diff --git a/.gitignore b/.gitignore
index 6695e663..12ccb256 100644
--- a/.gitignore
+++ b/.gitignore
@@ -65,3 +65,9 @@ applications/flipt/chart/Chart.lock
 
 **/.claude/settings.local.json
 .worktrees/
+
+# Gas Town runtime
+.beads/
+.runtime/
+CLAUDE.md
+.claude/
diff --git a/applications/mlflow/charts/mlflow/templates/networkpolicy.yaml b/applications/mlflow/charts/mlflow/templates/networkpolicy.yaml
new file mode 100644
index 00000000..457fb7f8
--- /dev/null
+++ b/applications/mlflow/charts/mlflow/templates/networkpolicy.yaml
@@ -0,0 +1,31 @@
+{{- if .Values.networkPolicy.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: {{ include "mlflow.fullname" . }}
+  labels:
+    {{- include "mlflow.labels" . | nindent 4 }}
+spec:
+  podSelector:
+    matchLabels:
+      {{- include "mlflow.selectorLabels" . | nindent 6 }}
+  policyTypes:
+    - Ingress
+    - Egress
+  ingress:
+    {{- if .Values.networkPolicy.allowSameNamespace }}
+    - from:
+        - podSelector: {}
+    {{- end }}
+    {{- with .Values.networkPolicy.ingress }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+  egress:
+    {{- if .Values.networkPolicy.allowSameNamespace }}
+    - to:
+        - podSelector: {}
+    {{- end }}
+    {{- with .Values.networkPolicy.egress }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+{{- end }}
diff --git a/applications/mlflow/charts/mlflow/values.yaml b/applications/mlflow/charts/mlflow/values.yaml
index 4bb56250..4df787af 100644
--- a/applications/mlflow/charts/mlflow/values.yaml
+++ b/applications/mlflow/charts/mlflow/values.yaml
@@ -47,11 +47,20 @@ mlflow:
   # -- Pod Labels for the mlflow deployment
   podLabels: {}
   # -- Configure the Security Context for the Pod
-  podSecurityContext: {}
+  podSecurityContext:
+    runAsNonRoot: true
+    fsGroup: 1000
+    seccompProfile:
+      type: RuntimeDefault
   # -- Set the resource requests / limits for the container.
   resources: {}
   # -- Configure the Security Context for the Container
-  containerSecurityContext: {}
+  containerSecurityContext:
+    readOnlyRootFilesystem: true
+    allowPrivilegeEscalation: false
+    capabilities:
+      drop:
+        - ALL
   # -- Specify probes for the container
   # [[ref]](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/)
   probes:
@@ -584,6 +593,47 @@ minio:
     #    seccompProfile:
     #      type: RuntimeDefault
 
+# -- NetworkPolicy configuration for restricting pod traffic
+networkPolicy:
+  # -- Specifies whether to create a NetworkPolicy
+  enabled: false
+  # -- Allow traffic from pods in the same namespace
+  allowSameNamespace: true
+  # -- Ingress rules beyond same-namespace defaults
+  ingress:
+    # -- Allow ingress-nginx to reach mlflow on the service port
+    - from:
+        - namespaceSelector:
+            matchLabels:
+              kubernetes.io/metadata.name: ingress-nginx
+      ports:
+        - port: 5000
+          protocol: TCP
+  # -- Egress rules beyond same-namespace defaults
+  egress:
+    # -- Allow mlflow to reach postgres on port 5432
+    - to:
+        - podSelector:
+            matchLabels:
+              cnpg.io/cluster: mlflow-postgres
+      ports:
+        - port: 5432
+          protocol: TCP
+    # -- Allow mlflow to reach minio on port 9000
+    - to:
+        - podSelector:
+            matchLabels:
+              v1.min.io/tenant: minio
+      ports:
+        - port: 9000
+          protocol: TCP
+    # -- Allow DNS resolution
+    - ports:
+        - port: 53
+          protocol: UDP
+        - port: 53
+          protocol: TCP
+
 # -- Embedded Postgres configuration
 # Deploys a cluster using the CloudnativePG Operator
 # [[ref]](https://github.com/cloudnative-pg/cloudnative-pg)