Prevent cross-worktree session bleed during managed session resume/load

ROADMAP #41 was still leaving a phantom-completion class open: managed
sessions could be resumed from the wrong workspace, and the CLI/runtime
paths were split between partially isolated storage and older helper
flows. This squashes the verified team work into one deliverable that
routes managed session operations through the per-worktree SessionStore,
rejects workspace mismatches explicitly, extends lane-event taxonomy for
workspace mismatch reporting, and updates the affected CLI regression
fixtures/docs so the new contract is enforced without losing same-
workspace legacy coverage.

Constraint: Keep same-workspace legacy flat sessions readable while blocking cross-worktree misuse
Constraint: No new dependencies; stay within the ROADMAP #41 changed-file scope
Rejected: Leave team auto-checkpoint history as final branch state | noisy/non-lore history for a single roadmap fix
Confidence: high
Scope-risk: moderate
Reversibility: clean
Directive: Preserve workspace_root validation on future resume/load helpers; do not reintroduce path-only fallback without equivalent mismatch checks
Tested: cargo test -p runtime session_control -- --nocapture; cargo test -p rusty-claude-cli resume -- --nocapture; cargo test -p rusty-claude-cli --test cli_flags_and_config_defaults; cargo test -p rusty-claude-cli --test output_format_contract; cargo test -p rusty-claude-cli --test resume_slash_commands; cargo test --workspace --exclude compat-harness; cargo check --workspace --all-targets; git diff --check
Not-tested: cargo clippy --workspace --all-targets -- -D warnings (pre-existing failures in unchanged rust/crates/rusty-claude-cli/build.rs)
Related: ROADMAP #41

rust/crates/rusty-claude-cli/tests/output_format_contract.rs

@@ -4,6 +4,7 @@ use std::process::{Command, Output};
 use std::sync::atomic::{AtomicU64, Ordering};
 use std::time::{SystemTime, UNIX_EPOCH};
 
+use runtime::Session;
 use serde_json::Value;
 
 static TEMP_COUNTER: AtomicU64 = AtomicU64::new(0);
@@ -236,12 +237,7 @@ fn doctor_and_resume_status_emit_json_when_requested() {
     assert!(sandbox["enabled"].is_boolean());
     assert!(sandbox["fallback_reason"].is_null() || sandbox["fallback_reason"].is_string());
 
-    let session_path = root.join("session.jsonl");
-    fs::write(
-        &session_path,
-        "{\"type\":\"session_meta\",\"version\":3,\"session_id\":\"resume-json\",\"created_at_ms\":0,\"updated_at_ms\":0}\n{\"type\":\"message\",\"message\":{\"role\":\"user\",\"blocks\":[{\"type\":\"text\",\"text\":\"hello\"}]}}\n",
-    )
-    .expect("session should write");
+    let session_path = write_session_fixture(&root, "resume-json", Some("hello"));
     let resumed = assert_json_command(
         &root,
         &[
@@ -268,12 +264,7 @@ fn resumed_inventory_commands_emit_structured_json_when_requested() {
     fs::create_dir_all(&config_home).expect("config home should exist");
     fs::create_dir_all(&home).expect("home should exist");
 
-    let session_path = root.join("session.jsonl");
-    fs::write(
-        &session_path,
-        "{\"type\":\"session_meta\",\"version\":3,\"session_id\":\"resume-inventory-json\",\"created_at_ms\":0,\"updated_at_ms\":0}\n{\"type\":\"message\",\"message\":{\"role\":\"user\",\"blocks\":[{\"type\":\"text\",\"text\":\"inventory\"}]}}\n",
-    )
-    .expect("session should write");
+    let session_path = write_session_fixture(&root, "resume-inventory-json", Some("inventory"));
 
     let mcp = assert_json_command_with_env(
         &root,
@@ -324,12 +315,7 @@ fn resumed_version_and_init_emit_structured_json_when_requested() {
     let root = unique_temp_dir("resume-version-init-json");
     fs::create_dir_all(&root).expect("temp dir should exist");
 
-    let session_path = root.join("session.jsonl");
-    fs::write(
-        &session_path,
-        "{\"type\":\"session_meta\",\"version\":3,\"session_id\":\"resume-version-init-json\",\"created_at_ms\":0,\"updated_at_ms\":0}\n",
-    )
-    .expect("session should write");
+    let session_path = write_session_fixture(&root, "resume-version-init-json", None);
 
     let version = assert_json_command(
         &root,
@@ -405,6 +391,24 @@ fn write_upstream_fixture(root: &Path) -> PathBuf {
     upstream
 }
 
+fn write_session_fixture(root: &Path, session_id: &str, user_text: Option<&str>) -> PathBuf {
+    let session_path = root.join("session.jsonl");
+    let mut session = Session::new()
+        .with_workspace_root(root.to_path_buf())
+        .with_persistence_path(session_path.clone());
+    session.session_id = session_id.to_string();
+    if let Some(text) = user_text {
+        session
+            .push_user_text(text)
+            .expect("session fixture message should persist");
+    } else {
+        session
+            .save_to_path(&session_path)
+            .expect("session fixture should persist");
+    }
+    session_path
+}
+
 fn write_agent(root: &Path, name: &str, description: &str, model: &str, reasoning: &str) {
     fs::create_dir_all(root).expect("agent root should exist");
     fs::write(