diff --git a/openviking/core/directories.py b/openviking/core/directories.py
index b610b218e..9555071a5 100644
--- a/openviking/core/directories.py
+++ b/openviking/core/directories.py
@@ -14,6 +14,7 @@
 from openviking.core.namespace import (
     canonical_user_root,
     context_type_for_uri,
+    is_session_uri,
     user_space_fragment,
 )
 from openviking.server.identity import RequestContext
@@ -258,7 +259,7 @@ async def _ensure_directory(
 
         # 2. Seed directory L0/L1 vectors only during fresh initialization.
         owner_space = self._owner_space_for_scope(scope=scope, ctx=ctx)
-        if agfs_created:
+        if agfs_created and not is_session_uri(uri):
             await self._ensure_directory_l0_l1_vectors(
                 uri=uri,
                 parent_uri=parent_uri,
diff --git a/openviking/core/namespace.py b/openviking/core/namespace.py
index d766ec3dd..5f5274673 100644
--- a/openviking/core/namespace.py
+++ b/openviking/core/namespace.py
@@ -391,12 +391,6 @@ def _resolve_user_uri(
 ) -> ResolvedNamespace:
     normalized = "viking://" + "/".join(parts)
     if len(parts) == 1:
-        if ctx is not None:
-            return ResolvedNamespace(
-                uri=canonical_user_root(ctx),
-                scope="user",
-                owner_user_id=ctx.user.user_id,
-            )
         return ResolvedNamespace(uri="viking://user", scope="user", is_container=True)
 
     if _is_current_user_relative_uri(parts, ctx):
diff --git a/openviking/storage/viking_fs.py b/openviking/storage/viking_fs.py
index 3bc90b3b1..12195e07b 100644
--- a/openviking/storage/viking_fs.py
+++ b/openviking/storage/viking_fs.py
@@ -347,6 +347,12 @@ def _ensure_mutable_access(self, uri: str, ctx: Optional[RequestContext]) -> Non
 
     def _ensure_supported_write_namespace(self, normalized_uri: str) -> None:
         parts = [p for p in normalized_uri[len("viking://") :].strip("/").split("/") if p]
+        if parts == ["user"]:
+            raise PermissionDeniedError(
+                "Writing viking://user is not supported; use an explicit user namespace "
+                "or current-user content path instead.",
+                resource=normalized_uri,
+            )
         if parts and parts[0] in {"agent", "session"}:
             raise PermissionDeniedError(
                 f"Writing {normalized_uri} is not supported; use user-owned namespaces instead.",
diff --git a/tests/unit/test_namespace_uri_classification.py b/tests/unit/test_namespace_uri_classification.py
index eb758efca..8be312441 100644
--- a/tests/unit/test_namespace_uri_classification.py
+++ b/tests/unit/test_namespace_uri_classification.py
@@ -147,11 +147,3 @@ def test_current_user_short_content_roots_are_canonicalized_from_content_segment
     assert is_content_root_uri("viking://resources", ctx, kind="resource")
     assert not is_content_namespace_root_uri("viking://user/resources/docs", ctx)
 
-
-def test_user_root_short_form_uses_current_identity():
-    ctx = RequestContext(
-        user=UserIdentifier(account_id="acct", user_id="alice"),
-        role=Role.ROOT,
-    )
-
-    assert canonicalize_uri("viking://user", ctx) == "viking://user/alice"