@vellumai/assistant 0.4.11 → 0.4.13

package/src/config/bundled-skills/doordash/SKILL.md

@@ -0,0 +1,171 @@
+---
+name: "DoorDash"
+description: "Order food, groceries, and convenience items from DoorDash using the built-in CLI integration"
+user-invocable: true
+metadata:
+  {
+    "vellum":
+      {
+        "emoji": "\uD83C\uDF55",
+        "cli": { "command": "doordash", "entry": "doordash-entry.ts" },
+      },
+  }
+---
+
+You can order food from DoorDash for the user using the `doordash` CLI.
+
+## CLI Setup
+
+**IMPORTANT: Always use `host_bash` (not `bash`) for all `doordash` commands.** The DoorDash CLI needs host access for Chrome CDP, session cookies, and the CLI binary — none of which are available inside the sandbox.
+
+`doordash` is a standalone CLI tool installed at `~/.vellum/bin/doordash`. It should already be on your PATH. If `doordash` is not found, prepend `PATH="$HOME/.vellum/bin:$PATH"` to the command. Do NOT search for the binary, inspect wrapper scripts, or try to discover how the CLI works. Just run the commands as documented below.
+
+## Task Progress Widget
+
+A task progress card is shown automatically when you run your first `doordash` command. Its surface ID is `doordash-progress`. As each step completes, call `ui_update` with surface ID `doordash-progress` to update step statuses. Update `data.templateData.steps` — set completed steps to `"status": "completed"` with a `"detail"` string, the current step to `"status": "in_progress"`, and future steps to `"status": "pending"`. Adapt the steps to the actual flow (e.g. skip "Search restaurants" if the user named a specific store).
+
+## Typical Flow
+
+When the user asks you to order food (e.g. "Order pizza from Andiamo's"):
+
+1. **Check session** — run `doordash status --json`. If `loggedIn` is false or the session is expired, tell the user: "A Chrome window will open to the DoorDash login page. Please sign in there — I'll detect your login automatically and minimize the window." Then run `doordash refresh --json`. This starts a Ride Shotgun learn session that records your login and auto-stops once it detects you've signed in. The session is imported automatically. **This command blocks until login is complete — just wait for it.**
+
+   Keep the DoorDash Chrome window open in the background — it's needed for API requests.
+
+2. **Search** — run `doordash search "<query>" --json` to find matching restaurants. Present the top results to the user with name, rating, and delivery info. If the user named a specific restaurant, pick the best match. If ambiguous, ask.
+
+3. **Browse menu** — run `doordash menu <storeId> --json` to get the menu. Show the user the categories and items with prices. If the user already said what they want (e.g. "pepperoni pizza"), find the matching item(s). **For convenience/pharmacy stores** (CVS, Duane Reade, Walgreens etc.), the response will have `isRetail: true` and empty items — use `store-search` instead (see step 3b).
+
+3b. **Search within a retail store** — for convenience/pharmacy stores, run `doordash store-search <storeId> "<query>" --json` to find specific products. This returns items with IDs, prices, and menuIds that can be added to cart directly.
+
+4. **Get item details** (if needed) — run `doordash item <storeId> <itemId> --json` to see options/customizations. The response includes:
+   - `options`: each option group has `minSelections`/`maxSelections` indicating how many choices are required
+   - Each choice has `unitAmount` (price impact in cents), `defaultQuantity`, and possibly `nestedOptions` (sub-choices like milk type within a size selection)
+   - `specialInstructionsConfig`: whether special instructions are accepted, max length, and placeholder text
+
+   If the item has required options (like size or toppings), construct the `nestedOptions` JSON from the option/choice IDs and pass it via `--options`. Ask the user for preferences or pick sensible defaults.
+
+5. **Add to cart** — run `doordash cart add --store-id <id> --menu-id <id> --item-id <id> --item-name "<name>" --unit-price <cents> [--options '<json>'] [--special-instructions "<text>"] --json`. For subsequent items at the same store, pass `--cart-id <id>` from the first add response. Use `--special-instructions` for requests like "extra hot", "no ice", etc. Use `--options` to pass customization choices (see Customization Options below).
+
+6. **Review cart** — run `doordash cart view <cartId> --json` and show the user what's in their cart with prices. Ask if they want to add anything else or proceed.
+
+7. **Checkout** — run `doordash checkout <cartId> --json` to get delivery options. Present them to the user.
