diff --git a/build.sh b/build.sh
index c407f068..5c0dc775 100755
--- a/build.sh
+++ b/build.sh
@@ -993,6 +993,11 @@ install_colibri_service() {
     fi
 
     set_config_line "${MOUNT_POINT}/etc/rc.conf" "colibri_daemon_enable=\"${COLIBRI_DAEMON_ENABLE:-YES}\""
+    # Operator-image only: require the first-boot password gate to have run
+    # (it writes /var/db/colibri/.secured) before the daemon autospawns an
+    # agent. Opt-in so deployed colibri hosts (no firstboot gate) are unaffected.
+    # Consumed by colibri_daemon.in prestart (colibri repo).
+    set_config_line "${MOUNT_POINT}/etc/rc.conf" 'colibri_daemon_require_secured="YES"'
     set_config_line "${MOUNT_POINT}/etc/rc.conf" 'colibri_daemon_user="colibri"'
     set_config_line "${MOUNT_POINT}/etc/rc.conf" 'colibri_daemon_group="colibri"'
     set_config_line "${MOUNT_POINT}/etc/rc.conf" 'colibri_daemon_data_dir="/var/db/colibri"'
diff --git a/live/operator-session/clawdie-firstboot-rootpw b/live/operator-session/clawdie-firstboot-rootpw
index ed4379eb..16e603ae 100644
--- a/live/operator-session/clawdie-firstboot-rootpw
+++ b/live/operator-session/clawdie-firstboot-rootpw
@@ -141,9 +141,9 @@ clawdie_firstboot_rootpw_start() {
         _rootpw_continue_countdown 3
     else
         printf '\n\n  [skipped] root/operator passwords NOT set — node is UNSECURED.\n'
-        printf '  Treat this node as untrusted until a password is set. The colibri\n'
-        printf '  agent should not register with mother or run tasks while unsecured.\n'
-        printf '  You will be prompted again on the next boot.\n'
+        printf '  The colibri agent will NOT start or register with mother until a\n'
+        printf '  password is set (colibri_daemon_require_secured). Set one to activate\n'
+        printf '  this node. You will be prompted again on the next boot.\n'
         _rootpw_continue_countdown 3
     fi
     return 0