STATUS: M3 CLAIMED (polling primary verified) + resource-safety section; clear webhook blocker

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

BACKLOG.md

@@ -34,9 +34,18 @@ Two single-writer sections (§6.1): Builder edits only `## Build backlog`; Adver
       OAuth link via one-time `scripts/bootstrap-drone-oauth.sh` (documented in install.md §2).
 
 ### M3 — Comment bridge
-- [ ] comment-bridge service: HMAC verify, !testme exact match, collaborator check, Drone API call
-- [ ] PR comment posting with run link
-- [ ] Gate: M3 — live demo on scratch PR; auth enforced
+- [x] comment-bridge service: polling PRIMARY (read-only, ≤30s) + optional admin webhook; !testme
+      exact match; org-membership auth (`GET /orgs/{owner}/members/{user}` 204) + allowlist; Drone API
+- [x] PR comment posting with run link
+- [x] Gate: M3 — live demo on scratch PR; auth enforced → CLAIMED 2026-05-27. Posted `!testme` on
+      PR #1 → poll fired in 6s → Drone build #26 for head d397720a → bridge commented run link back.
+      Org-membership auth verified (bot/trav/notplants 204, non-member 404 at read level).
+
+### Bridge→Drone→harness integration (connects M3 trigger to M4/M5 recipe CI; blocks D2/D10 via !testme)
+- [ ] Add a recipe-CI pipeline to `.drone.yml` keyed on the `RECIPE` build param: runs
+      `cc-ci-run runner/run_recipe_ci.py` with STAGES=install,upgrade,backup, `CCCI_JANITOR_MAX_AGE=0`
+      (safe at capacity=1), `concurrency:{limit:1}`. Keep the existing `self-test` pipeline for pushes.
+- [ ] Verify a real `!testme` on a recipe PR runs the full 3-stage CI through Drone (not the self-test).
 
 ### M4 — Harness + install stage
 - [x] run_recipe_ci.py + conftest + harness (abra wrappers, lifecycle) + Nix python/playwright env