diff --git a/crates/openshell-driver-kubernetes/src/driver.rs b/crates/openshell-driver-kubernetes/src/driver.rs
index 668a18d8c..51a838277 100644
--- a/crates/openshell-driver-kubernetes/src/driver.rs
+++ b/crates/openshell-driver-kubernetes/src/driver.rs
@@ -1064,6 +1064,13 @@ fn sandbox_template_to_k8s(
         }
     }
 
+    // Disable service account token auto-mounting for security hardening.
+    // Sandbox pods should not have access to the Kubernetes API by default.
+    spec.insert(
+        "automountServiceAccountToken".to_string(),
+        serde_json::json!(false),
+    );
+
     let mut container = serde_json::Map::new();
     container.insert("name".to_string(), serde_json::json!("agent"));
     // Use template image if provided, otherwise fall back to default
@@ -2116,6 +2123,26 @@ mod tests {
         );
     }
 
+    #[test]
+    fn automount_service_account_token_is_disabled() {
+        let pod_template = {
+            let params = SandboxPodParams::default();
+            sandbox_template_to_k8s(
+                &SandboxTemplate::default(),
+                false,
+                &std::collections::HashMap::new(),
+                true,
+                &params,
+            )
+        };
+
+        assert_eq!(
+            pod_template["spec"]["automountServiceAccountToken"],
+            serde_json::json!(false),
+            "service account token auto-mounting must be disabled for security hardening"
+        );
+    }
+
     #[test]
     fn platform_config_bool_extracts_value() {
         let template = SandboxTemplate {