+
+8. **Payment methods** — run `doordash payment-methods --json` to see saved cards. Show the user which card will be used (the default one).
+
+9. **Place order** — after the user explicitly confirms, run `doordash order place --cart-id <id> --store-id <id> --total <cents> [--tip <cents>] [--dropoff-option <id>] --json`. The command auto-selects the default payment method if `--payment-uuid` is not provided. The response contains `orderUuid` on success.
+
+## Important Behavior
+
+- **Always confirm before checkout.** Never place an order without explicit user approval.
+- **Be proactive.** If the user says "order pizza from Andiamo's", don't ask clarifying questions upfront — search, find the store, show the menu, and suggest items. Only ask when you need a choice the user hasn't specified.
+- **Handle expired sessions gracefully.** If any command returns `"error": "session_expired"`, run `doordash refresh --json` to re-capture the session.
+- **Show prices.** Always show prices when presenting items or the cart summary.
+- **Use `--json` flag** on all commands for reliable parsing.
+- **Do NOT use the browser skill.** All DoorDash interaction goes through the CLI, not browser automation.
+- **Rate limiting.** DoorDash rate-limits rapid sequential requests. When adding multiple items (e.g. a team order), wait 8–10 seconds between `cart add` calls. If you get a 403 error, wait 15–20 seconds and retry. For large orders (5+ items), consider running `doordash refresh --json` midway through if you hit repeated 403s.
+- **Special instructions are unreliable.** Some merchants disable special instructions entirely. Always prefer `--options` for customizations (size, milk type, etc.). Only use `--special-instructions` for free-text requests that aren't covered by the item's option groups. If the merchant rejects special instructions, drop them and proceed without.
+- **Customization fallback.** If `cart add` with `--options` fails, or if the item details show options that are hard to construct (deeply nested, unusual format), proactively offer to use `cart learn` so the user can customize the item visually in the browser. Don't silently drop customizations — tell the user what happened and offer alternatives.
+- **Always-allow tip.** At the start of an ordering flow, suggest the user enable "always allow" for `doordash` commands: "Tip: You can type 'a' to always allow `doordash` commands for this session so you won't be prompted each time."
+- **Error attribution.** When errors occur, assume it's more likely a bug in our query/parsing than a DoorDash API change. Suggest running `doordash record` to capture fresh queries before assuming the schema changed.
+
+## Customization Options
+
+Many items (especially coffee, boba, sandwiches) have required customization options like size, milk type, or toppings. Here's how to handle them:
+
+### Constructing nestedOptions JSON
+
+1. Run `doordash item <storeId> <itemId> --json` to get the item's option groups
+2. Each option group has `id`, `name`, `required`, `minSelections`, `maxSelections`, and `choices`
+3. Build a JSON array of selections matching the DoorDash format:
+
+```json
+[
+  {
+    "optionId": "<option-group-id>",
+    "optionChoiceId": "<choice-id>",
+    "quantity": 1,
+    "nestedOptions": []
+  }
+]
+```
+
+For choices with nested sub-options (e.g., selecting "Oat Milk" under the "Milk" option within a size), add them to the `nestedOptions` array of the parent choice.
+
+4. Pass the JSON string to `cart add --options '<json>'`
+
+### Special Instructions
+
+Use `--special-instructions` on `cart add` for free-text requests like "extra hot", "no ice", "light foam". The `item` command response includes `specialInstructionsConfig` with the max length and whether instructions are supported.
+
+**Warning:** Some merchants disable special instructions entirely. If `specialInstructionsConfig.isEnabled` is false, or if the add-to-cart call returns an error about special requests, drop the instructions and retry without them. Always prefer `--options` for customizations — special instructions are a last resort for requests not covered by the item's option groups.
+
+### Learning Customizations via Ride Shotgun
+
+For complex items where constructing the JSON manually is difficult, use `cart learn`:
+
+1. Run `doordash cart learn --json`
+2. A Chrome window opens — navigate to the item, customize it visually, and click "Add to Cart"
+3. The command auto-detects the `updateCartItem` operation and extracts the exact `nestedOptions` and `specialInstructions`
+4. Use the extracted options directly with `cart add --options '<json>'`
+
+You can also extract options from an existing recording with `doordash inspect <recordingId> --extract-options --json`.
