diff --git a/Netgrimoire/Audits/portainer-agent-stack-2026-04-03.md b/Netgrimoire/Audits/portainer-agent-stack-2026-04-03.md
new file mode 100644
index 0000000..2acbd37
--- /dev/null
+++ b/Netgrimoire/Audits/portainer-agent-stack-2026-04-03.md
@@ -0,0 +1,67 @@
+---
+title: Audit - portainer-agent-stack.yml
+description: Gremlin audit report 2026-04-03
+published: true
+date: 2026-04-03T03:10:38.984Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-04-03T03:10:38.984Z
+---
+
+# Audit Report — portainer-agent-stack.yml
+
+**Date:** 2026-04-03  
+**File:** swarm/portainer-agent-stack.yml  
+**Type:** Docker Swarm  
+**Verdict:** FAIL
+
+---
+
+### Audit Results:
+
+1. **Homepage labels**:
+   - `homepage.group`: Present
+   - `homepage.name`: Present
+   - `homepage.icon`: Present
+   - `homepage.href`: Present
+   - `homepage.description`: Present
+
+2. **Uptime Kuma labels**:
+   - `kuma.prt.http.name`: Missing (Expected: "Portainer")
+   - `kuma.prt.http.url`: Missing (Expected: "http://portainer:9000")
+
+3. **Caddy labels on exposed services**:
+   - `caddy=docker.netgrimoire.com`: Present
+   - `caddy.reverse_proxy="http://portainer:9000"`: Present
+
+4. **Placement constraints**:
+   - `node.hostname == znas`: Present (Note: This constraint might not be ideal for a global service, but it's specified as per the file.)
+
+5. **Volumes use `/DockerVol/<service>` path convention**:
+   - Volume `/DockerVol/portainer`: Present
+   - Volume `/var/run/docker.sock`: Absent (Not following the `/DockerVol/<service>` convention)
+   - Volume `/var/lib/docker/volumes`: Absent (Not following the `/DockerVol/<service>` convention)
+
+6. **Network references external `netgrimoire` overlay**:
+   - `networks: netgrimoire`: Present
+
+### Issues and Fixes:
+
+- **Uptime Kuma labels**: Add the missing labels with the correct values.
+  ```yaml
+  - kuma.prt.http.name="Portainer"
+  - kuma.prt.http.url=http://portainer:9000
+  ```
+
+- **Volume use `/DockerVol/<service>` path convention**: Adjust the volumes to follow the convention.
+  ```yaml
+  volumes:
+    - /DockerVol/agent/var/run/docker.sock:/var/run/docker.sock
+    - /DockerVol/agent/var/lib/docker/volumes:/var/lib/docker/volumes
+  ```
+
+### Final Verdict:
+
+VERDICT: FAIL
+
+Reasons for failure include missing Uptime Kuma labels and non-conformity with the `/DockerVol/<service>` volume path convention.
\ No newline at end of file