Isn't that risk inherent of "joining" your transaction with someone else's? I don't really see how this is a problem: if a part of the "joined" transaction becomes invalid, I assume the coinjoin can just recreate a new transaction without that input and broadcast it again, right?