Framework design upload
This commit is contained in:
deamonkai
22
docs/020-threat-model.md
Normal file
22
docs/020-threat-model.md
Normal file
@@ -0,0 +1,22 @@
|
||||
# Threat model (draft)
|
||||
|
||||
## Assets to protect
|
||||
- host filesystem and secrets
|
||||
- network access and credentials
|
||||
- tool side effects (writes, API calls, deletes)
|
||||
- user data and memory stores
|
||||
- audit and provenance integrity
|
||||
|
||||
## Adversaries / failure modes
|
||||
- prompt injection leading to unsafe tool usage
|
||||
- malicious tool plugins
|
||||
- hallucinated or forged tool outputs
|
||||
- data exfiltration via tool channels
|
||||
- runaway cost due to repeated retries/loops
|
||||
|
||||
## Strategy
|
||||
- least authority via capabilities
|
||||
- isolation domains for tool execution
|
||||
- policy gate for side effects
|
||||
- provenance for every tool call and memory commit
|
||||
|
||||
Reference in New Issue
Block a user