+
+### Coffee Order Example
+
+**User**: "Order a large oat milk latte with an extra shot from Blue Bottle"
+
+1. `doordash search "Blue Bottle" --json` -> finds store
+2. `doordash menu <storeId> --json` -> finds "Latte" item
+3. `doordash item <storeId> <latteItemId> --json` -> returns options:
+   - Size (required, min:1, max:1): Small (id:101), Medium (id:102), Large (id:103, +$1.00)
+   - Milk (required, min:1, max:1): Whole (id:201), Oat (id:202, +$0.70), Almond (id:203, +$0.70)
+   - Extras (optional, min:0, max:5): Extra Shot (id:301, +$0.90), Vanilla Syrup (id:302, +$0.60)
+4. Construct options JSON and add to cart:
+
+```
+doordash cart add --store-id <id> --menu-id <id> --item-id <id> --item-name "Latte" --unit-price 550 --options '[{"optionId":"size-group-id","optionChoiceId":"103","quantity":1,"nestedOptions":[]},{"optionId":"milk-group-id","optionChoiceId":"202","quantity":1,"nestedOptions":[]},{"optionId":"extras-group-id","optionChoiceId":"301","quantity":1,"nestedOptions":[]}]' --special-instructions "Extra hot" --json
+```
+
+## Command Reference
+
+```
+doordash status --json              # Check if logged in
+doordash refresh --json             # Capture fresh session via Ride Shotgun (auto-stops after login)
+doordash login --recording <path>   # Import session from a recording file manually
+doordash logout --json              # Clear session
+doordash search "<query>" --json    # Search restaurants
+doordash menu <storeId> --json      # Get store menu (auto-detects retail stores)
+doordash store-search <storeId> "<query>" --json  # Search items within a convenience/pharmacy store
+doordash item <storeId> <itemId> --json  # Get item details + options
+doordash cart add --store-id <id> --menu-id <id> --item-id <id> --item-name "<name>" --unit-price <cents> [--quantity <n>] [--cart-id <id>] [--options '<json>'] [--special-instructions "<text>"] --json
+doordash cart remove --cart-id <id> --item-id <orderItemId> --json
+doordash cart view <cartId> --json
+doordash cart list [--store-id <id>] --json
+doordash cart learn --json                 # Learn customization options by recording browser interaction
+doordash inspect <recordingId> --extract-options --json  # Extract nestedOptions from a recording
+doordash checkout <cartId> [--address-id <id>] --json
+doordash payment-methods --json     # List saved payment methods
+doordash order place --cart-id <id> --store-id <id> --total <cents> [--tip <cents>] [--delivery-option <type>] [--dropoff-option <id>] [--payment-uuid <uuid>] --json
+```
+
+## Example Interaction
+
+**User**: "Order a pepperoni pizza from Andiamo's"
+
+1. `doordash status --json` -> logged in
+2. `doordash search "Andiamo's" --json` -> finds store 22926474
+3. `doordash menu 22926474 --json` -> finds "Pepperoni Pizza Pie" (item 2956709006, $28.00)
+4. Tell user: "I found Pepperoni Pizza Pie at Andiamo's for $28.00. Adding it to your cart."
+5. `doordash cart add --store-id 22926474 --menu-id 12847574 --item-id 2956709006 --item-name "Pepperoni Pizza Pie" --unit-price 2800 --json`
+6. `doordash cart view <cartId> --json` -> show summary
+7. "Your cart has 1x Pepperoni Pizza Pie ($28.00), total $28.00. Ready to check out?"
+
+**User**: "I need Tylenol from CVS"
+
+1. `doordash status --json` -> logged in
+2. `doordash search "CVS" --json` -> finds store 1231787
+3. `doordash menu 1231787 --json` -> isRetail: true, categories but no items
+4. `doordash store-search 1231787 "tylenol" --json` -> finds results
+5. Show top results: "Tylenol Extra Strength Gelcaps (24 ct) - $8.79, Tylenol Extra Strength Caplets (100 ct) - $13.49..."
