diff --git a/docs/superpowers/specs/2026-04-08-docker-orchestration-design.md b/docs/superpowers/specs/2026-04-08-docker-orchestration-design.md
index b219e9e6..d308ce71 100644
--- a/docs/superpowers/specs/2026-04-08-docker-orchestration-design.md
+++ b/docs/superpowers/specs/2026-04-08-docker-orchestration-design.md
@@ -31,9 +31,15 @@ cameleer-env-{slug}     — app containers within one environment (inter-app onl
 
 App containers reach the server for SSE/heartbeats via the `cameleer-traefik` network. They never touch databases directly.
 
+### Network isolation
+
+The `cameleer-traefik` network is created with **inter-container communication (ICC) disabled** (`--opt com.docker.network.bridge.enable_icc=false`). This means containers on the traefik network cannot communicate directly with each other — they can only be reached through Traefik's published ports. This prevents a compromised app in one environment from reaching apps in other environments via the shared routing network.
+
+The `cameleer-env-{slug}` networks keep ICC enabled so apps within the same environment can discover and communicate with each other freely.
+
 ### Network Manager
 
-Wraps Docker network operations. `ensureNetwork(name)` creates a bridge network if it doesn't exist (idempotent). `connectContainer(containerId, networkName)` attaches a container to a second network. Called by `DeploymentExecutor` before container creation.
+Wraps Docker network operations. `ensureNetwork(name, iccEnabled)` creates a bridge network if it doesn't exist (idempotent). The traefik network is created with `iccEnabled=false`, environment networks with `iccEnabled=true`. `connectContainer(containerId, networkName)` attaches a container to a second network. Called by `DeploymentExecutor` before container creation.
 
 ---