I don't think reusing XPUBs inside different multisig wallets is a good idea... For starters, loss of privacy in one wallet will immediately affect privacy of other wallets. I think multisig wallets should be completely firewalled from each other. That means one unique XPUB per wallet. This is what we have been doing with the Nunchuk wallet.
To be clear, I have stated repeatedly that xpub reuse into multisig is a poor practice. However, finding a trustless solution when a wallet is airgapped with no network, or is stateless like Trezor, is quite hard.
The challenge also includes how does an airgapped or stateless wallet know that it is talking to the same process on the other side that that it gave the xpub to in the first place. Without state to allow for a commitment, or at least a TOFU, a cosigner who thought he was part of a 3 of 5 could discover that he instead is in a 2 of 3, or in a script with an OR, as some form of scam.