+6. User picks one -> add to cart with the item's `id`, `menuId`, and `unitAmount`

package/src/config/bundled-skills/doordash/__tests__/doordash-client.test.ts

@@ -0,0 +1,203 @@
+import { describe, expect, it } from "bun:test";
+
+import { SessionExpiredError } from "../lib/client.js";
+
+describe("SessionExpiredError", () => {
+  it("is an instance of Error", () => {
+    const err = new SessionExpiredError("test reason");
+    expect(err).toBeInstanceOf(Error);
+  });
+
+  it("has name set to SessionExpiredError", () => {
+    const err = new SessionExpiredError("test reason");
+    expect(err.name).toBe("SessionExpiredError");
+  });
+
+  it("preserves the reason as the message", () => {
+    const err = new SessionExpiredError("DoorDash session has expired.");
+    expect(err.message).toBe("DoorDash session has expired.");
+  });
+
+  it("can be distinguished from plain Error via instanceof", () => {
+    const sessionErr = new SessionExpiredError("expired");
+    const plainErr = new Error("something else");
+    expect(sessionErr instanceof SessionExpiredError).toBe(true);
+    expect(plainErr instanceof SessionExpiredError).toBe(false);
+  });
+
+  it("produces a useful stack trace", () => {
+    const err = new SessionExpiredError("no session");
+    expect(err.stack).toBeDefined();
+    expect(err.stack).toContain("SessionExpiredError");
+  });
+});
+
+describe("expired session classification", () => {
+  // The CDP response handler in cdpFetch classifies certain HTTP statuses
+  // as session-expired. We test the classification logic by simulating
+  // the parsed response structure that cdpFetch evaluates.
+
+  function classifyResponse(parsed: Record<string, unknown>): Error {
+    // Mirrors the classification logic from cdpFetch (client.ts lines 154-159)
+    if (parsed.__error) {
+      if (parsed.__status === 403 || parsed.__status === 401) {
+        return new SessionExpiredError("DoorDash session has expired.");
+      }
+      return new Error(
+        (parsed.__message as string) ??
+          `HTTP ${parsed.__status}: ${(parsed.__body as string) ?? ""}`,
+      );
+    }
+    return new Error("No error");
+  }
+
+  it("classifies HTTP 401 as SessionExpiredError", () => {
+    const err = classifyResponse({
+      __error: true,
+      __status: 401,
+      __body: "Unauthorized",
+    });
+    expect(err).toBeInstanceOf(SessionExpiredError);
+    expect(err.message).toBe("DoorDash session has expired.");
+  });
+
+  it("classifies HTTP 403 as SessionExpiredError", () => {
+    const err = classifyResponse({
+      __error: true,
+      __status: 403,
+      __body: "Forbidden",
+    });
+    expect(err).toBeInstanceOf(SessionExpiredError);
+    expect(err.message).toBe("DoorDash session has expired.");
+  });
+
+  it("classifies HTTP 500 as a generic Error, not session expired", () => {
+    const err = classifyResponse({
+      __error: true,
+      __status: 500,
+      __body: "Internal Server Error",
+    });
+    expect(err).not.toBeInstanceOf(SessionExpiredError);
+    expect(err.message).toBe("HTTP 500: Internal Server Error");
+  });
+
+  it("classifies HTTP 429 as a generic Error", () => {
+    const err = classifyResponse({
+      __error: true,
+      __status: 429,
+      __body: "Rate limited",
+    });
+    expect(err).not.toBeInstanceOf(SessionExpiredError);
+    expect(err.message).toBe("HTTP 429: Rate limited");
+  });
+
+  it("uses __message when available", () => {
+    const err = classifyResponse({ __error: true, __message: "fetch failed" });
+    expect(err).not.toBeInstanceOf(SessionExpiredError);
+    expect(err.message).toBe("fetch failed");
+  });
+
+  it("handles response with no __body or __message gracefully", () => {
+    const err = classifyResponse({ __error: true, __status: 502 });
+    expect(err).not.toBeInstanceOf(SessionExpiredError);
+    expect(err.message).toBe("HTTP 502: ");
+  });
+});
+
+describe("CDP failure scenarios", () => {
+  // These test the error conditions that cdpFetch can encounter:
+  // 1. CDP protocol error (msg.error present)
+  // 2. Empty CDP response (no value in result)
+  // 3. Timeout (30s)
+  // 4. WebSocket connection failure
+
+  // We can test the error construction logic without connecting to a real CDP
+
+  it("CDP protocol error produces a descriptive message", () => {
