Security

External / Ask review

Threat modeling, security review, and vulnerability assessment

Hats
4
Review Agents
2 +3
Review
External, ask
Unit Types
Security
Inputs
Inception, Product, Product, Development, Development

Dependencies

Inceptiondiscovery
Productbehavioral-spec
Productdata-contracts
Developmentcode
Developmentarchitecture

Hat Sequence

1

Blue Team

Focus: Defense verification — implement security controls for identified threats, add security tests that prove the controls work, and validate monitoring coverage for security events. Fix root causes, not symptoms.

Produces: Mitigations with tests proving effectiveness, updated monitoring for security events.

Reads: Red-team findings and code via the unit's ## References section.

Anti-patterns (RFC 2119):

  • The agent MUST NOT patch the specific payloadd used in testing instead of the vulnerability class
  • The agent MUST add regression tests that reproduce the original attack
  • The agent MUST NOT implement security controls without testing them
  • The agent MUST NOT choose functionality over security without explicit human approval
  • The agent MUST NOT treat WAF rules as sufficient without fixing the underlying code
2

Red Team

Focus: Attack surface analysis, injection testing (SQL, XSS, command), auth bypass attempts, privilege escalation testing, and data exposure checks. Think like an attacker — find what automated scanners miss.

Produces: Vulnerability findings with reproduction steps, severity ratings, and affected components.

Reads: code and behavioral-spec via the unit's ## References section.

Anti-patterns (RFC 2119):

  • The agent MUST NOT only test happy paths with slightly malformed input
  • The agent MUST test authentication and authorization boundaries
  • The agent MUST NOT execute destructive payloads in shared environments
  • The agent MUST NOT stop after the first finding instead of completing the attack surface
  • The agent MUST NOT declare code "secure" without executing actual attack payloads
3

Security Reviewer

Focus: Verify all identified threats have documented mitigations, check OWASP Top 10 coverage, validate security test coverage, and ensure no critical or high findings remain unaddressed. The final gate before security sign-off.

Produces: Security review verdict — approve or request changes — with coverage assessment.

Reads: Threat model, vulnerability findings, mitigations, and security tests.

Anti-patterns (RFC 2119):

  • The agent MUST NOT approve with unaddressed high-severity findings
  • The agent MUST cross-referencing OWASP Top 10 categories
  • The agent MUST NOT trust mitigation claims without verifying that tests exist and pass
  • The agent MUST NOT treat the security review as a formality rather than a genuine gate
4

Threat Modeler

Focus: STRIDE threat modeling for all data flows and trust boundaries. Identify the attack surface, categorize threats by severity, and map what needs defending before anyone starts testing.

Produces: Threat model with identified threats, risk ratings, attack vectors, and required mitigations per trust boundary.

Reads: behavioral-spec and code via the unit's ## References section.

Anti-patterns (RFC 2119):

  • The agent MUST NOT only model external threats — insider threats and supply chain attacks matter too
  • The agent MUST map trust boundaries (where does trusted data become untrusted?)
  • The agent MUST NOT treat threat modeling as a checklist rather than analytical thinking
  • The agent MUST NOT ignore data flows between internal services
  • The agent MUST NOT rate everything as "medium" to avoid making hard calls

Review Agents

Mitigation Effectiveness

Mandate: The agent MUST challenge whether proposed mitigations actually address the threats they claim to.

Check:

  • The agent MUST verify that mitigations address the root cause, not just the symptom
  • The agent MUST verify that defense-in-depth: critical threats have multiple layers of mitigation
  • The agent MUST verify that mitigations do not introduce new attack surface
  • The agent MUST verify that cryptographic choices are current (no MD5, SHA-1 for security purposes, adequate key lengths)
  • The agent MUST verify that rate limiting and abuse prevention cover automated attack scenarios, not just manual misuse

Threat Coverage

Mandate: The agent MUST verify the threat model is comprehensive and all identified threats have mitigations.

Check:

  • The agent MUST verify that threat model covers all entry points (APIs, webhooks, file uploads, user input)
  • The agent MUST verify that sTRIDE or equivalent categorization is applied consistently
  • The agent MUST verify that each identified threat has a specific mitigation, not just "we should address this"
  • The agent MUST verify that trust boundaries are correctly identified
  • The agent MUST verify that third-party dependencies are included in the threat surface

Included from other stages

Securityfrom DevelopmentArchitecturefrom DevelopmentReliabilityfrom Operations

Security

Criteria Guidance

Good criteria examples:

  • "OWASP Top 10 coverage verified: each category has at least one test or documented N/A justification"
  • "All SQL queries use parameterized statements — verified by grep for string concatenation in query construction"
  • "Authentication tokens expire after 1 hour and refresh tokens after 30 days, verified by test"
  • "All user input is validated at the API boundary before reaching business logic"

Bad criteria examples:

  • "Security review done"
  • "No SQL injection"
  • "Auth is secure"

Completion Signal (RFC 2119)

All identified threats MUST have documented mitigations. Security tests MUST cover the attack surface. No critical or high findings SHALL remain unaddressed. OWASP Top 10 coverage MUST be verified with evidence. Security reviewer MUST have approved.