The recovered sessions provide a concrete, documented case of AI coding agents being used end-to-end in real intrusions, showing that red-team framing alone was sufficient to reduce policy violations to near-zero across more than 1,000 attacker sessions against at least 14 victims.