diff --git a/.custodian-brief.md b/.custodian-brief.md
index 3598d1d..b37087e 100644
--- a/.custodian-brief.md
+++ b/.custodian-brief.md
@@ -2,20 +2,29 @@
 # Custodian Brief — net-kingdom
 
 **Domain:** netkingdom  
-**Last synced:** 2026-05-24 00:10 UTC  
+**Last synced:** 2026-05-26 05:10 UTC  
 **State Hub:** http://127.0.0.1:8000 *(adjust if running on a remote machine)*
 
 ## Active Workstreams
 
-### King Credential And OpenBao Identity Bootstrap
-Progress: 2/8 done  |  workstream_id: `6b9c25e4-1008-429a-8de6-54361872c0dd`
+### IT Security Readiness For User Onboarding
+Progress: 0/7 done  |  workstream_id: `385de708-fd59-4bab-a4f4-28c1c476b3ea`
 
 **Open tasks:**
-- ! T03 - Approve King Custody Mode  `56a6266a`
-- ! T04 - Complete Railiance OpenBao Bootstrap Ceremony  `2102366e`
-- · T05 - Provision First NetKingdom Admin Identity  `d2a81d7b`
-- · T06 - Bind OpenBao Admin Auth To NetKingdom IAM  `ef97f3cb`
-- · T07 - Verify Recovery, Audit, And Rotation  `aa40cbb4`
+- ► T01 - Finish OIDC-Backed OpenBao Admin Login  `9b087bbd`
+- · T02 - Close OpenBao Audit And Recovery Production Gates  `909944bd`
+- · T03 - Close Trial Taint And Retire Bootstrap Admin Paths  `a6cd4325`
+- · T04 - Harden Bootstrap Infrastructure Before User Onboarding  `12c31f76`
+- · T05 - Implement First User Lifecycle Operator Flow  `aec3ac45`
+- · T06 - Run A Non-Root Onboarding Dry Run  `c149b2f0`
+- · T07 - Review And Retire Superseded Bootstrap Workplans  `e9ceafb2`
+
+### King Credential And OpenBao Identity Bootstrap
+Progress: 5/8 done  |  workstream_id: `6b9c25e4-1008-429a-8de6-54361872c0dd`
+
+**Open tasks:**
+- ► T06 - Bind OpenBao Admin Auth To NetKingdom IAM  `ef97f3cb`
+- ► T07 - Verify Recovery, Audit, And Rotation  `aa40cbb4`
 - · T08 - Reset, Rotate, And Reopen Under King Oversight  `e6a60dca`
 
 ---