diff --git a/scripts/cowork-vm-service.js b/scripts/cowork-vm-service.js
index 3b52c47..e6b5690 100644
--- a/scripts/cowork-vm-service.js
+++ b/scripts/cowork-vm-service.js
@@ -1813,6 +1813,12 @@ function detectBackend(emitEvent) {
             stdio: 'pipe', timeout: 5000
         });
         log('Backend: bwrap');
+        // Hint for users upgrading from KVM-first auto-detection
+        try {
+            fs.accessSync('/dev/kvm', fs.constants.R_OK | fs.constants.W_OK);
+            log('Note: KVM is available but bwrap is now the default. '
+                + 'Set COWORK_VM_BACKEND=kvm for full VM isolation.');
+        } catch (_) { /* KVM not available, no hint needed */ }
         return new BwrapBackend(emitEvent);
     } catch (e) {
         log(`bwrap not available: ${e.message}`);
diff --git a/scripts/launcher-common.sh b/scripts/launcher-common.sh
index 321b747..ca1018b 100755
--- a/scripts/launcher-common.sh
+++ b/scripts/launcher-common.sh
@@ -490,8 +490,10 @@ print(len(servers))
 			_pass 'KVM: accessible'
 		else
 			"$_kvm_issue" 'KVM: /dev/kvm exists but not accessible'
-			_info "Fix: sudo usermod -aG kvm $USER"
-			_info '(Log out and back in after running this)'
+			if $_kvm_active; then
+				_info "Fix: sudo usermod -aG kvm $USER"
+				_info '(Log out and back in after running this)'
+			fi
 		fi
 	else
 		"$_kvm_issue" 'KVM: not available'
@@ -548,7 +550,13 @@ print(len(servers))
 
 	# Determine active backend (matches daemon's detectBackend())
 	local cowork_backend='none (host-direct, no isolation)'
-	if command -v bwrap &>/dev/null \
+	if [[ -n ${COWORK_VM_BACKEND-} ]]; then
+		case ${COWORK_VM_BACKEND,,} in
+			kvm)  cowork_backend='KVM (full VM isolation, via override)' ;;
+			bwrap) cowork_backend='bubblewrap (namespace sandbox, via override)' ;;
+			host) cowork_backend='host-direct (no isolation, via override)' ;;
+		esac
+	elif command -v bwrap &>/dev/null \
 		&& bwrap --ro-bind / / true &>/dev/null; then
 		cowork_backend='bubblewrap (namespace sandbox)'
 	elif [[ -e /dev/kvm ]] \