Skip to content
Apothem
Command pipeline

/threat-model-audit

/threat-model-audit — Threat-modeling audit pass against STRIDE + PASTA methodologies.

Role: Threat modeler Pipeline position: fortress

Threat-modeling audit pass against STRIDE + PASTA methodologies.

Canonical invocation

/threat-model-audit

With arguments:

/threat-model-audit [path/to/target/] [--dry-run]

Inputs

Host repository architecture and data flows.

Outputs

A deduplicated, severity-triaged threat-model findings report (report-only; remediation routes to /fortress / /elevate).

Downstream

The threat-model dimension of the audit review sequence — swept in parallel by /audit and remediated by /fortress.

Workflow phases

The command runs a threat-modeling audit pass over the host repository:

  1. Map the surface — Enumerate the architecture, entry points, trust boundaries, and data flows.
  2. Model threats — Apply the STRIDE + PASTA methodologies to each boundary and asset.
  3. Triage findings — Rank each threat by severity with a concrete-driver rationale.
  4. Emit the report — Synthesize the deduplicated, severity-triaged findings (report-only).

Failure modes

SymptomCauseRecovery
No architecture surfaceTarget has no discoverable data-flow boundariesPoint the audit at a repository with mappable entry points and trust boundaries
Unscoped findingThreat asserted without a locusAttach the affected asset / boundary and the methodology cell it fails
Remediation expectedAudit is report-onlyRoute the findings to /fortress (remediation) or /elevate

Examples

# Dry-run to preview the audit scope
/threat-model-audit --dry-run

# Audit a target repository
/threat-model-audit path/to/target/

Cross-references

On this page