fix: guard workspace rename to owner only, validate SELF_DIR JSON safety

Address greptile P1/P2 review findings:

1. **Non-owner sessions unconditionally reset workspace name (greptile P1)**
   cmux-session-namer.sh called `cmux rename-workspace` on every SessionStart
   regardless of ownership. If Session A (owner) already had a good AI-generated
   workspace name, Session B starting in the same workspace would flash the name
   back to its project basename.

   Fix: guard the `rename-workspace` call with `[ "$WS_OWNER" = "$CMUX_SURFACE_ID" ]`
   so only the owning session sets the initial workspace name.

2. **$SELF_DIR injected into JSON without escaping (greptile P2)**
   The claude wrapper interpolates $SELF_DIR directly into a JSON string literal.
   A path containing '"' or '\' would produce malformed JSON and silently disable
   all hooks.

   Fix: validate $SELF_DIR before building HOOKS_JSON. If the path contains
   JSON-unsafe characters, emit a clear warning to stderr and fall through to
   exec the real claude without hooks (safe degradation vs. silent failure).

Author: Horacehxw

Resources/bin/claude

@@ -83,6 +83,15 @@ export CMUX_CLAUDE_PID=$$
 # Resolve the directory containing this wrapper (for sibling scripts).
 SELF_DIR="$(cd "$(dirname "$0")" && pwd)"
 
+# Guard: $SELF_DIR is interpolated directly into a JSON string literal.
+# A path containing '"' or '\' would produce malformed JSON and silently
+# disable all hooks. This is extremely unlikely in practice but worth catching.
+if [[ "$SELF_DIR" =~ [\"\\] ]]; then
+    echo "cmux: warning: wrapper directory path contains JSON-unsafe characters: $SELF_DIR" >&2
+    echo "cmux: hooks disabled — move cmux to a path without '\"' or '\\'" >&2
+    exec "$REAL_CLAUDE" "$@"
+fi
+
 # Build hooks settings JSON.
 # Claude Code merges --settings additively with the user's own settings.json.
 # - SessionStart/Stop/Notification: existing lifecycle hooks

Resources/bin/cmux-session-namer.sh

@@ -56,9 +56,13 @@ fi
 rm -f "$CUSTOM_MARKER" 2>/dev/null
 rm -f "/tmp/cmux-tab-cache-${CMUX_SURFACE_ID}" 2>/dev/null
 
-# Set project basename as initial workspace name (overridden by AI summary after first response)
-CWD=$(echo "$INPUT" | python3 -c "import sys,json; print(json.load(sys.stdin).get('cwd',''))" 2>/dev/null || true)
-if [ -n "$CWD" ]; then
-  BASENAME=$(basename "$CWD")
-  cmux rename-workspace --workspace "$CMUX_WORKSPACE_ID" "$BASENAME" 2>/dev/null || true
+# Set project basename as initial workspace name — only if this tab owns the workspace.
+# Non-owner sessions must not overwrite an already-established workspace name.
+WS_OWNER=$(cat "$WS_OWNER_FILE" 2>/dev/null || true)
+if [ "$WS_OWNER" = "$CMUX_SURFACE_ID" ]; then
+  CWD=$(echo "$INPUT" | python3 -c "import sys,json; print(json.load(sys.stdin).get('cwd',''))" 2>/dev/null || true)
+  if [ -n "$CWD" ]; then
+    BASENAME=$(basename "$CWD")
+    cmux rename-workspace --workspace "$CMUX_WORKSPACE_ID" "$BASENAME" 2>/dev/null || true
+  fi
 fi