diff --git a/cli/genpolicy/genpolicy.go b/cli/genpolicy/genpolicy.go
index 8fd6cbc47..21af4a3af 100644
--- a/cli/genpolicy/genpolicy.go
+++ b/cli/genpolicy/genpolicy.go
@@ -60,7 +60,13 @@ func (r *Runner) Run(ctx context.Context, yamlPath string, logger *slog.Logger)
 		"--yaml-file=" + yamlPath,
 	}
 	genpolicy := exec.CommandContext(ctx, r.genpolicy.Path(), args...)
-	genpolicy.Env = append(genpolicy.Env, "RUST_LOG=info", "RUST_BACKTRACE=1")
+	genpolicy.Env = os.Environ()
+	if _, hasRustLog := os.LookupEnv("RUST_LOG"); !hasRustLog {
+		genpolicy.Env = append(genpolicy.Env, "RUST_LOG=info")
+	}
+	if _, hasRustBacktrace := os.LookupEnv("RUST_BACKTRACE"); !hasRustBacktrace {
+		genpolicy.Env = append(genpolicy.Env, "RUST_BACKTRACE=1")
+	}
 
 	logFilter := newLogTranslator(logger)
 	defer logFilter.stop()
diff --git a/cli/genpolicy/genpolicy_test.go b/cli/genpolicy/genpolicy_test.go
index 2408f882a..a41382230 100644
--- a/cli/genpolicy/genpolicy_test.go
+++ b/cli/genpolicy/genpolicy_test.go
@@ -39,6 +39,8 @@ while [ $# -gt 0 ]; do
   esac
   shift
 done
+
+echo -e "HOME=${HOME}\nXDG_RUNTIME_DIR=${XDG_RUNTIME_DIR}\nDOCKER_CONFIG=${DOCKER_CONFIG}\nREGISTRY_AUTH_FILE=${REGISTRY_AUTH_FILE}" >env_path
 `
 
 func TestRunner(t *testing.T) {
@@ -47,6 +49,11 @@ func TestRunner(t *testing.T) {
 	ctx := context.Background()
 	logger := slog.Default()
 
+	t.Setenv("HOME", "/invalid/home")
+	t.Setenv("XDG_RUNTIME_DIR", "/invalid/xdg")
+	t.Setenv("DOCKER_CONFIG", "/invalid/docker")
+	t.Setenv("REGISTRY_AUTH_FILE", "/invalid/registry")
+
 	d := t.TempDir()
 	genpolicyBin := []byte(fmt.Sprintf(scriptTemplate, d))
 
@@ -57,6 +64,7 @@ func TestRunner(t *testing.T) {
 	cachePath := filepath.Join(d, "cache", "cache.json")
 	expectedYAMLPath := filepath.Join(d, "test.yml")
 	yamlPathFile := filepath.Join(d, "yaml_path")
+	envFile := filepath.Join(d, "env_path")
 
 	r, err := New(expectedRulesPath, expectedSettingsPath, cachePath, genpolicyBin)
 	require.NoError(err)
@@ -75,5 +83,17 @@ func TestRunner(t *testing.T) {
 	require.NoError(err)
 	assert.YAMLEq(expectedYAMLPath, string(yamlPath))
 
+	env, err := os.ReadFile(envFile)
+	require.NoError(err)
+	assert.YAMLEq(expectedYAMLPath, string(yamlPath))
+	for _, expected := range []string{
+		"HOME=/invalid/home",
+		"XDG_RUNTIME_DIR=/invalid/xdg",
+		"DOCKER_CONFIG=/invalid/docker",
+		"REGISTRY_AUTH_FILE=/invalid/registry",
+	} {
+		assert.Contains(string(env), expected)
+	}
+
 	require.NoError(r.Teardown())
 }