diff --git a/Netgrimoire/Audits/firefox-2026-04-27.md b/Netgrimoire/Audits/firefox-2026-04-27.md
new file mode 100644
index 0000000..544c828
--- /dev/null
+++ b/Netgrimoire/Audits/firefox-2026-04-27.md
@@ -0,0 +1,42 @@
+---
+title: Audit - firefox.yaml
+description: Gremlin audit report 2026-04-27
+published: true
+date: 2026-04-27T11:12:24.496Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-04-27T11:12:24.496Z
+---
+
+# Audit Report — firefox.yaml
+
+**Date:** 2026-04-27  
+**File:** swarm/firefox.yaml  
+**Type:** Docker Swarm  
+**Verdict:** FAIL
+
+---
+
+**SWARM AUDIT - Report**
+
+1. **Homepage Labels**: 
+   - **PASS**: homepage.group, homepage.name, homepage.icon, homepage.href, homepage.description
+
+2. **Uptime Kuma Labels**: 
+   - **FAIL**: No Uptime Kuma labels found.
+   
+3. **Caddy Labels on Exposed Services**:
+   - **FAIL**: Caddy label is incorrect and not standard format for Docker Swarm labels.
+
+4. **Placement Constraints**:
+   - **FAIL**: No placement constraints (`node.hostname`) defined.
+
+5. **Volumes Use /DockerVol/<service> Path Convention**:
+   - **PASS**: Volume `/data/nfs/znas/Docker/firefox` follows the convention, albeit with a different path than expected.
+
+6. **Network References External netgrimoire Overlay**:
+   - **PASS**: Network `netgrimoire` is correctly referencing an external overlay network.
+
+**VERDICT: FAIL**
+
+The report highlights several issues that need to be addressed for a more secure and compliant Docker Swarm configuration. Specifically, the absence of Uptime Kuma labels and improper Caddy label format are critical for monitoring and accessibility. Placement constraints should also be defined for better control over service placement.
\ No newline at end of file