diff --git a/Netgrimoire/Audits/phpipam-2026-04-13.md b/Netgrimoire/Audits/phpipam-2026-04-13.md
new file mode 100644
index 0000000..023669d
--- /dev/null
+++ b/Netgrimoire/Audits/phpipam-2026-04-13.md
@@ -0,0 +1,46 @@
+---
+title: Audit - phpipam.yaml
+description: Gremlin audit report 2026-04-13
+published: true
+date: 2026-04-13T11:30:20.018Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-04-13T11:30:20.018Z
+---
+
+# Audit Report — phpipam.yaml
+
+**Date:** 2026-04-13  
+**File:** swarm/phpipam.yaml  
+**Type:** Docker Swarm  
+**Verdict:** PASS
+
+---
+
+**SWARM AUDIT REPORT**
+
+1. **Homepage labels:** 
+   - `homepage.group`: PASS
+   - `homepage.name`: PASS
+   - `homepage.icon`: PASS
+   - `homepage.href`: PASS
+   - `homepage.description`: PASS
+
+2. **Uptime Kuma labels:**
+   - No Uptime Kuma services found in the configuration.
+
+3. **Caddy labels on exposed services:**
+   - `caddy=ipam.netgrimoire.com` and `caddy.reverse_proxy="{{upstreams 80}}"` are present in `phpipam-web` service. PASS
+
+4. **Placement constraints:**
+   - All services have the constraint `node.hostname == docker3`. This is consistent across all services. PASS
+
+5. **Volumes use /DockerVol/<service> path convention:**
+   - All volume paths follow the `/DockerVol/<service>` convention:
+     - `/DockerVol/phpipam/phpipam-logo` in `phpipam-web`, `phpipam-cron`
+     - `/DockerVol/phpipam/mariadb` in `phpipam-mariadb`. PASS
+
+6. **Network references external netgrimoire overlay:**
+   - The `netgrimoire` network is defined as an external network, which is correctly referenced by all services. PASS
+
+**VERDICT: PASS**
\ No newline at end of file