diff --git a/.actor/Dockerfile b/.actor/Dockerfile
index 1d158b28..98c42ba9 100644
--- a/.actor/Dockerfile
+++ b/.actor/Dockerfile
@@ -1,16 +1,18 @@
 FROM python:3.11-slim-bookworm
 
-RUN apt-get update && apt-get install -y file procps curl gpg
 
-RUN mkdir -p /etc/apt/keyrings && \
+RUN groupadd -r appuser && useradd -r -g appuser -s /sbin/nologin appuser && \
+    \
+    apt-get update && apt-get install -y --no-install-recommends bash curl file git gpg jo jq procps xz-utils && \
+    mkdir -p /etc/apt/keyrings && \
     curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg && \
-    echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_20.x nodistro main" | tee /etc/apt/sources.list.d/nodesource.list
-
-RUN apt-get update && apt-get install -y nodejs bash git jq jo xz-utils && apt-get clean && rm -rf /var/lib/apt/lists/*
-
-RUN pip install --no-cache-dir docling
-
-RUN npm install -g apify-cli && npm cache clean --force
+    echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_20.x nodistro main" | tee /etc/apt/sources.list.d/nodesource.list && \
+    apt-get update && apt-get install -y nodejs && apt-get clean && \
+    rm -rf /var/lib/apt/lists/* && \
+    \
+    pip install --no-cache-dir docling && \
+    npm install -g apify-cli && \
+    npm cache clean --force
 
 WORKDIR /app