Resource-leak test failures on main: extension_rubric_scorer_test and worker_gateway_test

Remote execution shipped in swamp-club#535 (PR #1547). The only documentation today is the internal design doc (design/remote-execution.md) and a short section in the swamp skill — there is no user-facing reference. This issue records the full coverage a reference doc set needs.

Scope of changes

A new reference section for remote execution, written for two audiences: operators provisioning workers, and workflow authors placing steps on them. Affected components are documentation only (docs site / reference tree plus cross-links from the workflow and serve docs).

Documentation coverage needed

1. Concepts & architecture overview

Orchestrator vs worker roles; workers are stateless compute that dial home (outbound ws control socket + HTTP/2 data plane); orchestrator owns the durable world.
The executor concept (local loopback vs remote worker) and how it replaced execution drivers — include a migration note for anyone with driver: fields.
Capability proxying: every datastore/vault/definition access goes back through the orchestrator; workers hold no credentials.

2. Getting started walkthrough

Mint a token, start swamp serve, connect a worker, run a placed workflow step end-to-end.
Deployment one-liners: ssh, cloud-init, container, k8s Job, CI runner.

3. CLI reference (every command, both `log` and `--json` output documented)

swamp worker token create <name> --duration <dur> [--vault <vault>] — plaintext shown exactly once; <name>.<secret> credential format.
swamp worker token list — recorded vs effective (display) state, expiry, bound machine.
swamp worker token revoke <name>.
swamp worker connect <url> --token [--label k=v ...] [--cache-dir] [--data-plane-url] [--no-reconnect].
swamp worker list — pool view, status, labels.
swamp serve / --server flag for running workflows and methods through a server.

4. Enrollment token lifecycle reference

State machine: unused → enrolled → expired plus revoked; what each state means and what transitions it.
Machine binding: token binds to a machine-id file in the worker cache directory on first redemption; the bound machine reconnects across blips, restarts, and reboots; any other machine is rejected.
The --cache-dir requirement for a stable machine identity (default temp dir = new identity per process) — this is the most likely operator footgun and deserves a callout box.
Expiry is a hard deadline: the orchestrator disconnects a connected worker when the lifetime elapses and rejects re-enrollment; revoke for early cutoff.
Restart/reboot scenarios spelled out as a table: socket blip, process restart, machine reboot, token expired, token revoked, second machine.

5. Workflow placement reference

Placement fields on a step: target: (worker name or instance uuid) and labels: selector map; queuing behavior when no worker matches; interaction with non-placed steps.
How outputs, reports, and follow-up actions behave identically on a remote executor.

6. Failure & reconnection semantics

Reconnection grace window; what happens to an in-flight dispatch on socket drop (no-write steps re-dispatch; write-bearing steps fail the run — the write-then-fail rule).
Cooperative cancellation of dispatched steps.
Session credential lifetime and sliding refresh (operator-visible only as log lines, but worth documenting for debugging).

7. Security reference

Trust model: bearer {token, machineId} over wss; machine id is client-asserted (contains accidental reuse, not a malicious token holder); recommend short enrollment lifetimes, TLS, and certificate pinning.
What a worker can and cannot see: no datastore/vault credentials, per-dispatch environment snapshot held in memory only, secrets resolved orchestrator-side.
The reverse trust direction: connecting a worker to an untrusted URL grants that URL code execution (same model as a self-hosted CI runner).

8. Operations guide

Monitoring the pool (swamp worker list, querying the built-in models with swamp data).
Worker state as swamp data: swamp/worker, swamp/enrollment-token, swamp/step-lease built-in models and their queryable fields.
Troubleshooting table: protocol_mismatch (binary version lockstep), already_connected, already bound to another machine, expired, revoked, does not match — cause and fix for each.
Upgrade guidance: protocol version lockstep means orchestrator and workers upgrade together.

9. Cross-links

Workflow guide (placement fields), serve docs (--server), vault docs (secret resolution path), extension docs (bundle shipping/fingerprints).

Acceptance criteria

Every CLI command above has a reference page with flags, examples, and JSON output shape.
The lifecycle/restart table and the --cache-dir callout exist.
The troubleshooting table covers all permanent enrollment failure messages.
Getting-started walkthrough verified end-to-end on a clean machine.

02Bog Flow

Open

6/11/2026, 8:18:55 PM

No activity in this phase yet.

