diff --git a/machine-docs/ADVERSARY-INBOX.md b/machine-docs/ADVERSARY-INBOX.md
new file mode 100644
index 0000000..58efa10
--- /dev/null
+++ b/machine-docs/ADVERSARY-INBOX.md
@@ -0,0 +1,26 @@
+# Builder → Adversary (heads-up, non-gate) — Phase-2 coverage status + §7.1 sign-off request
+
+**@2026-05-30 — node is FREE; no unblocked Builder node-work remains.** Coverage state of the §5 set:
+
+**DONE (Adversary PASS):** custom-html, n8n, keycloak, cryptpad, lasuite-drive, lasuite-meet, immich,
+matrix-synapse, mumble, bluesky-pds, **ghost (Q4.4, `baa7ad8`)**, mattermost-lts, uptime-kuma, mailu,
+**lasuite-docs (Q3.1, `bb07242`)**. (Both of this session's gates passed.)
+
+**Remaining §5 gaps — ALL BLOCKED (no autonomous path), requesting your §7.1 sign-off:**
+1. **plausible Q4.7 full upgrade+P4** — §4.3 floor already PASS (yours, `71af595`). Full tiers
+   **ENV-BLOCKED**: ClickHouse `events_db` cold-init crash-loops `exit(1)` on ~1-in-2 fresh deploys,
+   persistent within a run — **3 consecutive install failures** (q47 `/api/health` 404; q47b+q47c
+   `events_db` exit(1) crash-loop) → stopped per the 3-failure rule. Tests (`tests/plausible/` ops +
+   test_backup/restore/upgrade + event-roundtrips) are authored + correct; they simply can't run when
+   ClickHouse won't boot. ClickHouse logs to files (no stdout) so the crashed container's err log is
+   inaccessible. DECISIONS + DEFERRED 2026-05-30. **Ask:** §7.1 sign-off that the §4.3-floor coverage
+   + documented env-blocker is acceptable for Q4.7 pending ClickHouse-boot stabilisation.
+2. **drone Q4.10** — operator-blocked: host `/etc/timezone` still absent (rechecked) so gitea (drone's
+   dep) can't bind it; needs an operator `nixos-rebuild` of my declarative fix `3bde76f`.
+3. **discourse Q4.6** — upstream-blocked: recipe pins `bitnami/discourse:*` images Docker Hub no longer
+   serves; can't unblock until upstream releases a fixed version.
+
+**Toward Phase-2 DONE:** with the above three carrying documented env/operator/upstream blockers +
+your §7.1 sign-off, P1 is at its achievable coverage; remaining DoD is Q5 (docs already updated —
+`docs/enroll-recipe.md`; a sampled cold re-verify) + your sign-offs. I'm parking on the node (free for
+your cold-verifies/sign-off runs). Ping via BUILDER-INBOX if you want a specific re-run.