diff --git a/.gemini/skills/offload/scripts/orchestrator.ts b/.gemini/skills/offload/scripts/orchestrator.ts
index 24abf0eca7..e1cba0e82f 100644
--- a/.gemini/skills/offload/scripts/orchestrator.ts
+++ b/.gemini/skills/offload/scripts/orchestrator.ts
@@ -54,8 +54,8 @@ export async function runOrchestrator(args: string[], env: NodeJS.ProcessEnv = p
   
   if (check.status !== 0) {
     console.log('   - Provisioning isolated git worktree...');
-    // Fix permissions first
-    await provider.exec(`sudo docker exec -u root maintainer-worker chown -R node:node ${containerHome}/dev`);
+    // Only re-own the worktrees directory, NOT the entire home dir or scripts
+    await provider.exec(`sudo docker exec -u root maintainer-worker mkdir -p ${containerHome}/dev/worktrees && sudo docker exec -u root maintainer-worker chown -R node:node ${containerHome}/dev/worktrees`);
     
     const setupCmd = `
       git config --global --add safe.directory ${remoteWorkDir} && \
diff --git a/.gemini/skills/offload/scripts/providers/GceConnectionManager.ts b/.gemini/skills/offload/scripts/providers/GceConnectionManager.ts
index 0b397f0a35..c9f9129a5f 100644
--- a/.gemini/skills/offload/scripts/providers/GceConnectionManager.ts
+++ b/.gemini/skills/offload/scripts/providers/GceConnectionManager.ts
@@ -56,7 +56,9 @@ export class GceConnectionManager {
 
   sync(localPath: string, remotePath: string, options: { delete?: boolean; exclude?: string[] } = {}): number {
     const fullRemote = this.getMagicRemote();
-    const rsyncArgs = ['-avz', '--quiet'];
+    // We use --no-t and --no-perms to avoid "Operation not permitted" errors 
+    // when syncing to volumes that might have UID mismatches with the container.
+    const rsyncArgs = ['-rvz', '--quiet', '--no-t', '--no-perms', '--no-owner', '--no-group'];
     if (options.delete) rsyncArgs.push('--delete');
     if (options.exclude) options.exclude.forEach(ex => rsyncArgs.push(`--exclude="${ex}"`));