diff --git a/services/posture-check/compose-runtime-drift.sh b/services/posture-check/compose-runtime-drift.sh
index c4b31d5..c156f7d 100755
--- a/services/posture-check/compose-runtime-drift.sh
+++ b/services/posture-check/compose-runtime-drift.sh
@@ -11,7 +11,12 @@ TMP_DIR="${TMP_DIR:-/tmp/kallilab-compose-runtime-drift}"
 mkdir -p "$TMP_DIR"
 RESULTS_FILE="$TMP_DIR/results.$$"
 : > "$RESULTS_FILE"
-trap 'rm -f "$RESULTS_FILE"' EXIT
+# Healthchecks Heartbeat (endpoint-agnostisch; Capability-URL ist ein Secret, nie ins Repo)
+HC_URL_FILE="${HC_URL_FILE:-/mnt/user/appdata/secrets/healthchecks_compose_drift_url}"
+hc_url=""; [ -r "$HC_URL_FILE" ] && hc_url="$(tr -d '[:space:]' < "$HC_URL_FILE")"
+hc_ping() { [ -n "$hc_url" ] || return 0; curl -fsS -m 10 --retry 3 "${hc_url}${1:-}" >/dev/null 2>&1 || true; }
+trap 'hc_rc=$?; rm -f "$RESULTS_FILE"; [ "$hc_rc" -le 2 ] && hc_ping "" || hc_ping "/fail"' EXIT
+hc_ping "/start"
 
 json_escape() {
   sed -e 's/\\/\\\\/g' -e 's/"/\\"/g' -e 's/\t/\\t/g'
diff --git a/services/posture-check/daily-status-report.sh b/services/posture-check/daily-status-report.sh
index 55601be..ff36017 100755
--- a/services/posture-check/daily-status-report.sh
+++ b/services/posture-check/daily-status-report.sh
@@ -55,7 +55,12 @@ SECTION_ERRORS_FILE="$TMP_DIR/section-errors.log"
 cleanup() {
   rm -rf "$TMP_DIR"
 }
-trap cleanup EXIT
+# Healthchecks Heartbeat (endpoint-agnostisch; Capability-URL ist ein Secret, nie ins Repo)
+HC_URL_FILE="${HC_URL_FILE:-/mnt/user/appdata/secrets/healthchecks_daily_report_url}"
+hc_url=""; [ -r "$HC_URL_FILE" ] && hc_url="$(tr -d '[:space:]' < "$HC_URL_FILE")"
+hc_ping() { [ -n "$hc_url" ] || return 0; curl -fsS -m 10 --retry 3 "${hc_url}${1:-}" >/dev/null 2>&1 || true; }
+trap 'hc_rc=$?; cleanup; [ "$hc_rc" -le 2 ] && hc_ping "" || hc_ping "/fail"' EXIT
+hc_ping "/start"
 
 append() {
   printf '%s\n' "$*" >> "$BODY_PATH"
diff --git a/services/posture-check/komodo-stack-hygiene.sh b/services/posture-check/komodo-stack-hygiene.sh
index 271b37e..03c448a 100644
--- a/services/posture-check/komodo-stack-hygiene.sh
+++ b/services/posture-check/komodo-stack-hygiene.sh
@@ -33,7 +33,12 @@ mkdir -p "$TMP_DIR"
 RESULTS_FILE="$TMP_DIR/results.$$"
 STACKS_FILE="$TMP_DIR/stacks.$$.json"
 : > "$RESULTS_FILE"
-trap 'rm -f "$RESULTS_FILE" "$STACKS_FILE"' EXIT
+# Healthchecks Heartbeat (endpoint-agnostisch; Capability-URL ist ein Secret, nie ins Repo)
+HC_URL_FILE="${HC_URL_FILE:-/mnt/user/appdata/secrets/healthchecks_komodo_hygiene_url}"
+hc_url=""; [ -r "$HC_URL_FILE" ] && hc_url="$(tr -d '[:space:]' < "$HC_URL_FILE")"
+hc_ping() { [ -n "$hc_url" ] || return 0; curl -fsS -m 10 --retry 3 "${hc_url}${1:-}" >/dev/null 2>&1 || true; }
+trap 'hc_rc=$?; rm -f "$RESULTS_FILE" "$STACKS_FILE"; [ "$hc_rc" -le 2 ] && hc_ping "" || hc_ping "/fail"' EXIT
+hc_ping "/start"
 
 json_escape() {
   sed -e 's/\\/\\\\/g' -e 's/"/\\"/g' -e 's/\t/\\t/g'