const context = makeContext({ guardianActorRole: 'non-guardian' });
+    const context = makeContext({ guardianTrustClass: 'trusted_contact' });
 
     // First invocation creates the request
     await handler.checkPreExecutionGates(
@@ -288,7 +288,7 @@ describe('ToolApprovalHandler / grant-miss escalation', () => {
     const input = { command: 'ls' };
 
     const context = makeContext({
-      guardianActorRole: 'unverified_channel',
+      guardianTrustClass: 'unknown',
       executionChannel: 'telegram',
       requesterExternalUserId: 'unknown-user',
     });
@@ -314,7 +314,7 @@ describe('ToolApprovalHandler / grant-miss escalation', () => {
     const input = { command: 'deploy' };
 
     const context = makeContext({
-      guardianActorRole: 'non-guardian',
+      guardianTrustClass: 'trusted_contact',
       executionChannel: undefined, // no channel info
     });
     const result = await handler.checkPreExecutionGates(
@@ -449,7 +449,7 @@ describe('end-to-end: tool grant escalation -> approval -> consume', () => {
     const input = { command: 'echo secret' };
     const _inputDigest = computeToolApprovalDigest(toolName, input);
 
-    const context = makeContext({ guardianActorRole: 'non-guardian' });
+    const context = makeContext({ guardianTrustClass: 'trusted_contact' });
 
     // Step 1: First invocation is denied, but a tool_grant_request is created
     const firstResult = await handler.checkPreExecutionGates(

package/src/__tests__/trusted-contact-lifecycle-notifications.test.ts

@@ -419,6 +419,54 @@ describe('trusted contact activated notification signal', () => {
     expect(hints.urgency).toBe('low');
   });
 
+  test('re-verification preserves an existing guardian-managed member display name', async () => {
+    createBinding({
+      assistantId: 'self',
+      channel: 'telegram',
+      guardianExternalUserId: 'guardian-user-789',
+      guardianDeliveryChatId: 'guardian-chat-789',
+    });
+
+    upsertMember({
+      assistantId: 'self',
+      sourceChannel: 'telegram',
+      externalUserId: 'requester-user-456',
+      externalChatId: 'chat-123',
+      status: 'revoked',
+      policy: 'allow',
+      displayName: 'Jeff',
+    });
+
+    const session = createOutboundSession({
+      assistantId: 'self',
+      channel: 'telegram',
+      expectedExternalUserId: 'requester-user-456',
+      expectedChatId: 'chat-123',
+      identityBindingStatus: 'bound',
+      destinationAddress: 'chat-123',
+      verificationPurpose: 'trusted_contact',
+    });
+
+    const verifyReq = buildInboundRequest({
+      content: session.secret,
+      externalChatId: 'chat-123',
+      senderExternalUserId: 'requester-user-456',
+      senderName: 'Noa Flaherty',
+    });
+
+    await handleChannelInbound(verifyReq, undefined, TEST_BEARER_TOKEN);
+
+    const member = findMember({
+      assistantId: 'self',
+      sourceChannel: 'telegram',
+      externalUserId: 'requester-user-456',
+      externalChatId: 'chat-123',
+    });
+    expect(member).not.toBeNull();
+    expect(member!.status).toBe('active');
+    expect(member!.displayName).toBe('Jeff');
+  });
+
   test('guardian verification does NOT emit activated signal', async () => {
     // Create an inbound challenge (guardian flow, not trusted contact)
     // eslint-disable-next-line @typescript-eslint/no-require-imports

package/src/__tests__/trusted-contact-multichannel.test.ts

@@ -59,6 +59,19 @@ mock.module('../notifications/emit-signal.js', () => ({
       deliveryResults: [],
     };
   },
+  registerBroadcastFn: () => {},
+}));
+
+// Mock access-request-helper directly to capture notification calls.
+// Bun's mock.module does not intercept transitive imports reliably, so
+// mocking emit-signal.js alone is not sufficient — access-request-helper
+// imports emit-signal before the mock takes effect.
+const notifyGuardianCalls: Array<Record<string, unknown>> = [];
+mock.module('../runtime/access-request-helper.js', () => ({
+  notifyGuardianOfAccessRequest: (params: Record<string, unknown>) => {
+    notifyGuardianCalls.push(params);
+    return { notified: true, created: true, requestId: `mock-req-${Date.now()}` };
+  },
 }));
 
 const deliverReplyCalls: Array<{ url: string; payload: Record<string, unknown> }> = [];
@@ -75,7 +88,6 @@ mock.module('../runtime/approval-message-composer.js', () => ({
 
 import {
   createBinding,
-  findPendingAccessRequestForRequester,
 } from '../memory/channel-guardian-store.js';
 import { getDb, initializeDb, resetDb } from '../memory/db.js';
 import { findMember, upsertMember } from '../memory/ingress-member-store.js';
@@ -109,6 +121,7 @@ function resetState(): void {
   db.run('DELETE FROM notification_events');
   db.run('DELETE FROM assistant_ingress_members');
   emitSignalCalls.length = 0;
+  notifyGuardianCalls.length = 0;
   deliverReplyCalls.length = 0;
 }
 
@@ -186,7 +199,10 @@ for (const config of CHANNEL_CONFIGS) {
       expect(json.denied).toBe(true);
       expect(json.reason).toBe('not_a_member');
       expect(deliverReplyCalls.length).toBe(1);
-      expect((deliverReplyCalls[0].payload as Record<string, unknown>).text).toContain("you haven't been approved");
+      const replyText = (deliverReplyCalls[0].payload as Record<string, unknown>).text as string;
+      expect(
+        replyText.includes("you haven't been approved") || replyText.includes("you don't have access"),
+      ).toBe(true);
     });
 
     test('guardian is notified when a non-member messages', async () => {
@@ -203,23 +219,10 @@ for (const config of CHANNEL_CONFIGS) {
 
       expect(json.denied).toBe(true);
 
-      // Notification signal was emitted for the correct channel
-      expect(emitSignalCalls.length).toBe(1);
-      expect(emitSignalCalls[0].sourceEventName).toBe('ingress.access_request');
-      expect(emitSignalCalls[0].sourceChannel).toBe(config.channel);
-
-      const payload = emitSignalCalls[0].contextPayload as Record<string, unknown>;
-      expect(payload.senderExternalUserId).toBe(config.senderExternalUserId);
-
-      // Approval request was created for the correct channel
-      const pending = findPendingAccessRequestForRequester(
-        'self',
-        config.channel,
-        config.senderExternalUserId,
-        'ingress_access_request',
-      );
-      expect(pending).not.toBeNull();
-      expect(pending!.channel).toBe(config.channel);
+      // Guardian notification helper was called for the correct channel
+      expect(notifyGuardianCalls.length).toBe(1);
+      expect(notifyGuardianCalls[0].sourceChannel).toBe(config.channel);
+      expect(notifyGuardianCalls[0].senderExternalUserId).toBe(config.senderExternalUserId);
     });
 
     test('verification creates active member for channel', () => {