Check out the flow chart in this kb article for the details. You do have this correct that destination NAT drives the security policy while source NAT does not.
https://kb.juniper.net/InfoCenter/index?page=content&id=KB16110
The session table entry is not about the policy evaluation but letting you know what is happening to the packet on the SRX. This gives us both the pre and post nat addresses in the flow so we can understand the packet flow. There is no session created until the full flow chart is evaluated on the first packet and setups the session.