Threat Model (lightweight)
Assets
- User data handled by
api - Tooling/actions executed via
mcp-server - Automation credentials used by
n8n-workflows
Entry points
- Public HTTP endpoints (
api,mcp-server) - Webhooks (GitHub, automation)
- CI/CD (GitHub Actions)
Top threats to address early
- Credential leakage (tokens, API keys)
- SSRF and unsafe tool execution (MCP)
- Injection attacks on API inputs
- Broken authorization (multi-tenant boundaries)
- Dependency compromise