diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml
index e487dd3a..ae21b3c8 100644
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -69,6 +69,16 @@ services:
       - workspace-target:/workspace/target
       - huskies-target:/app/target
 
+      # Isolate frontend node_modules from the host.
+      # npm install pulls platform-specific native binaries (esbuild,
+      # rollup, etc.) — macOS binaries won't run on Linux and vice versa.
+      # Without this volume, building on the Mac host writes macOS
+      # node_modules into the bind mount, then the Linux container tries
+      # to execute them and fails. The Docker volume gives the container
+      # its own Linux-native node_modules that doesn't collide with the
+      # host's.
+      - frontend-modules:/workspace/frontend/node_modules
+
     # ── Security hardening ──────────────────────────────────────────
     # Read-only root filesystem. Only explicitly mounted volumes and
     # tmpfs paths are writable.
@@ -130,3 +140,4 @@ volumes:
   claude-state:
   workspace-target:
   huskies-target:
+  frontend-modules: