diff --git a/packages/handoff/src/index.ts b/packages/handoff/src/index.ts
index 98af756843864e3e9c33b1da45b090a864fce7d9..7c770475aba1a35dbc880464acc2115619c74fde 100644
--- a/packages/handoff/src/index.ts
+++ b/packages/handoff/src/index.ts
@@ -138,7 +138,7 @@ function normalizeSessionPath(sessionPath: string, sessionsRoot: string | undefi
 }
 
 function sessionPathAllowed(candidate: string, sessionsRoot: string | undefined): boolean {
-	if (!sessionsRoot) return true;
+	if (!sessionsRoot) return false; // fail closed when root unknown
 	const root = path.resolve(sessionsRoot);
 	const resolved = path.resolve(candidate);
 	return resolved === root || resolved.startsWith(`${root}${path.sep}`);
@@ -539,7 +539,7 @@ export default function (pi: ExtensionAPI) {
 				details: { cancelled: true } as const,
 			});
 
-			if (!signal || signal.aborted) {
+			if (signal?.aborted) {
 				return cancelled();
 			}