+    // Simulates the error path at client.ts line 143
+    const cdpError = { message: "Cannot find context with specified id" };
+    const err = new Error(`CDP error: ${cdpError.message}`);
+    expect(err.message).toBe(
+      "CDP error: Cannot find context with specified id",
+    );
+  });
+
+  it("Empty CDP response produces a clear error", () => {
+    // Simulates the error path at client.ts line 149
+    const value = undefined;
+    const err = !value ? new Error("Empty CDP response") : null;
+    expect(err).not.toBeNull();
+    expect(err!.message).toBe("Empty CDP response");
+  });
+
+  it("CDP timeout error message includes the timeout duration", () => {
+    // Simulates the timeout error at client.ts line 92
+    const err = new Error("CDP fetch timed out after 30s");
+    expect(err.message).toContain("30s");
+  });
+
+  it("WebSocket connection failure produces SessionExpiredError", () => {
+    // Simulates ws.onerror at client.ts line 172
+    const err = new SessionExpiredError("CDP connection failed.");
+    expect(err).toBeInstanceOf(SessionExpiredError);
+    expect(err.message).toBe("CDP connection failed.");
+  });
+
+  it("findDoordashTab failure when CDP is unavailable", () => {
+    // Simulates findDoordashTab at client.ts line 67
+    const err = new SessionExpiredError(
+      "Chrome CDP not available. Run `vellum doordash refresh` first.",
+    );
+    expect(err).toBeInstanceOf(SessionExpiredError);
+    expect(err.message).toContain("Chrome CDP not available");
+  });
+
+  it("findDoordashTab failure when no tab is available", () => {
+    // Simulates findDoordashTab at client.ts line 76
+    const err = new SessionExpiredError(
+      "No Chrome tab available for DoorDash requests.",
+    );
+    expect(err).toBeInstanceOf(SessionExpiredError);
+    expect(err.message).toContain("No Chrome tab available");
+  });
+
+  it("requireSession throws SessionExpiredError when no session exists", () => {
+    // Simulates requireSession at client.ts line 56
+    const session = null;
+    const err = !session
+      ? new SessionExpiredError("No DoorDash session found.")
+      : null;
+    expect(err).toBeInstanceOf(SessionExpiredError);
+    expect(err!.message).toBe("No DoorDash session found.");
+  });
+
+  it("GraphQL errors are joined with semicolons", () => {
+    // Simulates the error handling at client.ts lines 192-194
+    const errors = [
+      { message: 'Field "x" not found' },
+      { message: "Unauthorized" },
+    ];
+    const msgs = errors.map((e) => e.message || JSON.stringify(e)).join("; ");
+    const err = new Error(`GraphQL errors: ${msgs}`);
+    expect(err.message).toBe(
+      'GraphQL errors: Field "x" not found; Unauthorized',
+    );
+  });
+
+  it("GraphQL errors use JSON.stringify for errors without message", () => {
+    const errors = [{ extensions: { code: "INTERNAL_ERROR" } }];
+    const msgs = errors
+      .map((e) => (e as Record<string, unknown>).message || JSON.stringify(e))
+      .join("; ");
+    const err = new Error(`GraphQL errors: ${msgs}`);
+    expect(err.message).toContain("INTERNAL_ERROR");
+  });
+
+  it("Empty GraphQL response throws", () => {
+    // Simulates client.ts lines 196-198
+    const data = undefined;
+    const err = !data ? new Error("Empty response from DoorDash API") : null;
+    expect(err).not.toBeNull();
+    expect(err!.message).toBe("Empty response from DoorDash API");
+  });
+});

package/src/config/bundled-skills/doordash/__tests__/doordash-session.test.ts

@@ -0,0 +1,164 @@
+import { existsSync, mkdirSync, rmSync, writeFileSync } from "node:fs";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+
+import { afterEach, beforeEach, describe, expect, it } from "bun:test";
+
+import {
+  type DoorDashSession,
+  getCookieHeader,
+  getCsrfToken,
+  importFromRecording,
+} from "../lib/session.js";
+
+// Override getDataDir to use a temp directory during tests
+const TEST_DIR = join(tmpdir(), `vellum-dd-test-${process.pid}`);
+let originalDataDir: string | undefined;
+
+// We mock getDataDir by patching the module at the fs level:
+// session.ts calls getSessionDir() -> join(getDataDir(), 'doordash')
+// We'll test session.ts helpers that don't depend on getDataDir directly,
+// and test the persistence functions via the actual file system with a known path.
