diff --git a/modules/programs/default.nix b/modules/programs/default.nix
index 92f4d0de..53185584 100644
--- a/modules/programs/default.nix
+++ b/modules/programs/default.nix
@@ -47,7 +47,6 @@ let
             autodetectCliPaths
             binMap
             capabilities
-            embedProfile
             embedSandboxer
             extraConfig
             method
@@ -244,23 +243,11 @@ let
         type = types.bool;
         default = true;
       };
-      sandbox.embedProfile = mkOption {
-        type = types.bool;
-        default = false;
-        description = ''
-          whether to embed the sandbox settings (path access, etc) into the wrapped binary that lives in /nix/store (true),
-          or to encode only a profile name in the wrapper, and use it to query the settings at runtime (false).
-
-          embedded profile means you have to rebuild the wrapper any time you adjust the sandboxing flags,
-          but it also means you can run the program without installing it: helpful for iteration.
-        '';
-      };
       sandbox.embedSandboxer = mkOption {
         type = types.bool;
         default = false;
         description = ''
           whether the sandboxed application should reference its sandboxer by path or by name.
-          if you're setting this option you probably also want `embedProfile = true`
         '';
       };
       sandbox.wrapperType = mkOption {