diff --git a/.sobelow-conf b/.sobelow-conf
index 207a0df18..06cca8933 100644
--- a/.sobelow-conf
+++ b/.sobelow-conf
@@ -2,11 +2,11 @@
   verbose: true,
   private: false,
   skip: true,
-  router: "",
-  exit: "false",
+  router: "lib/web/router.ex",
+  exit: "low",
   format: "txt",
   out: "",
-  threshold: "low",
-  ignore: ["Config.Secrets", "XSS", "Config.HTTPS"],
-  ignore_files: [""]
+  threshold: "medium",
+  ignore: ["Config.HTTPS"],
+  ignore_files: ["config/dev.1.secret.exs", "config/dev.2.secret.exs", "config/dev.3.secret.exs", "config/dev.secret.exs", "config/e2e.secret.exs", "config/prod.secret.exs", "config/test.secret.exs"]
 ]
diff --git a/.sobelow-skips b/.sobelow-skips
new file mode 100644
index 000000000..8a0f398e7
--- /dev/null
+++ b/.sobelow-skips
@@ -0,0 +1,2 @@
+
+AACA51671C4B3C803ACBCA3FADE84CDE
\ No newline at end of file
diff --git a/lib/mobilizon.ex b/lib/mobilizon.ex
index b4e581399..a1ca09962 100644
--- a/lib/mobilizon.ex
+++ b/lib/mobilizon.ex
@@ -76,10 +76,11 @@ defmodule Mobilizon do
     :ok
   end
 
+  # sobelow_skip ["DOS.StringToAtom"]
   @spec cachex_spec(atom, integer, integer, integer, function | nil) :: Supervisor.child_spec()
   defp cachex_spec(name, limit, default, interval, fallback \\ nil) do
     %{
-      id: :"cache_#{name}",
+      id: String.to_atom("cache_#{to_string(name)}"),
       start:
         {Cachex, :start_link,
          [
diff --git a/lib/mobilizon/discussions/discussions.ex b/lib/mobilizon/discussions/discussions.ex
index 9ecddffc0..35d3b47dd 100644
--- a/lib/mobilizon/discussions/discussions.ex
+++ b/lib/mobilizon/discussions/discussions.ex
@@ -58,6 +58,7 @@ defmodule Mobilizon.Discussions do
   @doc """
   Callback for Absinthe Ecto Dataloader
   """
+  # sobelow_skip ["SQL.Query"]
   @spec data :: Dataloader.Ecto.t()
   def data do
     Dataloader.Ecto.new(Repo, query: &query/2)
diff --git a/lib/mobilizon/resources/resources.ex b/lib/mobilizon/resources/resources.ex
index 23f15046c..b4cb43ae2 100644
--- a/lib/mobilizon/resources/resources.ex
+++ b/lib/mobilizon/resources/resources.ex
@@ -185,6 +185,7 @@ defmodule Mobilizon.Resources do
     end)
   end
 
+  # sobelow_skip ["SQL.Query"]
   @spec update_children(Multi.t(), Resource.t(), map()) :: Multi.t()
   defp update_children(
          %Multi{} = multi,
diff --git a/lib/web/auth/error_handler.ex b/lib/web/auth/error_handler.ex
index 6207477d6..edf760bb8 100644
--- a/lib/web/auth/error_handler.ex
+++ b/lib/web/auth/error_handler.ex
@@ -4,6 +4,7 @@ defmodule Mobilizon.Web.Auth.ErrorHandler do
   """
   import Plug.Conn
 
+  # sobelow_skip ["XSS.SendResp"]
   def auth_error(conn, {type, _reason}, _opts) do
     body = Jason.encode!(%{message: to_string(type)})
     send_resp(conn, 401, body)
diff --git a/lib/web/proxy/reverse_proxy.ex b/lib/web/proxy/reverse_proxy.ex
index 121e6a277..c3e5993f0 100644
--- a/lib/web/proxy/reverse_proxy.ex
+++ b/lib/web/proxy/reverse_proxy.ex
@@ -145,6 +145,7 @@ defmodule Mobilizon.Web.ReverseProxy do
     end
   end
 
+  # sobelow_skip ["XSS.SendResp"]
   def call(conn, _, _) do
     conn
     |> send_resp(400, Conn.Status.reason_phrase(400))
@@ -223,6 +224,7 @@ defmodule Mobilizon.Web.ReverseProxy do
     |> send_resp(code, "")
   end
 
+  # sobelow_skip ["XSS.SendResp"]
   defp error_or_redirect(conn, url, code, body, opts) do
     if Keyword.get(opts, :redirect_on_failure, false) do
       conn
diff --git a/lib/web/router.ex b/lib/web/router.ex
index b8aa2690e..75aaa638d 100644
--- a/lib/web/router.ex
+++ b/lib/web/router.ex
@@ -163,8 +163,8 @@ defmodule Mobilizon.Web.Router do
     get("/interact", PageController, :interact)
 
     get("/auth/:provider", AuthController, :request)
-    # sobelow_skip ["Config.CSRFRoute"]
-    # Possibly related to https://github.com/ueberauth/ueberauth/issues/125
+    # Have a look at https://github.com/ueberauth/ueberauth/issues/125 some day
+    # Also possible CSRF issue
     get("/auth/:provider/callback", AuthController, :callback)
     post("/auth/:provider/callback", AuthController, :callback)
   end
diff --git a/lib/web/views/utils.ex b/lib/web/views/utils.ex
index 34eaa45c4..f1fba1796 100644
--- a/lib/web/views/utils.ex
+++ b/lib/web/views/utils.ex
@@ -5,6 +5,7 @@ defmodule Mobilizon.Web.Views.Utils do
 
   alias Mobilizon.Service.Metadata.Utils, as: MetadataUtils
 
+  # sobelow_skip ["Traversal.FileModule"]
   @spec inject_tags(Enum.t(), String.t()) :: {:safe, String.t()}
   def inject_tags(tags, locale \\ "en") do
     with {:ok, index_content} <- File.read(index_file_path()) do