diff --git a/Netgrimoire/Audits/caddy-2026-04-27.md b/Netgrimoire/Audits/caddy-2026-04-27.md
new file mode 100644
index 0000000..e9ac7cd
--- /dev/null
+++ b/Netgrimoire/Audits/caddy-2026-04-27.md
@@ -0,0 +1,40 @@
+---
+title: Audit - caddy.yaml
+description: Gremlin audit report 2026-04-27
+published: true
+date: 2026-04-27T11:48:08.829Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-04-27T11:48:08.829Z
+---
+
+# Audit Report — caddy.yaml
+
+**Date:** 2026-04-27  
+**File:** swarm/stack/caddy/caddy.yaml  
+**Type:** Docker Swarm  
+**Verdict:** FAIL
+
+---
+
+### SWARM AUDIT REPORT
+
+1. **Homepage labels**:  
+   - **FAIL**: No homepage labels are specified in the `caddy.yaml` file.
+
+2. **Uptime Kuma labels**:  
+   - **FAIL**: No Uptime Kuma related labels or services are present in the `caddy.yaml` file.
+
+3. **Caddy labels on exposed services**:  
+   - **FAIL**: No `caddy=<domain>` or `caddy.reverse_proxy` labels are specified for any services.
+
+4. **Placement constraints**:  
+   - **PASS**: Constraints are correctly set to ensure that both the `caddy` and `crowdsec` services are placed on the node with the hostname `znas`.
+
+5. **Volumes use /DockerVol/<service> path convention**:  
+   - **FAIL**: No volumes follow the `/DockerVol/<service>` path convention.
+
+6. **Network references external netgrimoire overlay**:  
+   - **PASS**: The `netgrimoire` network is referenced as an external network correctly.
+
+### VERDICT: FAIL
\ No newline at end of file