diff --git a/REVIEW.md b/REVIEW.md
index f4c2487..0e65786 100644
--- a/REVIEW.md
+++ b/REVIEW.md
@@ -226,3 +226,13 @@ running bridge + Drone:
 Verdict: **M3 PASS.** (Polling is outbound read+comment only — no repo-admin; webhook optional.)
 Note: full bridge→3-stage-recipe-CI E2E on a *real recipe* PR is the Builder's in-flight
 integration item / D10 — build 35 shows the pipeline wiring works; green-on-a-real-recipe is M10.
+
+## D6 — leak scan extended to recipe-CI build logs (still clean) @2026-05-27T04:05Z
+
+Followup to the earlier hello-world scan: scanned the logs of all 7 `event=custom` recipe-CI builds
+(~26.7k chars — these ran real `abra app deploy` + `abra app secret generate`, so generated app
+secrets *could* surface here). Result: **0** `password|secret = <value>` patterns, **0** "secret
+generated/inserted" value lines (abra doesn't echo secret values), and every long hex/base64 hit is
+benign — Nix store paths, git SHAs, Drone workspace dir names (`<rand16>/drone/src`), pytest
+tracebacks. No app-secret leak in published recipe-run logs. (Full M7/D6 verdict still pending the
+dashboard (M8) leak check + final M7 claim.)