diff --git a/machine-docs/BACKLOG-2.md b/machine-docs/BACKLOG-2.md
index 11a6e95..eaf71b0 100644
--- a/machine-docs/BACKLOG-2.md
+++ b/machine-docs/BACKLOG-2.md
@@ -176,12 +176,19 @@ Phase plan: `/srv/cc-ci/cc-ci-plan/plan-phase2-recipe-tests.md`
       with the F2-7 keycloak-specificity caveat; worked lasuite-docs example end-to-end. **Will
       re-pass when Q3.2/Q3.5 enroll new recipes** (immich/lasuite-drive) to confirm a new
       engineer can follow the doc cold.
-- [ ] **[idea]** — Harness image pre-pull before `abra app deploy`. First-ever deploy of a fresh
-      recipe can hit a swarm "No such image" placement race on digest-pinned images (observed once on
-      lasuite-meet's first deploy; self-resolved after manual `docker pull`; images then cached + kept
-      by the conservative prune). A pre-pull (parse compose images, `docker pull` each in
-      `lifecycle.deploy_app` before deploy) would make first-cold deploys deterministic. Low-risk,
-      helps every fresh recipe + a from-scratch host (D8). Not blocking (warm-cache model masks it).
+- [ ] **HQ1 — Harness image pre-pull (near-term unit, orchestrator 2026-05-29).** PLAN:
+      `cc-ci-plan/plan-prepull-images.md`. At the START of a recipe test sequence (before the first
+      `abra app deploy`) AND before the upgrade tier's new-version deploy: resolve recipe images via
+      `docker compose --env-file <app.env> -f <COMPOSE_FILE> config --images` and `docker pull` each
+      (skip-if-present via `docker image inspect` for pinned tags); then the normal abra deploy runs
+      UNCHANGED (real abra; pre-pull just warms the local store). Value: separates pull from converge
+      → a pull failure is a CLEAR pull error (not a murky "not converged" timeout); images-local →
+      faster convergence within abra's native window (less need for the -c workaround on *pull-bound*
+      deploys — note collabora's slow-INIT still needs the recipe healthcheck, not affected). Cheap on
+      warm cache (`docker pull` = "Already exists" no re-download; skip-if-present = zero network for
+      pinned tags). Directly fixes the "No such image" first-deploy race I hit on immich + lasuite-meet.
+      **Adversary verifies:** warm-cache 2nd run does NO layer re-download; a bad-tag pre-pull fails as
+      a clear pull error PRE-deploy. Pick up as a near-term harness unit (NOT a phase-pause).
 - [ ] **Q5.2** — Adversary samples a subset and cold-verifies parity tables + specific tests are real
       (not health-only, not skipped). NO weakened test, no corners cut (P7).
 - [ ] **Q5.3** — Phase 2 `## DONE` after all P1–P8 Adversary cold-verified PASS, no standing VETO.