diff --git a/lib/flakeModule.nix b/lib/flakeModule.nix
index c2ba9f9..469fc3e 100644
--- a/lib/flakeModule.nix
+++ b/lib/flakeModule.nix
@@ -12,6 +12,15 @@
       inherit (lib) isAttrs filterAttrs mapAttrs types mkOption toList;
       cfg = config.ci.config;
 
+      stdenvMinimal = pkgs.stdenvNoCC.override {
+        cc = null;
+        preHook = "";
+        allowedRequisites = null;
+        initialPath = [pkgs.coreutils pkgs.findutils];
+        shell = "/bin/sh";
+        extraNativeBuildInputs = [];
+      };
+
       filterAttrsRec = pred: v:
         if isAttrs v
         then filterAttrs pred (mapAttrs (path: filterAttrsRec pred) v)
@@ -209,11 +218,22 @@
                 );
               in {
                 name = "gitlab-ci:pipeline:${pipeline_name}:job-deps:${key}";
-                value = pkgs.writeShellScript "gitlab-ci-job-deps:${key}" ''
-                  export PATH="${lib.makeBinPath job.nix.deps}:$PATH";
-                  # variables containing nix derivations:
-                  ${variableExports}
-                '';
+                value = stdenvMinimal.mkDerivation {
+                  name = "gitlab-ci-job-deps-${key}";
+                  dontUnpack = true;
+                  installPhase = let
+                    script = ''
+                      export PATH="${lib.makeBinPath job.nix.deps}:$PATH";
+                      # variables containing nix derivations:
+                      ${variableExports}
+                    '';
+                  in
+                    # sh
+                    ''
+                      echo '${script}' > $out
+                      chmod +x $out
+                    '';
+                };
               })
               jobs;
             # allows the user to directly run the script