Harden auth token handling, migration, and volume ownership

Security and robustness fixes from PR review:

- setup-auth.sh: Replace unquoted heredoc with printf '%s' to prevent
  shell injection via CLAUDE_AUTH_TOKEN metacharacters (H1)
- setup-auth.sh: Add sk-ant-* format validation on token (L1)
- setup-auth.sh: Check/fix 600 permissions on existing .credentials.json (L2)
- setup-auth.sh: Use ${CLAUDE_CONFIG_DIR:-$HOME/.claude} pattern
  consistently with other scripts (M3)
- setup-auth.sh: Document /proc token visibility limitation (M2)
- setup-migrate-claude.sh: Add idempotency check — skip silently when
  destination already has content (H2)
- setup-migrate-claude.sh: Broaden trigger — migrate all content, not
  just when .credentials.json exists (L3)
- setup-migrate-claude.sh: Add symlink protection on old directory (M1)
- setup-migrate-claude.sh: Use --no-dereference with cp (M1)
- setup-migrate-claude.sh: Use ${CLAUDE_CONFIG_DIR} pattern (L4)
- setup.sh: Log warning on sudo chown failure instead of silent
  suppression (M4)

Author: AnExiledDev

.devcontainer/scripts/setup-auth.sh

@@ -67,25 +67,29 @@ fi
 
 # --- Claude auth token (from 'claude setup-token') ---
 # Long-lived tokens only — generated via: claude setup-token
-CLAUDE_CRED_FILE="$HOME/.claude/.credentials.json"
+# Note: After unset, the token remains visible in /proc/<pid>/environ for the
+# lifetime of this process. This is a platform limitation of environment variables.
+CLAUDE_CRED_DIR="${CLAUDE_CONFIG_DIR:-$HOME/.claude}"
+CLAUDE_CRED_FILE="$CLAUDE_CRED_DIR/.credentials.json"
 if [ -n "$CLAUDE_AUTH_TOKEN" ]; then
-    if [ -f "$CLAUDE_CRED_FILE" ]; then
+    # Validate token format (claude setup-token produces sk-ant-* tokens)
+    if [[ ! "$CLAUDE_AUTH_TOKEN" =~ ^sk-ant- ]]; then
+        echo "[setup-auth] WARNING: CLAUDE_AUTH_TOKEN doesn't match expected format (sk-ant-*), skipping"
+    elif [ -f "$CLAUDE_CRED_FILE" ]; then
         echo "[setup-auth] .credentials.json already exists, skipping token injection"
+        # Verify permissions haven't been tampered with
+        perms=$(stat -c %a "$CLAUDE_CRED_FILE" 2>/dev/null)
+        if [ -n "$perms" ] && [ "$perms" != "600" ]; then
+            echo "[setup-auth] WARNING: .credentials.json has permissions $perms (expected 600), fixing"
+            chmod 600 "$CLAUDE_CRED_FILE"
+        fi
     else
         echo "[setup-auth] Creating .credentials.json from CLAUDE_AUTH_TOKEN..."
-        mkdir -p "$HOME/.claude"
-        # Write credentials with restrictive permissions from the start (no race window)
-        ( umask 077; cat > "$CLAUDE_CRED_FILE" <<CRED_EOF
-{
-  "claudeAiOauth": {
-    "accessToken": "$CLAUDE_AUTH_TOKEN",
-    "refreshToken": "$CLAUDE_AUTH_TOKEN",
-    "expiresAt": 9999999999999,
-    "scopes": ["user:inference", "user:profile"]
-  }
-}
-CRED_EOF
-        )
+        mkdir -p "$CLAUDE_CRED_DIR"
+        # Write credentials with restrictive permissions from the start (no race window).
+        # Uses printf '%s' to avoid shell expansion of token value (defense against
+        # metacharacters in the token string — backticks, $(), quotes).
+        ( umask 077; printf '{\n  "claudeAiOauth": {\n    "accessToken": "%s",\n    "refreshToken": "%s",\n    "expiresAt": 9999999999999,\n    "scopes": ["user:inference", "user:profile"]\n  }\n}\n' "$CLAUDE_AUTH_TOKEN" "$CLAUDE_AUTH_TOKEN" > "$CLAUDE_CRED_FILE" )
         echo "[setup-auth] Claude auth token configured"
         AUTH_CONFIGURED=true
     fi

.devcontainer/scripts/setup-migrate-claude.sh

@@ -1,20 +1,40 @@
 #!/bin/bash
 # One-time migration: /workspaces/.claude → $HOME/.claude
-# Only migrates if old location has .credentials.json (real auth data).
+# Migrates config, credentials, and rules from the old bind-mount location
+# to the new home directory (Docker named volume).
+#
+# Safety: uses cp -rn --no-dereference to avoid following symlinks and
+# prevent overwriting files already in the destination.
 
 OLD_DIR="/workspaces/.claude"
-NEW_DIR="$HOME/.claude"
+NEW_DIR="${CLAUDE_CONFIG_DIR:-$HOME/.claude}"
 
+# Nothing to migrate if old directory doesn't exist
 if [ ! -d "$OLD_DIR" ]; then
     exit 0
 fi
 
-if [ ! -f "$OLD_DIR/.credentials.json" ]; then
-    echo "[setup-migrate] /workspaces/.claude exists but has no .credentials.json, skipping migration"
+# Skip if old directory is empty (nothing worth migrating)
+if [ -z "$(ls -A "$OLD_DIR" 2>/dev/null)" ]; then
     exit 0
 fi
 
-echo "[setup-migrate] Migrating /workspaces/.claude → $HOME/.claude ..."
+# Idempotency: skip if destination already has content (migration already done)
+if [ -d "$NEW_DIR" ] && [ -n "$(ls -A "$NEW_DIR" 2>/dev/null)" ]; then
+    exit 0
+fi
+
+# Symlink protection: verify OLD_DIR itself is a real directory, not a symlink
+if [ -L "$OLD_DIR" ]; then
+    echo "[setup-migrate] WARNING: /workspaces/.claude is a symlink, skipping migration for safety"
+    exit 0
+fi
+
+echo "[setup-migrate] Migrating /workspaces/.claude → $NEW_DIR ..."
 mkdir -p "$NEW_DIR"
-cp -rn "$OLD_DIR/." "$NEW_DIR/" 2>/dev/null || true
+
+# --no-dereference: copy symlinks as symlinks (don't follow them)
+# -n: no-clobber (don't overwrite existing files)
+# -r: recursive
+cp -rn --no-dereference "$OLD_DIR/." "$NEW_DIR/" 2>/dev/null || true
 echo "[setup-migrate] Migration complete. You can safely remove /workspaces/.claude/"

.devcontainer/scripts/setup.sh

@@ -28,7 +28,9 @@ export CLAUDE_CONFIG_DIR CONFIG_SOURCE_DIR SETUP_CONFIG SETUP_ALIASES SETUP_AUTH
 
 # Fix named volume ownership — Docker creates named volumes as root:root
 # regardless of remoteUser. This is the only setup script requiring sudo.
-sudo chown "$(id -un):$(id -gn)" "$HOME/.claude" 2>/dev/null || true
+if ! sudo chown "$(id -un):$(id -gn)" "$HOME/.claude" 2>/dev/null; then
+    echo "[setup] WARNING: Could not fix volume ownership on $HOME/.claude — subsequent scripts may fail"
+fi
 
 SETUP_START=$(date +%s)
 SETUP_RESULTS=()