Threat Model
A formal threat model documents risks like prompt injection, SSRF, and data exfiltration with controls and owner accountability.
Prompt injection
Strict system prompts, RAG grounding, and refusal logic limit out-of-scope answers.
SSRF via crawler
Domain allowlists and outbound egress controls block internal or metadata targets.
XSS and content sanitization
Sanitized inputs, CSP headers, and safe HTML-to-text normalization reduce exposure.
Data exfiltration
Tenant isolation, encryption, and audit logs protect customer data and trace access.
Supply-chain risk
SBOMs, dependency scanning, and signed builds reduce third-party risk.
Review cadence
The threat model is reviewed quarterly and after major releases. Controls are tracked with owners, test cases, and follow-up actions.