diff --git a/cmd/gnoma/main.go b/cmd/gnoma/main.go
index cdd9b07..5d59628 100644
--- a/cmd/gnoma/main.go
+++ b/cmd/gnoma/main.go
@@ -2,13 +2,14 @@ package main
 
 import (
 	"context"
+	"crypto/rand"
+	"encoding/binary"
 	"encoding/json"
 	"errors"
 	"flag"
 	"fmt"
 	"io"
 	"log/slog"
-	mrand "math/rand"
 	"os"
 	"os/signal"
 	"path/filepath"
@@ -656,10 +657,14 @@ func main() {
 	}
 	permChecker := permission.NewChecker(permission.Mode(*permMode), permRules, pipePromptFn)
 
-	// Generate session-scoped ID for /tmp artifact directory
+	// Generate session-scoped ID for /tmp artifact directory.
+	// Use crypto/rand so the suffix isn't predictable even if a future
+	// caller seeds math/rand deterministically (e.g., in tests).
+	var randBuf [8]byte
+	_, _ = rand.Read(randBuf[:])
 	sessionID := fmt.Sprintf("%s-%06x",
 		time.Now().Format("20060102-150405"),
-		mrand.Int63()&0xffffff,
+		binary.BigEndian.Uint64(randBuf[:])&0xffffff,
 	)
 	// Pass the firewall's incognito mode so Save no-ops while incognito
 	// is active. Mode is consulted on every Save (dynamic), so TUI