diff --git a/shared/common.sh b/shared/common.sh
index f44729af..eb3f14c1 100644
--- a/shared/common.sh
+++ b/shared/common.sh
@@ -943,6 +943,9 @@ _init_oauth_session() {
         return 1
     fi
 
+    # Track directory for cleanup on exit
+    track_temp_file "${oauth_dir}"
+
     # SECURITY: Generate random CSRF state token (32 hex chars = 128 bits)
     local csrf_state
     csrf_state=$(_generate_csrf_state)
@@ -1253,7 +1256,7 @@ track_temp_file() {
     CLEANUP_TEMP_FILES+=("${temp_file}")
 }
 
-# Cleanup function for temporary files
+# Cleanup function for temporary files and directories
 # Called automatically on EXIT, INT, TERM signals
 cleanup_temp_files() {
     local exit_code=$?
@@ -1262,6 +1265,9 @@ cleanup_temp_files() {
         if [[ -f "${temp_file}" ]]; then
             # Securely remove temp files (may contain credentials)
             shred -f -u "${temp_file}" 2>/dev/null || rm -f "${temp_file}"
+        elif [[ -d "${temp_file}" ]]; then
+            # Remove temp directories (e.g., OAuth session dirs)
+            rm -rf "${temp_file}"
         fi
     done