diff --git a/CLAUDE.md b/CLAUDE.md
index dea0621..0f992b0 100644
--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -394,3 +394,75 @@ All implementation work is tracked in GitHub Issues. See `PROJECT_STATUS.md` for
 - Architecture: `docs/arc42/arc42.adoc`
 - Project Status: `PROJECT_STATUS.md`
 - GitHub Issues: https://github.com/LLM-Coding/Semantic-Anchors/issues
+
+## Risk Radar Assessment
+
+_Generated by `/risk-assess` on 2026-02-13_
+
+**Mitigation Tracking:** [Risk Radar Issues](https://github.com/LLM-Coding/Semantic-Anchors/labels/risk-radar)
+**Documentation:** [Vibe Coding Risk Radar](https://llm-coding.github.io/vibe-coding-risk-radar/)
+
+### Module: scripts
+| Dimension | Score | Level | Evidence |
+|-----------|-------|-------|----------|
+| Code Type | 1 | Build Scripts / Tests | extract-metadata.js, split-readme.js, update-anchor-categories.js, translate-anchors.py |
+| Language | 2 | Dynamically typed | 3 .js files, 1 .py file |
+| Deployment | 1 | Internal tool | CI/CD automation, build-time scripts |
+| Data Sensitivity | 0 | Public data | Processes public AsciiDoc documentation |
+| Blast Radius | 0 | Cosmetic / Tech debt | Build failures, incorrect metadata generation |
+
+**Tier: 2** — determined by Language = 2
+
+### Mitigations: scripts (Tier 2)
+
+#### Tier 1 — Automated Gates
+| Measure | Status | Details | Issue |
+|---------|--------|---------|-------|
+| Linter & Formatter | ❌ Ausstehend | No ESLint or Prettier config detected | [#81](https://github.com/LLM-Coding/Semantic-Anchors/issues/81) |
+| Type Checking | ❌ N/A | JavaScript without TypeScript | — |
+| Pre-Commit Hooks | ❌ Ausstehend | No husky or pre-commit framework | [#82](https://github.com/LLM-Coding/Semantic-Anchors/issues/82) |
+| Dependency Check | ❌ Ausstehend | No npm audit in CI workflows | [#83](https://github.com/LLM-Coding/Semantic-Anchors/issues/83) |
+| CI Build & Unit Tests | ✅ Vorhanden | GitHub Actions (.github/workflows/test.yml) | — |
+
+#### Tier 2 — Extended Assurance
+| Measure | Status | Details | Issue |
+|---------|--------|---------|-------|
+| SAST | ❌ Ausstehend | No Semgrep or CodeQL detected | [#84](https://github.com/LLM-Coding/Semantic-Anchors/issues/84) |
+| AI Code Review | ❌ Ausstehend | No CodeRabbit or Copilot Review | [#86](https://github.com/LLM-Coding/Semantic-Anchors/issues/86) |
+| Property-Based Tests | ❌ Ausstehend | No fast-check or hypothesis | [#85](https://github.com/LLM-Coding/Semantic-Anchors/issues/85) |
+| SonarQube Quality Gate | ❌ Ausstehend | No SonarQube config | [#87](https://github.com/LLM-Coding/Semantic-Anchors/issues/87) |
+| Sampling Review (~20%) | ⚠️ Teilweise | PR review process (assumed) | [#88](https://github.com/LLM-Coding/Semantic-Anchors/issues/88) |
+
+---
+
+### Module: website
+| Dimension | Score | Level | Evidence |
+|-----------|-------|-------|----------|
+| Code Type | 0 | UI / CSS / Docs | Frontend components with DOM manipulation (header.js, card-grid.js, anchor-modal.js) |
+| Language | 2 | Dynamically typed | 17 .js files (JavaScript) |
+| Deployment | 2 | Public-facing app | GitHub Pages deployment, public documentation website |
+| Data Sensitivity | 0 | Public data | Public semantic anchor documentation |
+| Blast Radius | 0 | Cosmetic / Tech debt | UI glitches, broken features |
+
+**Tier: 2** — determined by Language = 2, Deployment = 2
+
+### Mitigations: website (Tier 2)
+
+#### Tier 1 — Automated Gates
+| Measure | Status | Details | Issue |
+|---------|--------|---------|-------|
+| Linter & Formatter | ❌ Ausstehend | No ESLint or Prettier config detected | [#81](https://github.com/LLM-Coding/Semantic-Anchors/issues/81) |
+| Type Checking | ❌ N/A | JavaScript without TypeScript | — |
+| Pre-Commit Hooks | ❌ Ausstehend | No husky or pre-commit framework | [#82](https://github.com/LLM-Coding/Semantic-Anchors/issues/82) |
+| Dependency Check | ❌ Ausstehend | No npm audit in CI workflows | [#83](https://github.com/LLM-Coding/Semantic-Anchors/issues/83) |
+| CI Build & Unit Tests | ✅ Vorhanden | GitHub Actions with Playwright E2E tests and Lighthouse CI (.github/workflows/test.yml) | — |
+
+#### Tier 2 — Extended Assurance
+| Measure | Status | Details | Issue |
+|---------|--------|---------|-------|
+| SAST | ❌ Ausstehend | No Semgrep or CodeQL detected | [#84](https://github.com/LLM-Coding/Semantic-Anchors/issues/84) |
+| AI Code Review | ❌ Ausstehend | No CodeRabbit or Copilot Review | [#86](https://github.com/LLM-Coding/Semantic-Anchors/issues/86) |
+| Property-Based Tests | ❌ Ausstehend | No fast-check or hypothesis | [#85](https://github.com/LLM-Coding/Semantic-Anchors/issues/85) |
+| SonarQube Quality Gate | ❌ Ausstehend | No SonarQube config | [#87](https://github.com/LLM-Coding/Semantic-Anchors/issues/87) |
+| Sampling Review (~20%) | ⚠️ Teilweise | PR review process (assumed) | [#88](https://github.com/LLM-Coding/Semantic-Anchors/issues/88) |
+
diff --git a/website/src/components/anchor-modal.js b/website/src/components/anchor-modal.js
index 922a638..4d0e621 100644
--- a/website/src/components/anchor-modal.js
+++ b/website/src/components/anchor-modal.js
@@ -139,6 +139,20 @@ export async function loadAnchorContent(anchorId) {
       details.setAttribute('open', '')
     })
 
+    // Convert internal AsciiDoc cross-reference links to router navigation
+    contentEl.querySelectorAll('a[href^="#"]').forEach(link => {
+      const href = link.getAttribute('href')
+      // Only process simple hash links (cross-references), not hash routes
+      if (href && href.startsWith('#') && !href.startsWith('#/')) {
+        const anchorId = href.substring(1) // Remove the '#'
+        link.addEventListener('click', (e) => {
+          e.preventDefault()
+          // Navigate to the linked anchor
+          window.location.hash = `#/anchor/${anchorId}`
+        })
+      }
+    })
+
   } catch (error) {
     console.error('Error loading anchor content:', error)
     titleEl.textContent = 'Error'