diff --git a/docker-compose.e2e.yml b/docker-compose.e2e.yml
index 6e3b382..5603594 100644
--- a/docker-compose.e2e.yml
+++ b/docker-compose.e2e.yml
@@ -37,7 +37,7 @@ services:
   assistant:
     build:
       context: .
-      dockerfile: Dockerfile
+      dockerfile: e2e/Dockerfile.e2e
     container_name: e2e-assistant
     depends_on:
       gitea:
diff --git a/e2e/Dockerfile.e2e b/e2e/Dockerfile.e2e
new file mode 100644
index 0000000..778535d
--- /dev/null
+++ b/e2e/Dockerfile.e2e
@@ -0,0 +1,16 @@
+# E2E 测试用简化 Dockerfile（跳过 frontend 构建）
+FROM oven/bun:1
+
+WORKDIR /app
+
+RUN apt-get update && apt-get install -y git ripgrep curl && rm -rf /var/lib/apt/lists/*
+
+COPY package.json bun.lock* bun.lockb* ./
+RUN bun install --no-frozen-lockfile
+
+COPY src ./src
+COPY tsconfig.json .
+
+EXPOSE 3000
+
+CMD ["bun", "run", "start"]
diff --git a/e2e/seed.sh b/e2e/seed.sh
index 0cc7a44..22bcd26 100755
--- a/e2e/seed.sh
+++ b/e2e/seed.sh
@@ -70,6 +70,7 @@ pushd "${CLONE_DIR}/repo" > /dev/null
 git config user.email "e2e@test.local"
 git config user.name "E2E Bot"
 
+mkdir -p src
 cat > src/auth.ts << 'TSEOF'
 export function authenticate(token: string): boolean {
   // 正确的认证实现
@@ -84,7 +85,6 @@ function verifyToken(token: string): boolean {
 }
 TSEOF
 
-mkdir -p src
 git add -A
 git commit -m "initial: add auth module" --allow-empty 2>/dev/null || true
 git push origin main 2>/dev/null || true
diff --git a/e2e/test.sh b/e2e/test.sh
index bf4e0f8..c67e59f 100755
--- a/e2e/test.sh
+++ b/e2e/test.sh
@@ -106,8 +106,12 @@ fi
 
 # ─── 测试 5: Review Run 状态检查 ───
 echo "[TEST 5] Review Run 状态"
-RUNS=$(curl -sf "${ASSISTANT_URL}/admin/api/review/runs" 2>/dev/null || echo "[]")
-RUN_COUNT=$(echo "${RUNS}" | python3 -c "import sys,json; d=json.load(sys.stdin); print(len(d) if isinstance(d,list) else len(d.get('runs',[])))" 2>/dev/null || echo "0")
+ADMIN_JWT=$(curl -sf -X POST "${ASSISTANT_URL}/admin/api/login" \
+  -H "Content-Type: application/json" \
+  -d '{"password":"password"}' | python3 -c "import sys,json; print(json.load(sys.stdin).get('token',''))" 2>/dev/null || echo "")
+RUNS=$(curl -sf "${ASSISTANT_URL}/admin/api/review/runs" \
+  -H "Authorization: Bearer ${ADMIN_JWT}" 2>/dev/null || echo "[]")
+RUN_COUNT=$(echo "${RUNS}" | python3 -c "import sys,json; d=json.load(sys.stdin); print(len(d.get('data',d if isinstance(d,list) else [])))" 2>/dev/null || echo "0")
 
 if [ "${RUN_COUNT}" -gt "0" ]; then
   echo "  ✅ PASS: 发现 ${RUN_COUNT} 个 review run(s)"
@@ -116,7 +120,7 @@ if [ "${RUN_COUNT}" -gt "0" ]; then
   echo "${RUNS}" | python3 -c "
 import sys, json
 data = json.load(sys.stdin)
-runs = data if isinstance(data, list) else data.get('runs', [])
+runs = data.get('data', data if isinstance(data, list) else data.get('runs', []))
 for r in runs[:3]:
     print(f\"    - {r.get('id','?')[:8]}... status={r.get('status','?')} attempts={r.get('attempts','?')}\")
 " 2>/dev/null || true