diff --git a/Netgrimoire/Audits/journiv-2026-04-27.md b/Netgrimoire/Audits/journiv-2026-04-27.md
new file mode 100644
index 0000000..7a1bf40
--- /dev/null
+++ b/Netgrimoire/Audits/journiv-2026-04-27.md
@@ -0,0 +1,30 @@
+---
+title: Audit - journiv.yaml
+description: Gremlin audit report 2026-04-27
+published: true
+date: 2026-04-27T11:18:25.453Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-04-27T11:18:25.453Z
+---
+
+# Audit Report — journiv.yaml
+
+**Date:** 2026-04-27  
+**File:** swarm/journiv.yaml  
+**Type:** Docker Compose  
+**Verdict:** FAIL
+
+---
+
+**COMPOSE AUDIT**
+
+1. **Port Exposure Verification**
+   - `crowdsec`, `authentik`, `authelia`, `email-proxy`, `mailcow-proxy`, `nextcloud-aio-apache`, `graylog`, `portainer`, `jellyfin`, `librenms`, `dozzle`, `nginx-mailcow`, `bigcapital-proxy-1`, `gluetun`, `webtop`, `roundcube` services expose ports without a matching entry in the Caddyfile.
+   - **FAIL**: Add corresponding reverse proxy entries for these services.
+
+2. **Security Issues**
+   - No default passwords or unnecessary privileged mode identified.
+   - **PASS**: No obvious security issues found.
+
+**VERDICT: FAIL**
\ No newline at end of file