#15793: fix(sessions): gracefully handle stale cross-agent session file paths

## Summary - When a user is re-routed from one agent to another via bindings config, the persisted `sessionFile` may point to the previous agent's sessions directory, causing `resolvePathWithinSessionsDir` to throw "Session file path must be within sessions directory" - Updated `resolveSessionFilePath` to validate the stored path is within the current agent's sessions directory; if not, gracefully falls back to generating a fresh path - Added test case to verify stale cross-agent session file paths are handled correctly ## Test plan - [x] Existing tests pass: `npx vitest run src/config/sessions.test.ts` (28 tests passing) - [x] New test verifies stale cross-agent path fallback behavior - [ ] Manual test: configure a binding to route a user to a different agent, send a message, confirm no "Session file path must be within sessions directory" error 🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- greptile_comment --> <h2>Greptile Overview</h2> <h3>Greptile Summary</h3> This PR updates `resolveSessionFilePath` to detect when a persisted `sessionFile` points outside the current agent’s sessions directory (e.g. after binding-based reroutes) and, in that case, falls back to generating a fresh transcript path under the current agent. It also adds a unit test intended to cover the stale cross-agent path scenario. The change is localized to session path resolution (`src/config/sessions/paths.ts`) which is used by command execution, usage reporting, and auto-reply session handling throughout the codebase to find the transcript `.jsonl` file for a session. <h3>Confidence Score: 3/5</h3> - This PR is close, but the new path containment check is not reliable for absolute paths and could still accept incorrect locations. - Core behavior change is small and well-targeted, but the containment logic uses `path.resolve(sessionsDir, candidate)` which ignores `sessionsDir` when `candidate` is absolute; combined with a prefix-based `relative.startsWith("..")` check, it can incorrectly treat some out-of-dir paths as valid. The new test also uses substring assertions that don’t robustly validate directory containment across platforms. - src/config/sessions/paths.ts; src/config/sessions.test.ts _{Last reviewed commit: 57ec7a4} <!-- greptile_other_comments_section --> _{(2/5) Greptile learns from your feedback when you react with thumbs up/down!} <!-- /greptile_comment -->