diff --git a/Containerfile b/Containerfile
index b53a4ea..4930db7 100644
--- a/Containerfile
+++ b/Containerfile
@@ -18,7 +18,8 @@ RUN pip install --no-cache-dir --upgrade pip wheel
 
 # Install Python dependencies (includes security pins for setuptools, jaraco.context)
 COPY requirements.txt .
-RUN pip install --no-cache-dir -r requirements.txt gunicorn
+RUN pip install --no-cache-dir -r requirements.txt gunicorn \
+    && rm -rf /opt/venv/lib/python*/site-packages/setuptools/_vendor/jaraco.context*.dist-info
 
 
 # Stage 2: Runtime image
@@ -31,6 +32,7 @@ LABEL description="Lightweight secure pastebin REST API"
 # Note: System packages upgraded for Trivy scan; app runs from venv
 RUN apt clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* \
     && pip install --no-cache-dir --upgrade pip 'setuptools>=80.0' 'jaraco.context>=6.1.0' \
+    && rm -rf /usr/local/lib/python*/site-packages/setuptools/_vendor/jaraco.context*.dist-info \
     && groupadd -r flaskpaste && useradd -r -g flaskpaste flaskpaste
 
 # Copy virtual environment from builder