+
+function makeCookie(
+  name: string,
+  value: string,
+): {
+  name: string;
+  value: string;
+  domain: string;
+  path: string;
+  httpOnly: boolean;
+  secure: boolean;
+} {
+  return {
+    name,
+    value,
+    domain: ".doordash.com",
+    path: "/",
+    httpOnly: false,
+    secure: false,
+  };
+}
+
+function makeSession(overrides?: Partial<DoorDashSession>): DoorDashSession {
+  return {
+    cookies: [
+      makeCookie("dd_session", "abc123"),
+      makeCookie("csrf_token", "tok456"),
+    ],
+    importedAt: "2025-01-15T12:00:00.000Z",
+    recordingId: "rec-001",
+    ...overrides,
+  };
+}
+
+describe("DoorDash session helpers", () => {
+  describe("getCookieHeader", () => {
+    it("joins all cookies into a single header string", () => {
+      const session = makeSession();
+      const header = getCookieHeader(session);
+      expect(header).toBe("dd_session=abc123; csrf_token=tok456");
+    });
+
+    it("returns empty string for a session with no cookies", () => {
+      const session = makeSession({ cookies: [] });
+      expect(getCookieHeader(session)).toBe("");
+    });
+
+    it("handles a single cookie without trailing semicolons", () => {
+      const session = makeSession({ cookies: [makeCookie("a", "1")] });
+      expect(getCookieHeader(session)).toBe("a=1");
+    });
+  });
+
+  describe("getCsrfToken", () => {
+    it("extracts the csrf_token value when present", () => {
+      const session = makeSession();
+      expect(getCsrfToken(session)).toBe("tok456");
+    });
+
+    it("returns undefined when csrf_token is absent", () => {
+      const session = makeSession({
+        cookies: [makeCookie("dd_session", "abc123")],
+      });
+      expect(getCsrfToken(session)).toBeUndefined();
+    });
+  });
+});
+
+describe("DoorDash session persistence", () => {
+  // These tests exercise the real loadSession/saveSession/clearSession
+  // by writing to the actual session path. We need to mock getDataDir.
+  // Since the module uses a private function we can't easily mock,
+  // we test via importFromRecording which exercises save+load.
+
+  beforeEach(() => {
+    originalDataDir = process.env.BASE_DATA_DIR;
+    process.env.BASE_DATA_DIR = TEST_DIR;
+    // Ensure test dir exists
+    mkdirSync(TEST_DIR, { recursive: true });
+  });
+
+  afterEach(() => {
+    // Restore original BASE_DATA_DIR
+    if (originalDataDir === undefined) {
+      delete process.env.BASE_DATA_DIR;
+    } else {
+      process.env.BASE_DATA_DIR = originalDataDir;
+    }
+    // Clean up test dir
+    if (existsSync(TEST_DIR)) {
+      rmSync(TEST_DIR, { recursive: true, force: true });
+    }
+  });
+
+  describe("importFromRecording", () => {
+    it("throws when the recording file does not exist", () => {
+      expect(() => importFromRecording("/nonexistent/recording.json")).toThrow(
+        "Recording not found",
+      );
+    });
+
+    it("throws when the recording contains no cookies", () => {
+      const recordingPath = join(TEST_DIR, "empty-recording.json");
+      writeFileSync(
+        recordingPath,
+        JSON.stringify({
+          id: "rec-empty",
+          startedAt: 0,
+          endedAt: 1,
+          targetDomain: "doordash.com",
+          networkEntries: [],
+          cookies: [],
+          observations: [],
+        }),
+      );
+      expect(() => importFromRecording(recordingPath)).toThrow(
+        "Recording contains no cookies",
+      );
+    });
+
+    it("successfully imports a recording with cookies", () => {
+      const recordingPath = join(TEST_DIR, "valid-recording.json");
+      writeFileSync(
+        recordingPath,
+        JSON.stringify({
+          id: "rec-valid",
+          startedAt: 0,
+          endedAt: 1,
+          targetDomain: "doordash.com",
+          networkEntries: [],
+          cookies: [makeCookie("session_id", "xyz")],
+          observations: [],
+        }),
+      );
+      const session = importFromRecording(recordingPath);
+      expect(session.cookies).toHaveLength(1);
+      expect(session.cookies[0].name).toBe("session_id");
+      expect(session.cookies[0].value).toBe("xyz");
+      expect(session.recordingId).toBe("rec-valid");
+      expect(session.importedAt).toBeTruthy();
+    });
+  });
+});