diff --git a/docs/operations/VPNRUNTIME_POST_STABILIZATION_NEXT_STEPS_2026-05-12.md b/docs/operations/VPNRUNTIME_POST_STABILIZATION_NEXT_STEPS_2026-05-12.md
index 7a763e6..55ab2e3 100644
--- a/docs/operations/VPNRUNTIME_POST_STABILIZATION_NEXT_STEPS_2026-05-12.md
+++ b/docs/operations/VPNRUNTIME_POST_STABILIZATION_NEXT_STEPS_2026-05-12.md
@@ -31,6 +31,12 @@ scripts\smoke\run-vpnruntime-ci-guards.cmd
 On UNC workspaces, `cmd.exe` may print a startup UNC warning, but the wrapper
 uses `pushd` and still runs guard checks correctly.
 
+Linux/macOS/WSL wrapper:
+
+```bash
+./scripts/smoke/run-vpnruntime-ci-guards.sh
+```
+
 Expected:
 
 - all guard steps pass
diff --git a/scripts/smoke/README.md b/scripts/smoke/README.md
index 4d15cfb..dcc3e7c 100644
--- a/scripts/smoke/README.md
+++ b/scripts/smoke/README.md
@@ -16,6 +16,12 @@ Windows `cmd` wrapper:
 scripts\smoke\run-vpnruntime-ci-guards.cmd
 ```
 
+Linux/macOS/WSL wrapper:
+
+```bash
+./scripts/smoke/run-vpnruntime-ci-guards.sh
+```
+
 ## Verification matrix
 
 ### Locally proven in this repository work
diff --git a/scripts/smoke/run-vpnruntime-ci-guards.sh b/scripts/smoke/run-vpnruntime-ci-guards.sh
new file mode 100755
index 0000000..2391973
--- /dev/null
+++ b/scripts/smoke/run-vpnruntime-ci-guards.sh
@@ -0,0 +1,9 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+REPO_ROOT="$(cd "${SCRIPT_DIR}/../.." && pwd)"
+
+cd "${REPO_ROOT}"
+pwsh -NoProfile -ExecutionPolicy Bypass -File "scripts/smoke/run-vpnruntime-ci-guards.ps1" -AntiFlakeCount 20 -TargetedCount 50
+