diff --git a/nomad/jobs/chat.hcl b/nomad/jobs/chat.hcl
index ee3b807..edd36f2 100644
--- a/nomad/jobs/chat.hcl
+++ b/nomad/jobs/chat.hcl
@@ -89,26 +89,19 @@ job "chat" {
       config {
         image      = "disinto/chat:local"
         force_pull = false
+        # Sandbox hardening (#706):
+        #   - cap_drop ALL (no Linux capabilities)
+        #   - tmpfs /tmp for runtime files (64MB)
+        #   - pids_limit 128 (prevent fork bombs)
         # ReadonlyRootfs enforced via entrypoint script (fails if running as root)
-        # Security options for sandbox hardening
-        # apparmor=unconfined needed for Claude CLI ptrace access
-        # no-new-privileges prevents privilege escalation
+        # Security options:
+        #   - apparmor=unconfined for Claude CLI ptrace access
+        #   - no-new-privileges prevents privilege escalation
+        cap_drop    = ["ALL"]
+        pids_limit  = 128
         security_opt = ["apparmor=unconfined", "no-new-privileges"]
-      }
-
-      # ── Sandbox hardening (#706) ────────────────────────────────────────────
-      # cap_drop ALL (no Linux capabilities)
-      # tmpfs /tmp for runtime files (64MB)
-      # pids_limit 128 (prevent fork bombs)
-      cap_drop        = ["ALL"]
-      pids_limit      = 128
-      mount {
-        type     = "tmpfs"
-        target   = "/tmp"
-        readonly = false
-        tmpfs_options {
-          size = 67108864  # 64MB in bytes
-        }
+        # tmpfs mounts via volumes config (Nomad Docker driver)
+        volumes = ["tmpfs:/tmp:size=64m"]
       }
 
       # ── Volume mounts ──────────────────────────────────────────────────────