diff --git a/lib/env.sh b/lib/env.sh
index fb479ec..97483bc 100755
--- a/lib/env.sh
+++ b/lib/env.sh
@@ -30,8 +30,14 @@ if [ -f "$FACTORY_ROOT/.env.enc" ] && command -v sops &>/dev/null; then
   _saved_forge_url="${FORGE_URL:-}"
   _saved_forge_token="${FORGE_TOKEN:-}"
   # Use temp file + validate dotenv format before sourcing (avoids eval injection)
-  # SOPS -d automatically verifies MAC/GCM authentication tag during decryption
   _tmpenv=$(mktemp) || { echo "Error: failed to create temp file for .env.enc" >&2; exit 1; }
+  # Verify SOPS metadata GCM ciphertext tag before decryption (integrity check)
+  if ! sops verify "$FACTORY_ROOT/.env.enc" &>/dev/null; then
+    echo "Error: SOPS verification failed — .env.enc integrity check failed, possible tampering" >&2
+    rm -f "$_tmpenv"
+    exit 1
+  fi
+  # Decrypt to temp file
   if ! sops -d --output-type dotenv "$FACTORY_ROOT/.env.enc" > "$_tmpenv" 2>/dev/null; then
     echo "Error: failed to decrypt .env.enc — decryption failed, possible corruption" >&2
     rm -f "$_tmpenv"