fix: add cron API provenance logging (#24889)

Co-authored-by: sgtworkman <178342791+sgtworkman@users.noreply.github.com>

tests/cron/test_cron_context_from.py

@@ -1,5 +1,6 @@
 """Tests for cron job context_from feature (issue #5439 Option C)."""
 
+import logging
 import sys
 from pathlib import Path
 
@@ -267,6 +268,35 @@ class TestBuildJobPromptContextFrom:
         assert "Process" in prompt
         assert "etc/passwd" not in prompt
 
+    def test_invalid_job_id_log_includes_job_origin(self, cron_env, caplog):
+        """Invalid stored context_from refs log job/source provenance."""
+        from cron.jobs import create_job
+        from cron.scheduler import _build_job_prompt
+
+        job = create_job(
+            prompt="Process",
+            schedule="every 2h",
+            name="suspicious-chain",
+            origin={
+                "platform": "api_server",
+                "chat_id": "api",
+                "source_ip": "203.0.113.10",
+                "forwarded_for": "198.51.100.7",
+            },
+        )
+        job["context_from"] = ["../../../etc/passwd"]
+
+        caplog.set_level(logging.WARNING, logger="cron.scheduler")
+        prompt = _build_job_prompt(job)
+
+        assert "Process" in prompt
+        message = caplog.text
+        assert "context_from: skipping invalid job_id" in message
+        assert job["id"] in message
+        assert "suspicious-chain" in message
+        assert "203.0.113.10" in message
+        assert "198.51.100.7" in message
+
 
 
 class TestUpdateContextFrom:

tests/gateway/test_api_server_jobs.py

@@ -11,6 +11,7 @@ Covers:
 """
 
 import json
+import logging
 from unittest.mock import MagicMock, patch
 
 import pytest
@@ -151,6 +152,9 @@ class TestCreateJob:
                     "name": "test-job",
                     "schedule": "*/5 * * * *",
                     "prompt": "do something",
+                }, headers={
+                    "X-Forwarded-For": "203.0.113.11",
+                    "User-Agent": "cron-client",
                 })
                 assert resp.status == 200
                 data = await resp.json()
@@ -160,6 +164,10 @@ class TestCreateJob:
                 assert call_kwargs["name"] == "test-job"
                 assert call_kwargs["schedule"] == "*/5 * * * *"
                 assert call_kwargs["prompt"] == "do something"
+                assert call_kwargs["origin"]["platform"] == "api_server"
+                assert call_kwargs["origin"]["chat_id"] == "api"
+                assert call_kwargs["origin"]["forwarded_for"] == "203.0.113.11"
+                assert call_kwargs["origin"]["user_agent"] == "cron-client"
 
     @pytest.mark.asyncio
     async def test_create_job_missing_name(self, adapter):
@@ -280,6 +288,29 @@ class TestGetJob:
                 data = await resp.json()
                 assert "Invalid" in data["error"]
 
+    @pytest.mark.asyncio
+    async def test_invalid_job_id_logs_source_context(self, adapter, caplog):
+        """Invalid job-id probes log source metadata for later investigation."""
+        app = _create_app(adapter)
+        caplog.set_level(logging.WARNING, logger="gateway.platforms.api_server")
+        async with TestClient(TestServer(app)) as cli:
+            with patch(f"{_MOD}._CRON_AVAILABLE", True):
+                resp = await cli.get(
+                    "/api/jobs/..%2F..%2F..%2Fetc%2Fpasswd",
+                    headers={
+                        "X-Forwarded-For": "203.0.113.9",
+                        "User-Agent": "probe scanner",
+                    },
+                )
+                assert resp.status == 400
+
+        message = caplog.text
+        assert "Cron jobs API rejected invalid job_id" in message
+        assert "203.0.113.9" in message
+        assert "GET" in message
+        assert "/api/jobs/" in message
+        assert "probe scanner" in message
+
 
 # ---------------------------------------------------------------------------
 # 11-12. test_update_job