diff --git a/.gitignore b/.gitignore
index fc2d715..b828cf5 100644
--- a/.gitignore
+++ b/.gitignore
@@ -25,6 +25,4 @@ gardener/dust.jsonl
 
 # Individual encrypted secrets (managed by disinto secrets add)
 secrets/
-
-# Pre-built binaries for Docker builds (avoid network calls during build)
-docker/agents/bin/
+.woodpecker/smoke-init.yml
diff --git a/bin/disinto b/bin/disinto
index 3c7507d..530cf1f 100755
--- a/bin/disinto
+++ b/bin/disinto
@@ -226,9 +226,7 @@ services:
       - woodpecker
 
   agents:
-    build:
-      context: .
-      dockerfile: docker/agents/Dockerfile
+    build: ./docker/agents
     restart: unless-stopped
     security_opt:
       - apparmor=unconfined
@@ -258,9 +256,7 @@ services:
       - disinto-net
 
   runner:
-    build:
-      context: .
-      dockerfile: docker/agents/Dockerfile
+    build: ./docker/agents
     profiles: ["vault"]
     security_opt:
       - apparmor=unconfined
@@ -2371,55 +2367,6 @@ disinto_run() {
   return "$rc"
 }
 
-# ── Pre-build: download binaries to docker/agents/bin/ ────────────────────────
-# This avoids network calls during docker build (needed for Docker-in-LXD builds)
-# Returns 0 on success, 1 on failure
-download_agent_binaries() {
-  local bin_dir="${FACTORY_ROOT}/docker/agents/bin"
-  mkdir -p "$bin_dir"
-
-  echo "Downloading agent binaries to ${bin_dir}..."
-
-  # Download SOPS
-  local sops_file="${bin_dir}/sops"
-  if [ ! -f "$sops_file" ]; then
-    echo "  Downloading SOPS v3.9.4..."
-    curl -sL https://github.com/getsops/sops/releases/download/v3.9.4/sops-v3.9.4.linux.amd64 -o "$sops_file"
-    if [ ! -f "$sops_file" ]; then
-      echo "Error: failed to download SOPS" >&2
-      return 1
-    fi
-  fi
-  # Verify checksum
-  echo "  Verifying SOPS checksum..."
-  if ! echo "5488e32bc471de7982ad895dd054bbab3ab91c417a118426134551e9626e4e85  ${sops_file}" | sha256sum -c - >/dev/null 2>&1; then
-    echo "Error: SOPS checksum verification failed" >&2
-    return 1
-  fi
-  chmod +x "$sops_file"
-
-  # Download tea CLI
-  local tea_file="${bin_dir}/tea"
-  if [ ! -f "$tea_file" ]; then
-    echo "  Downloading tea CLI v0.9.2..."
-    curl -sL https://dl.gitea.com/tea/0.9.2/tea-0.9.2-linux-amd64 -o "$tea_file"
-    if [ ! -f "$tea_file" ]; then
-      echo "Error: failed to download tea CLI" >&2
-      return 1
-    fi
-  fi
-  # Verify checksum
-  echo "  Verifying tea CLI checksum..."
-  if ! echo "be10cdf9a619e3c0f121df874960ed19b53e62d1c7036cf60313a28b5227d54d  ${tea_file}" | sha256sum -c - >/dev/null 2>&1; then
-    echo "Error: tea CLI checksum verification failed" >&2
-    return 1
-  fi
-  chmod +x "$tea_file"
-
-  echo "Binaries downloaded and verified successfully"
-  return 0
-}
-
 # ── up command ────────────────────────────────────────────────────────────────
 
 disinto_up() {
@@ -2430,14 +2377,6 @@ disinto_up() {
     exit 1
   fi
 
-  # Pre-build: download binaries to docker/agents/bin/ to avoid network calls during docker build
-  echo "── Pre-build: downloading agent binaries ────────────────────────"
-  if ! download_agent_binaries; then
-    echo "Error: failed to download agent binaries" >&2
-    exit 1
-  fi
-  echo ""
-
   # Decrypt secrets to temp .env if SOPS available and .env.enc exists
   local tmp_env=""
   local enc_file="${FACTORY_ROOT}/.env.enc"
diff --git a/docker/agents/Dockerfile b/docker/agents/Dockerfile
index f58af00..0b6fad5 100644
--- a/docker/agents/Dockerfile
+++ b/docker/agents/Dockerfile
@@ -3,16 +3,20 @@ FROM debian:bookworm-slim
 RUN apt-get update && apt-get install -y --no-install-recommends \
     bash curl git jq tmux cron python3 python3-pip openssh-client ca-certificates age shellcheck \
     && pip3 install --break-system-packages networkx \
+    && curl -sL https://github.com/getsops/sops/releases/download/v3.9.4/sops-v3.9.4.linux.amd64 \
+       -o /usr/local/bin/sops \
+    && curl -sL https://github.com/getsops/sops/releases/download/v3.9.4/sops-v3.9.4.checksums.txt \
+       -o /tmp/sops-checksums.txt \
+    && sha256sum -c --ignore-missing /tmp/sops-checksums.txt \
+    && rm -f /tmp/sops-checksums.txt \
+    && chmod +x /usr/local/bin/sops \
     && rm -rf /var/lib/apt/lists/*
 
-# Pre-built binaries (copied from docker/agents/bin/)
-# SOPS — encrypted data decryption tool
-COPY docker/agents/bin/sops /usr/local/bin/sops
-RUN chmod +x /usr/local/bin/sops
-
 # tea CLI — official Gitea/Forgejo CLI for issue/label/comment operations
-COPY docker/agents/bin/tea /usr/local/bin/tea
-RUN chmod +x /usr/local/bin/tea
+# Checksum from https://dl.gitea.com/tea/0.9.2/tea-0.9.2-linux-amd64.sha256
+RUN curl -sL https://dl.gitea.com/tea/0.9.2/tea-0.9.2-linux-amd64 -o /usr/local/bin/tea \
+    && echo "be10cdf9a619e3c0f121df874960ed19b53e62d1c7036cf60313a28b5227d54d  /usr/local/bin/tea" | sha256sum -c - \
+    && chmod +x /usr/local/bin/tea
 
 # Claude CLI is mounted from the host via docker-compose volume.
 # No internet access to cli.anthropic.com required at build time.
@@ -23,7 +27,7 @@ RUN useradd -m -u 1000 -s /bin/bash agent
 # Copy disinto code into the image
 COPY . /home/agent/disinto
 
-COPY docker/agents/entrypoint.sh /entrypoint.sh
+COPY entrypoint.sh /entrypoint.sh
 RUN chmod +x /entrypoint.sh
 
 # Entrypoint runs as root to start the cron daemon;