diff --git a/deploy/scripts/sgx/get_token.sh b/deploy/scripts/sgx/get_token.sh
index 049671308..cf978735a 100755
--- a/deploy/scripts/sgx/get_token.sh
+++ b/deploy/scripts/sgx/get_token.sh
@@ -1,11 +1,30 @@
 #!/bin/bash
 
-cd /gramine/CI-Examples/generate-token/
-make clean > /dev/null
-export SGX=1
-export SGX_SIGNER_KEY=/root/.config/gramine/enclave-key.pem
-make all > /dev/null
-if [ $? -eq 0 ]; then
-    gramine-sgx-get-token -s python.sig -o /dev/null
-fi
-make clean > /dev/null
\ No newline at end of file
+function get_token(){
+    local need_clean=0
+    cd /gramine/CI-Examples/generate-token/
+    make clean > /dev/null
+    export SGX=1
+    export SGX_SIGNER_KEY=/root/.config/gramine/enclave-key.pem
+
+    # mkdir and make
+    if [ ! -d "/gramine/leader" ] || [ ! -d "/gramine/follower" ]; then
+        mkdir -p /gramine/leader
+        mkdir -p /gramine/follower
+        need_clean=1
+    fi
+    make all > /dev/null
+    if [ $? -eq 0 ]; then
+        gramine-sgx-get-token -s python.sig -o /dev/null
+    fi
+
+    # clean
+    make clean > /dev/null
+    if [ $need_clean==1 ]; then
+        rm -rf /gramine/leader
+        rm -rf /gramine/follower
+    fi
+    cd -
+}
+
+get_token
\ No newline at end of file
diff --git a/sgx/gramine/CI-Examples/generate-token/python.manifest.template b/sgx/gramine/CI-Examples/generate-token/python.manifest.template
index 444a6783e..573bbd4c0 100644
--- a/sgx/gramine/CI-Examples/generate-token/python.manifest.template
+++ b/sgx/gramine/CI-Examples/generate-token/python.manifest.template
@@ -67,6 +67,9 @@ sgx.trusted_files = [
   "file:/usr/{{ arch_libdir }}/",
   "file:/etc/ssl/certs/ca-certificates.crt",
   "file:/etc/default/apport",
+  "file:/usr/local/lib/",
+  "file:{{ python.stdlib }}/",
+  "file:{{ python.distlib }}/", 
   "file:/etc/mime.types",
   "file:/gramine/leader/",
   "file:/gramine/follower/"
@@ -76,8 +79,6 @@ sgx.allowed_files = [
   "file:tensorflow_io.py",
   "file:/opt/tiger/",
   "file:/opt/meituan/",
-  "file:{{ python.stdlib }}/",
-  "file:{{ python.distlib }}/",
   "file:/usr/lib/ssl/openssl.cnf",
   "file:/usr/lib/gcc",
   "file:/etc/ethers",
@@ -99,7 +100,6 @@ sgx.allowed_files = [
   "file:/root/.keras/keras.json",
   "file:dynamic_config.json",
   "file:/usr/bin/",
-  "file:/usr/local/lib",
   "file:/lib/",
   "file:/bin/",
   "file:/data/",