refactor: add explicit STRIX_IMAGE validation

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

strix/runtime/docker_runtime.py

@@ -119,10 +119,13 @@ class DockerRuntime(AbstractRuntime):
     def _create_container_with_retry(self, scan_id: str, max_retries: int = 3) -> Container:
         last_exception = None
         container_name = f"strix-scan-{scan_id}"
+        image_name = Config.get("strix_image")
+        if not image_name:
+            raise ValueError("STRIX_IMAGE must be configured")
 
         for attempt in range(max_retries):
             try:
-                self._verify_image_available(Config.get("strix_image") or "")
+                self._verify_image_available(image_name)
 
                 try:
                     existing_container = self.client.containers.get(container_name)
@@ -143,10 +146,8 @@ class DockerRuntime(AbstractRuntime):
                 self._tool_server_port = tool_server_port
                 self._tool_server_token = tool_server_token
 
-                container = cast(
+                container = self.client.containers.run(
-                    "Container",
+                    image_name,
-                    self.client.containers.run(  # type: ignore[call-overload]
-                        Config.get("strix_image"),
                     command="sleep infinity",
                     detach=True,
                     name=container_name,
@@ -166,7 +167,6 @@ class DockerRuntime(AbstractRuntime):
                     },
                     extra_hosts=self._get_extra_hosts(),
                     tty=True,
-                    ),
                 )
 
                 self._scan_container = container