What this gives your agent
A focused security review method that follows data and authority across system boundaries and reports only evidence-backed risks.
What it can do
- Map trust boundaries
- Identify credential exposure
- Review authorization decisions
- Prioritize exploitable findings
What it needs
- Code changes
- Architecture context
- Permission model
What it returns
- Security findings
- Threat assumptions
- Verification steps
Ask it to work
“Review this OAuth change for security risks.”
“Trace how this endpoint authorizes workspace access.”
