diff --git a/api/commands.py b/api/commands.py
index 12a0077a..3c8998f9 100644
--- a/api/commands.py
+++ b/api/commands.py
@@ -117,4 +117,8 @@ def execute_plugin_command(command: str) -> str:
         result = resolve_plugin_command_result(handler(cmd_arg))
         return str(result or "(no output)")
     except Exception as exc:
-        return f"Plugin command error: {exc}"
+        # Don't leak raw exception str (paths, env, internal state) to the
+        # user-facing chat. Type name is enough for the user to know what
+        # class of failure occurred; full traceback lives in the server log.
+        logger.warning("Plugin command %r failed", cmd_base, exc_info=exc)
+        return f"Plugin command error: {type(exc).__name__}"
diff --git a/server.py b/server.py
index ce003d64..9768422f 100644
--- a/server.py
+++ b/server.py
@@ -205,8 +205,8 @@ class Handler(BaseHTTPRequestHandler):
         "base-uri 'self'; "
         "object-src 'none'; "
         "frame-ancestors 'self'; "
-        "script-src 'self' 'unsafe-inline' 'unsafe-eval'; "
-        "style-src 'self' 'unsafe-inline'; "
+        "script-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net; "
+        "style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net; "
         "img-src 'self' data: blob:; "
         "font-src 'self' data:; "
         "media-src 'self' data: blob:; "
diff --git a/tests/test_issue1909_csp_report_only.py b/tests/test_issue1909_csp_report_only.py
index 2c22a56a..56d8f282 100644
--- a/tests/test_issue1909_csp_report_only.py
+++ b/tests/test_issue1909_csp_report_only.py
@@ -26,7 +26,10 @@ def test_handler_adds_content_security_policy_report_only(monkeypatch):
 def test_csp_report_only_keeps_legacy_inline_allowances_for_current_ui():
     policy = Handler.csp_report_only_policy()
 
-    assert "script-src 'self' 'unsafe-inline' 'unsafe-eval'" in policy
-    assert "style-src 'self' 'unsafe-inline'" in policy
+    assert "script-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net" in policy
+    assert "style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net" in policy
+    # unsafe-eval was dropped after Opus stage-339 verification — no production
+    # JS uses eval(), new Function(), or string-form setTimeout/setInterval.
+    assert "'unsafe-eval'" not in policy
     assert "img-src 'self' data: blob:" in policy
     assert "connect-src 'self'" in policy