Carved out of #8833 per its reopen guidance ("carve the remaining live-validation acceptance into explicit open successor issues and narrow this one to the static/code/view evidence already completed"). #8833 is being closed against the completed static/code/view/harness/doc half; this issue tracks the remaining live, account/device-backed operator lane — every row here requires artifacts an agent cannot create in CI (real OAuth grants, provider sandboxes, physical devices, interactive OS permission dialogs).
Runbook (already merged — follow these, fill the Result columns)
plugins/plugin-personal-assistant/docs/LIFEOPS_LIVE_VALIDATION.md — connector × OWNER/AGENT-state × env-var × skip-behavior matrix
plugins/plugin-personal-assistant/docs/owner-agent-validation-matrix.md — 9-state permission matrix definition
- Evidence dir:
.github/issue-evidence/8833-lifeops-live-validation/ (add a dated subdir per session, like 2026-07-02-keyless-run/)
Prerequisites to provision (item 1 of #8833)
- OWNER Google account (Calendar + Gmail scopes) and a second AGENT Google account/grant
- OWNER + AGENT identities for Telegram, Discord, Signal, WhatsApp, iMessage, X, Slack
- Twilio test number + recipient allowlist
- Health: HealthKit (iOS), Health Connect (Android), Fitbit/Oura/Strava/Withings sandboxes as applicable
- Finance: Gmail billing corpus / CSV fixture / Plaid or PayPal sandbox
- Physical devices: iOS/macOS (HealthKit, Family Controls, SelfControl) + Android (Health Connect, SMS default-role, Usage Access)
- A model provider key (live states can't be driven through the planner without one — see runbook note)
Exact commands per session
# 0. Fresh checkout on develop; install
ELIZA_SKIP_ARTIFACT_SYNC=1 bun install
# 1. Put connector creds in .env (see per-connector env vars in LIFEOPS_LIVE_VALIDATION.md)
# 2. The consolidated 9-state OWNER/AGENT matrix harness (real AgentRuntime + PGLite).
# Already green credential-free (evidence: 2026-07-02-keyless-run/owner-agent-permission-matrix.txt);
# re-run it in the credentialed session to cover the live-grant states (expired/revoked/missing-scope):
LIFEOPS_PERMISSION_MATRIX=1 bunx vitest run \
--config packages/test/vitest/integration.config.ts \
plugins/plugin-personal-assistant/test/owner-agent-permission-matrix.integration.test.ts
# 3. Live connector suites — these skip cleanly without creds; with creds they go live:
TEST_LANE=post-merge bun run --cwd plugins/plugin-google test
TEST_LANE=post-merge bun run --cwd plugins/plugin-x test # 15 skips become live
# (per-connector *.live.e2e.test.ts / *.real.test.ts live under packages/app-core/test and plugin dirs;
# gating helpers: packages/app-core/test/helpers/{conditional-tests,live-provider}.ts)
# 4. Live views (populated states, both surfaces):
bun run dev # complete first-run as OWNER at :2138 with a working model key
node .github/issue-evidence/8833-lifeops-live-validation/capture-views.mjs # screenshots + video
# 5. Android on-device (device with owner Google account + SIM):
bun run --cwd packages/app build:android && # install, then capture:
bun run --cwd packages/app capture:android-emu # or real-device adb capture
# Exercise: SMS default-role prompt, Usage Access toggle (focus/blocker), Health Connect grants
# 6. iOS/macOS on-device: HealthKit + Family Controls + SelfControl flows,
# plus re-run live LifeOps views on a real iPhone (sim is env-gated — no Metal):
bun run --cwd packages/app capture:ios-sim # shell-level; live views need real device
Per-state expectations (record evidence per connector)
The 9 states and expected behavior are enumerated in the runbook table (unauthenticated / OWNER ok / AGENT denied / expired-revoked / missing-scope / multi-grant-owner-wins / planned-tool / direct-handler / UI path). Invariants: owner-only actions deny non-owner; approval-required outbound routes through the approval queue (never sends silently); connector calls return typed DispatchResult.
Already done (do NOT redo — see #8833 for links)
Acceptance
Same as #8833's live half: every connector family has OWNER and AGENT evidence (or blocked with reason); OAuth/native-permission failures explicit + recoverable; approval-gated outbound validated e2e; matrix records exactly which accounts/devices/scopes/env vars/sandboxes were used; discovered bugs get linked issues.
Carved out of #8833 per its reopen guidance ("carve the remaining live-validation acceptance into explicit open successor issues and narrow this one to the static/code/view evidence already completed"). #8833 is being closed against the completed static/code/view/harness/doc half; this issue tracks the remaining live, account/device-backed operator lane — every row here requires artifacts an agent cannot create in CI (real OAuth grants, provider sandboxes, physical devices, interactive OS permission dialogs).
Runbook (already merged — follow these, fill the Result columns)
plugins/plugin-personal-assistant/docs/LIFEOPS_LIVE_VALIDATION.md— connector × OWNER/AGENT-state × env-var × skip-behavior matrixplugins/plugin-personal-assistant/docs/owner-agent-validation-matrix.md— 9-state permission matrix definition.github/issue-evidence/8833-lifeops-live-validation/(add a dated subdir per session, like2026-07-02-keyless-run/)Prerequisites to provision (item 1 of #8833)
Exact commands per session
Per-state expectations (record evidence per connector)
The 9 states and expected behavior are enumerated in the runbook table (unauthenticated / OWNER ok / AGENT denied / expired-revoked / missing-scope / multi-grant-owner-wins / planned-tool / direct-handler / UI path). Invariants: owner-only actions deny non-owner; approval-required outbound routes through the approval queue (never sends silently); connector calls return typed
DispatchResult.Already done (do NOT redo — see #8833 for links)
DispatchResultcontract, owner gating (coreroleGate+ handler guards)gooddesktop+mobile (audit:app); component state suites greenAcceptance
Same as #8833's live half: every connector family has OWNER and AGENT evidence (or
blockedwith reason); OAuth/native-permission failures explicit + recoverable; approval-gated outbound validated e2e; matrix records exactly which accounts/devices/scopes/env vars/sandboxes were used; discovered bugs get linked issues.