fix(pi): harden resume target handling

[timseriakov]

Summary

Follow-up to #221. The Pi / Oh My Pi support PR was merged while a later independent review comment was still being handled, so this PR carries the review hardening fixes as a focused patch instead of rewriting the merged history.

Why

The merged feature works, but the review found several places where the new Pi resume-target flow was broader than necessary or could be made safer:

• non-Pi Resume buttons were routed through the Pi-specific helper by mistake
• /api/launch accepted a client-provided resumeTarget and then forwarded it to terminal launch more broadly than needed
• Pi JSONL header.id was trusted before validating it as a safe session id
• symlinked JSONL entries inside Pi/OhMyPi session directories could be scanned, even though the configured/root agent directory itself may legitimately be a symlink
• the Settings detection label and Copy Resume command did not consistently use the Pi vs Oh My Pi session variant

What changed

• Scope launchPiSession to tool === 'pi'; all other agents use the regular launchSession path again.
• Replace boolean resume-target validation with getValidatedPiResumeTarget(...), which returns only the server-discovered, resolved JSONL path after validation.
• Pass project into findSessionFile(sessionId, project) during Pi resume-target validation to avoid cold-cache misses.
• Forward a resume target to openInTerminal only when it is the validated Pi target; non-Pi tools get an empty target.
• Reject symlinked JSONL session entries at Pi resume validation time and skip symlinked JSONL entries during scanning/cache fingerprinting; configured/root agent directories such as ~/.omp/agent -> ... still work because only entries inside sessions/ are skipped.
• Validate Pi JSONL header.id with the safe session id regex before indexing.
• Fix Settings detection label to Pi/OhMyPi.
• Rename Pi/OhMyPi mtime cache variables so the name matches what is tracked.
• Make Copy Resume choose omp --resume vs pi --session from session.agent_variant instead of installed-binary detection.
• Use a static agent not installed launch error message.

Test plan

• node --check src/server.js && node --check src/frontend/detail.js && node --check src/data.js && node --check src/frontend/app.js
• node --test test/pi-session.test.js test/frontend-escaping.test.js test/agents-detect.test.js test/terminals-windows-launch.test.js → 31 pass, 0 fail
• node --test → 146 pass, 0 fail, 2 skipped

[vakovalskii]

LGTM ✅ Right cleanup — these fall out cleanly because Pi was the only resumeTarget consumer at the time of #221.

Verified locally:

• Full suite 148/0/2 pass (3 new tests in pi-session.test.js, 2 in frontend-escaping, 1 in agents-detect)
• CI 5/6 green + 1 cancelled (re-running)

Squash-merging — will ride in 7.5.1.