diff --git a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml
index 1626124..039947f 100644
--- a/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml
+++ b/.gitea/workflows/cloudflare-auto-pr-tofu-pipeline.yml
@@ -113,25 +113,52 @@ jobs:
           chdir: cloudflare
           out: cloudflare.tfplan
 
-      - name: PR Comment
+      - name: Build Markdown PR comment from plan file
+        run: |
+          mkdir -p tmp
+          {
+            echo "## 🧩 OpenTofu Plan — Cloudflare"
+            echo "**Branch:** \`${{ github.ref_name }}\`"
+            echo "**Exit Code:** \`${{ steps.tofu_plan.outputs.exitcode }}\`"
+            echo "**Working Directory:** \`cloudflare\`"
+            echo ""
+            echo "<details><summary>🪶 Click to expand full plan output</summary>"
+            echo ""
+            echo '```hcl'
+            tofu show cloudflare.tfplan         # <-- read file directly, ACT-safe
+            echo '```'
+            echo ""
+            echo "</details>"
+            echo ""
+            echo "*(This plan was automatically generated by the workflow.)*"
+          } > tmp/tofu-plan.md
+          echo "Markdown PR comment built: tmp/tofu-plan.md"
+
+      - name: Load markdown plan into env var (safe for large output)
+        id: load-plan-md
+        run: |
+          # Ensure file exists and isn't absurdly large
+          if [ ! -f tmp/tofu-plan.md ]; then
+            echo "❌ Missing tmp/tofu-plan.md"
+            exit 1
+          fi
+
+          # Collapse newlines for environment storage
+          plan_md=$(awk '{printf "%s\\n", $0}' tmp/tofu-plan.md)
+          echo "COMMENT_TEMPLATE<<EOF" >> $GITHUB_ENV
+          echo -e "$plan_md" >> $GITHUB_ENV
+          echo "EOF" >> $GITHUB_ENV
+
+      - name: Comment full Tofu Plan on PR (Gitea safe)
         uses: https://git.trez.wtf/Trez.One/git-auto-comment@main
-        env:
-          DEBUG: true
         with:
-          debug: true
           platform: gitea
           api_url: https://git.trez.wtf/api/v1
           token: ${{ secrets.BOT_GITEA_TOKEN }}
           pr_index: ${{ needs.check-and-create-pr.outputs.pr_number }}
           repo_owner: ${{ github.repository_owner }}
           repo_name: ${{ steps.env-vault-vars.outputs.repo_name }}
-          plan_file: cloudflare/cloudflare.tfplan
-          comment_template: |
-            🚀 **Tofu Plan Output**
-            ---
-            ${{ steps.tofu-plan.outputs.plan-output }}
-
-            Exit Code: ${{ steps.tofu-plan.outputs.exitcode }}
+          comment_template: ${{ env.COMMENT_TEMPLATE }}
 
       - name: Wait for manual approval
         uses: trstringer/manual-approval@v1