diff --git a/hermes_cli/tools_config.py b/hermes_cli/tools_config.py
index 614e79b43d4e..3353d42bd641 100644
--- a/hermes_cli/tools_config.py
+++ b/hermes_cli/tools_config.py
@@ -18,6 +18,7 @@
 from pathlib import Path
 from typing import Dict, List, Optional, Set
 
+from tools.environments.local import _sanitize_subprocess_env
 
 from hermes_cli.config import (
     cfg_get,
@@ -584,7 +585,7 @@ def _pip_install(
     (or the last failure for the caller to inspect).
     """
     venv_root = Path(sys.executable).parent.parent
-    uv_env = {**os.environ, "VIRTUAL_ENV": str(venv_root)}
+    uv_env_base = {**os.environ, "VIRTUAL_ENV": str(venv_root)}
 
     uv_bin = shutil.which("uv")
     if uv_bin:
@@ -592,7 +593,7 @@ def _pip_install(
             result = subprocess.run(
                 [uv_bin, "pip", "install", *args],
                 capture_output=capture_output, text=True, timeout=timeout,
-                env=uv_env,
+                env=_sanitize_subprocess_env(uv_env_base),
             )
             if result.returncode == 0:
                 return result
@@ -607,6 +608,7 @@ def _pip_install(
         probe = subprocess.run(
             pip_cmd + ["--version"],
             capture_output=True, text=True, timeout=15,
+            env=_sanitize_subprocess_env(os.environ.copy()),
         )
         if probe.returncode != 0:
             raise FileNotFoundError("pip not in venv")
@@ -615,6 +617,7 @@ def _pip_install(
             subprocess.run(
                 [sys.executable, "-m", "ensurepip", "--upgrade", "--default-pip"],
                 capture_output=True, text=True, timeout=120, check=True,
+                env=_sanitize_subprocess_env(os.environ.copy()),
             )
         except (subprocess.CalledProcessError, subprocess.TimeoutExpired) as e:
             # Synthesize a result so callers see a clean failure path.
@@ -626,6 +629,7 @@ def _pip_install(
     return subprocess.run(
         pip_cmd + ["install", *args],
         capture_output=capture_output, text=True, timeout=timeout,
+        env=_sanitize_subprocess_env(os.environ.copy()),
     )
 
 
@@ -646,7 +650,8 @@ def _run_post_setup(post_setup_key: str):
             # behaviour as before.
             result = subprocess.run(
                 [npm_bin, "install", "--silent"],
-                capture_output=True, text=True, cwd=str(PROJECT_ROOT)
+                capture_output=True, text=True, cwd=str(PROJECT_ROOT),
+                env=_sanitize_subprocess_env(os.environ.copy()),
             )
             if result.returncode == 0:
                 _print_success("    Node.js dependencies installed")
@@ -722,6 +727,7 @@ def _run_post_setup(post_setup_key: str):
             result = subprocess.run(
                 install_cmd,
                 capture_output=True, text=True, cwd=str(PROJECT_ROOT), timeout=600,
+                env=_sanitize_subprocess_env(os.environ.copy()),
             )
             if result.returncode == 0:
                 _print_success("    Chromium installed")
@@ -751,7 +757,8 @@ def _run_post_setup(post_setup_key: str):
             # Absolute npm path so .cmd shim executes on Windows.
             result = subprocess.run(
                 [_npm_bin, "install", "--silent"],
-                capture_output=True, text=True, cwd=str(PROJECT_ROOT)
+                capture_output=True, text=True, cwd=str(PROJECT_ROOT),
+                env=_sanitize_subprocess_env(os.environ.copy()),
             )
             if result.returncode == 0:
                 _print_success("    Camofox installed")
@@ -779,6 +786,7 @@ def _run_post_setup(post_setup_key: str):
                 version = subprocess.run(
                     ["cua-driver", "--version"],
                     capture_output=True, text=True, timeout=5,
+                    env=_sanitize_subprocess_env(os.environ.copy()),
                 ).stdout.strip()
                 _print_success(f"    cua-driver already installed: {version or 'unknown version'}")
             except Exception:
@@ -793,12 +801,19 @@ def _run_post_setup(post_setup_key: str):
             return
         _print_info("    Installing cua-driver (macOS background computer-use)...")
         try:
-            install_cmd = (
-                "/bin/bash -c \"$(curl -fsSL "
-                "https://raw.githubusercontent.com/trycua/cua/main/"
-                "libs/cua-driver/scripts/install.sh)\""
+            install_cmd = [
+                "/bin/bash",
+                "-c",
+                "curl -fsSL https://raw.githubusercontent.com/trycua/cua/main/libs/cua-driver/scripts/install.sh | /bin/bash"
+            ]
+            result = subprocess.run(
+                install_cmd,
+                capture_output=True,
+                text=True,
+                cwd=str(PROJECT_ROOT),
+                timeout=600,
+                env=_sanitize_subprocess_env(os.environ.copy()),
             )
-            result = subprocess.run(install_cmd, shell=True, timeout=300)
             if result.returncode == 0 and shutil.which("cua-driver"):
                 _print_success("    cua-driver installed.")
                 _print_info("    IMPORTANT — grant macOS permissions now:")
@@ -807,7 +822,7 @@ def _run_post_setup(post_setup_key: str):
                 _print_info("    Both must allow the terminal / Hermes process.")
             else:
                 _print_warning("    cua-driver install did not complete. Re-run manually:")
-                _print_info(f"      {install_cmd}")
+                _print_info("      curl -fsSL https://raw.githubusercontent.com/trycua/cua/main/libs/cua-driver/scripts/install.sh | /bin/bash")
         except subprocess.TimeoutExpired:
             _print_warning("    cua-driver install timed out. Re-run manually.")
         except Exception as e: