BudgetCounter.consume at lib/src/main/kotlin/dev/arcp/lease/BudgetCounter.kt:14 subtracts the requested amount inside computeIfPresent and only afterward decides whether to return Outcome.Exhausted. A consume(USD:1.50) against a remaining USD:1.00 therefore leaves the counter at USD:-0.50 and the caller sees Outcome.Exhausted; if the caller then retries with a smaller amount it succeeds against a negative balance. The class KDoc at lib/src/main/kotlin/dev/arcp/lease/BudgetCounter.kt:13 describes the function as "Consumes [amount] and returns whether the budget is exhausted", which neither documents the over-consumption nor warns callers that the counter is now negative. ARCPRuntime.handleMetric at lib/src/main/kotlin/dev/arcp/runtime/ARCPRuntime.kt:305 consumes whatever the agent reports without bounding it, so a misbehaving agent can push the counter arbitrarily negative.
Fix prompt: Decide whether consume should clamp at zero (preserving the invariant that consumed-to-date ≤ initial budget) or refuse over-spend with a third outcome variant such as Outcome.Rejected(currency, requested, available). Either way, update the KDoc to describe the chosen semantics and add a regression test in lib/src/test/kotlin/dev/arcp/lease/BudgetCounterTest.kt that over-consumes by 50% and asserts the documented behavior. Update ARCPRuntime.handleMetric to surface the new outcome variant if one is added.
BudgetCounter.consumeatlib/src/main/kotlin/dev/arcp/lease/BudgetCounter.kt:14subtracts the requested amount insidecomputeIfPresentand only afterward decides whether to returnOutcome.Exhausted. Aconsume(USD:1.50)against a remainingUSD:1.00therefore leaves the counter atUSD:-0.50and the caller seesOutcome.Exhausted; if the caller then retries with a smaller amount it succeeds against a negative balance. The class KDoc atlib/src/main/kotlin/dev/arcp/lease/BudgetCounter.kt:13describes the function as "Consumes [amount] and returns whether the budget is exhausted", which neither documents the over-consumption nor warns callers that the counter is now negative.ARCPRuntime.handleMetricatlib/src/main/kotlin/dev/arcp/runtime/ARCPRuntime.kt:305consumes whatever the agent reports without bounding it, so a misbehaving agent can push the counter arbitrarily negative.Fix prompt: Decide whether
consumeshould clamp at zero (preserving the invariant that consumed-to-date ≤ initial budget) or refuse over-spend with a third outcome variant such asOutcome.Rejected(currency, requested, available). Either way, update the KDoc to describe the chosen semantics and add a regression test inlib/src/test/kotlin/dev/arcp/lease/BudgetCounterTest.ktthat over-consumes by 50% and asserts the documented behavior. UpdateARCPRuntime.handleMetricto surface the new outcome variant if one is added.