ARCH-4: Document LLM/code-generation threat boundaries #63

Merged

jwilger merged 1 commit from issue-4-llm-threat-boundaries into main 2026-05-07 10:11:21 -07:00

Conversation 0 Commits 1 Files changed 1 +113 -3

jwilger commented 2026-05-07 09:54:05 -07:00

Owner

Copy link

Summary

• Expands docs/THREAT-MODEL.md to cover LLM/code-generation trust boundaries.
• Documents Phoenix baseline security boundaries and command/read authorization expectations.
• Records production-hardening follow-ups for secure cookies, SSL/header assumptions, health checks, remote Postgres TLS, provider retention, and generated-code sandboxing.

Verification

• mix format --check-formatted
• MIX_ENV=test mix compile --warnings-as-errors --force
• MIX_ENV=prod mix compile --warnings-as-errors --force
• mix test --warnings-as-errors
• Docs/security reviewer passes: no findings

Closes #4

## Summary - Expands `docs/THREAT-MODEL.md` to cover LLM/code-generation trust boundaries. - Documents Phoenix baseline security boundaries and command/read authorization expectations. - Records production-hardening follow-ups for secure cookies, SSL/header assumptions, health checks, remote Postgres TLS, provider retention, and generated-code sandboxing. ## Verification - `mix format --check-formatted` - `MIX_ENV=test mix compile --warnings-as-errors --force` - `MIX_ENV=prod mix compile --warnings-as-errors --force` - `mix test --warnings-as-errors` - Docs/security reviewer passes: no findings Closes #4

jwilger added 1 commit 2026-05-07 09:54:05 -07:00

arch: document LLM threat boundaries 30eb2a0a46

jwilger merged commit 3367e58104 into main 2026-05-07 10:11:21 -07:00

jwilger referenced this pull request from a commit 2026-05-07 10:11:22 -07:00

Merge pull request 'ARCH-4: Document LLM/code-generation threat boundaries' (#63) from issue-4-llm-threat-boundaries into main

jwilger deleted branch issue-4-llm-threat-boundaries 2026-05-07 10:11:25 -07:00

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels   

bug

Something is not working

  

duplicate

This issue or pull request already exists

  

enhancement

New feature

  

help wanted

Need some help

  

invalid

Something is wrong

  

question

More information is needed

  

wontfix

This won't be fixed

  

bug

Something is not working

  

duplicate

This issue or pull request already exists

  

enhancement

New feature

  

help wanted

Need some help

  

invalid

Something is wrong

  

question

More information is needed

  

wontfix

This won't be fixed

No labels

bug

duplicate

enhancement

help wanted

invalid

question

wontfix

bug

duplicate

enhancement

help wanted

invalid

question

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

Slipstream/anything_app!63

No description provided.