diff --git a/CHANGELOG.md b/CHANGELOG.md
index 135edf2..3a975e4 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -21,6 +21,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - **Scanner Output** — Symmetrized naming of formatters (`formatJson`, `formatText`, `formatSarif`) and fixed broken exports in `@worms-ctrl/scanner`.
 - **KB Engine** — Fixed asynchronous generator logic in `chunker.ts` and removed dead exports from `@worms-ctrl/kb`.
 - **Process Suspension Safety** — Fixed remediation playbook phase mapping and type definitions for safe malware containment.
+- **`safe-suspend` Parameter Fix** — Removed unused `_dryRun` parameter and implemented its logic in `packages/remediation/src/scripts/safe-suspend.ts`.
 
 ### Added
 
diff --git a/packages/remediation/src/scripts/safe-suspend.ts b/packages/remediation/src/scripts/safe-suspend.ts
index 4aa4cc4..8da78a0 100644
--- a/packages/remediation/src/scripts/safe-suspend.ts
+++ b/packages/remediation/src/scripts/safe-suspend.ts
@@ -8,11 +8,15 @@
 
 const MALICIOUS_SIGNATURES = ['bun_environment.js', 'setup_bun.js', 'trufflehog', '.truffler-cache']
 
-export async function safeSuspend(_dryRun = false): Promise<void> {
+export async function safeSuspend(dryRun = false): Promise<void> {
   console.log('[safe-suspend] Scanning for malicious processes...')
 
   for (const sig of MALICIOUS_SIGNATURES) {
     // Placeholder: actual pgrep implementation
-    console.log(`[safe-suspend] Would freeze processes matching: ${sig}`)
+    if (dryRun) {
+      console.log(`[safe-suspend] [DRY-RUN] Would freeze processes matching: ${sig}`)
+    } else {
+      console.log(`[safe-suspend] Freezing processes matching: ${sig}`)
+    }
   }
 }