Security
Threat model from PRD or RFC
Generate a STRIDE-style threat model from a product spec or technical design, then turn abuse cases into security requirements and review gates.
[ workflow / security ]
Threat model from PRD or RFC
Cosmos shifts security left by threat-modeling proposed changes before implementation. It reads specs, diagrams, data flows, and repo context; identifies assets, trust boundaries, abuse cases, and sensitive-data paths; then creates security acceptance criteria and routes high-risk work to AppSec.
07 nodes
06 edges
PRD / RFC / design doc
Assets · actors · data flows
Threats by boundary + asset
Security requirements + tests
Decision
High-risk threats?
Added to implementation tickets
Decision
High-risk threats?
Added to implementation tickets
Required for Critical / High
Workflow prompt
Paste this into Augment to reproduce the workflow end-to-end.
Cosmos, whenever a PRD, RFC, or design document enters security review, create a threat model before implementation begins. Extract assets, actors, trust boundaries, data flows, authentication and authorization points, sensitive data, third-party integrations, and deployment surfaces. Apply STRIDE to identify spoofing, tampering, repudiation, information disclosure, denial-of-service, and elevation-of-privilege risks. For each credible threat, add abuse-case reproduction notes, required controls, logging and audit requirements, test cases, and the owning team. Route Critical or High risks to AppSec for approval; lower risks become acceptance criteria on the implementation tickets.