diff --git a/testservers/Dockerfile b/testservers/Dockerfile
index 8dfc688..b0159d2 100644
--- a/testservers/Dockerfile
+++ b/testservers/Dockerfile
@@ -12,6 +12,11 @@ RUN pip install --no-cache-dir .
 COPY start-server.sh .
 RUN chmod +x start-server.sh
 
+# Create non-root user
+RUN groupadd -r appuser && useradd -r -g appuser appuser
+RUN chown -R appuser:appuser /app
+USER appuser
+
 # Environment variables for configuration
 ENV MCP_HOST=0.0.0.0
 
@@ -20,4 +25,4 @@ EXPOSE 8000 8010 8020
 
 # Run all servers (SERVER_TYPE=all runs PII, Tool Poisoning, and Rug Pull servers)
 ENV SERVER_TYPE=all
-CMD ["./start-server.sh"]
+CMD ["./start-server.sh"]
\ No newline at end of file