diff --git a/Netgrimoire/Audits/web-2026-04-27.md b/Netgrimoire/Audits/web-2026-04-27.md
new file mode 100644
index 0000000..63e5ee6
--- /dev/null
+++ b/Netgrimoire/Audits/web-2026-04-27.md
@@ -0,0 +1,51 @@
+---
+title: Audit - web.yaml
+description: Gremlin audit report 2026-04-27
+published: true
+date: 2026-04-27T11:42:22.010Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-04-27T11:42:22.010Z
+---
+
+# Audit Report — web.yaml
+
+**Date:** 2026-04-27  
+**File:** swarm/web.yaml  
+**Type:** Docker Swarm  
+**Verdict:** PASS
+
+---
+
+**SWARM AUDIT**
+
+1. **Homepage labels:** 
+   - `homepage.name=www.netgrimoire.com` is present.
+   - `homepage.icon=mdi:web` is present.
+   - `homepage.href` and `homepage.description` are missing.
+
+2. **Uptime Kuma labels:** 
+   - `kuma.web.http.name=www.netgrimoire.com` is present.
+   - `kuma.web.http.url=http://web:80` is present.
+
+3. **Caddy labels on exposed services:** 
+   - `caddy=www.netgrimoire.com` is present.
+   - `caddy.reverse_proxy="web:80"` is present.
+   - Missing: `caddy.import=authentik`, `caddy.import=crowdsec`.
+
+4. **Placement constraints:**
+   - `node.labels.cpu == amd` is present.
+
+5. **Volumes use /DockerVol/<service> path convention:** 
+   - `/data/nfs/znas/Docker/web/pages:/var/www/html:rw` does not follow the convention.
+   - `/data/nfs/znas/Docker/web/apache:/etc/apache2/sites-enabled:ro` does not follow the convention.
+
+6. **Network references external netgrimoire overlay:** 
+   - `netgrimoire` network is referenced correctly.
+
+**Fixes:**
+- Add missing homepage labels: `homepage.href`, `homepage.description`.
+- Include missing Kuma import labels: `caddy.import=authentik`, `caddy.import=crowdsec`.
+- Update volume paths to follow the convention: `/DockerVol/web/pages:/var/www/html` and `/DockerVol/web/apache:/etc/apache2/sites-enabled`.
+
+**VERDICT:** FAIL
\ No newline at end of file