03Sludge Pulse

Resource-leak test failures on main: extension_rubric_scorer_test and worker_gateway_test

Landing page clips the curl install command instead of rendering the full text

model delete --json output shape doesn't match the documented {deleted, modelId, modelName, artifactsDeleted}

model search --json returns a bare model object instead of {query, results} when exactly one model matches

Extension author gitignore guidance: add .swamp.yaml and CLAUDE.md to recommended excludes

reports.require in workflow YAML does not auto-execute pulled extension reports

Yanked extension version still shown as active on swamp-club.com and in 'extension search'

Add deprecate/yank/unyank actions for own extensions on the web interface

Expose per-run memory/CPU metrics for method & workflow executions

model method run OOMs at 4GB V8 heap on long high-fan-out methods; non-configurable heap + crash leaves run stuck in "running"

Tier-up announcements never fire for direct score contributions (badge awards, feed credits)

CI never runs the discord-bot service test suite

Discord role sync never assigns lower leaderboard tiers (Swamp Baby / Muck Runt / Sludge Whelp)

Docs: document globalArgument input reference validation in workflow validate

Remote execution: UAT coverage for tokens, enrollment, and dispatch

Remote execution: comprehensive reference documentation

doctor extensions: pulled-extension source files reported as orphans that --repair can't evict (nested @swamp/aws/* sibling mis-attribution)

Channel-based publishing for local extension backports

Feature: make extension yank channel-scoped (--channel) so it doesn't nuke every channel

swamp update --setup-auto does not work with bluefin44 (crontab not found, should

Feature: demote / withdraw an extension version from the stable channel

Docs: extension-publish skill guide doesn't cover release channels

workflow validate: resolve model globalArguments expressions against the calling workflow's declared inputs

Add a way to list registered report definitions (report search only lists results)

Inconsistent resource-field accessor: data get returns content, data query and CEL use attributes

Extension API: allow export const extension to add resource specs, or document that it cannot

@swamp/aws/cloudformation: expose StackSet instances, drift, and operations (Cloud Control cannot)

workflow validate: method args with a Zod .default() are treated as required

Profile months overlap in trajectory

model type describe --json: bloated output (40% duplicated specs, no compact mode) and lost method-to-output mapping drive agents to read extension source

UAT: Release channel CLI and adversarial tests

Docs: Add release channel documentation to the manual

Test skill evals with Fable in multi-skill eval tests

Guide users toward filing feature requests when @swamp extensions lack a needed capability

Guide users toward filing feature requests when @swamp extensions are missing features

correcting capitlization of Swamp, Swamp Club, and The Swamp on the swamp-club.com website

API: Add release channel support for extension versions (beta, rc, stable)

Add @swamp/hetzner-cloud/server-types model for availability and project limits

Resident/warm worker mode — `model method run` has ~6s fixed per-invocation overhead that rules out latency-sensitive use

Issue submission returns wrong URL path

Dynamic resource attribute refresh for model instances

`vault put` inside workflow steps still acquires global `.datastore.lock` after #382

extension quality scorer mis-detects quoted phrases in comments as bare imports

extension push: credentials-sensitive-field false positive when .meta({ sensitive: true }) is on a continuation line

Local source-loading should discover a report co-located with its model in a paths.base:manifest extension

extension push: optionally sync the published bundle to the manifest `repository:` (git mirror)

Add 'creek' extension kind for cross-querying external systems alongside swamp data

Docs: vault refresh hooks (--refresh-from, --refresh-ttl, --clear-refresh)

Support CI-friendly adversarial review artifacts for extension push

Deprecate "No slow types" (fast-check) rubric factor on server-side scorer

Registry scorer fails on bare specifiers — mirror CLI fix from #505

Official extension for GitHub repository configuration (environments, variables, secrets)

Feature request: @swamp/tailscale extension

Option to change email in your Swamp Club profile or delete account

Docs: vault reference in manual promotes inline KEY=VALUE as primary example

extension push error for disallowed file types doesn't mention binaries field

swamp help extension omits yank and unyank (machine-readable CLI schema misses real subcommands)

Extension model method execute lacks typed args/context — every author has to use ': any' to unblock tests

@webframp/hashicorp-vault: empty KV engine causes 'data.data.keys is not iterable' on vault put

workflow resume fails to register all extension model types (local and pulled) — "Unknown model type"

model method run: cannot pass arrays, numbers, or booleans via --input

extension push --dry-run --json reports local helper imports as bogus model entries

Extension source: direct-content export scan only reads first 64 KiB, silently drops exports beyond it

Homepage install command: wrong domain and missing https:// protocol

Homepage install command: wrong domain and missing https:// protocol

first-class refresh hook for short-lived vault values (gcloud / aws-sso / kubectl-oidc token UX)

swamp issue ripple logged "Posted ripple on issue #514" but the ripple is not visible on the Lab

vault guide promotes inline secret values (KEY=VALUE) as a primary "swamp vault put" example

swamp-getting-started SKILL.md still references removed swamp-model / swamp-workflow / swamp-vault / swamp-extension / swamp-repo skills

extension rm blocked by stale /workspace bundle_types rows from prior container sessions with host repo bind-mounted

extension search returns null repository fields that extension info populates

Quality rubric: scope "No slow types" for model extensions (consumed via model+CEL, not type imports)

data get/list --workflow and workflow history get/logs cannot resolve extension-delivered workflows (Workflow not found)

Docs: add doctor secrets and doctor vaults to the troubleshooting how-to guide

UAT: sensitive resource output without vault produces clear pre-flight error

Docs: add doctor vaults subcommand and pre-flight vault validation

gcs-datastore: registerNamespace does not detect conflicts with existing registrations

Validate vault availability when model has sensitive output fields

Managed skills ship with dangling reference-doc links

swamp-club: update skill references and CLAUDE.md after superskill consolidation