skills
/
deerflow2
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
deerflow2/.planning/phases/07-phase-06-mention-upload/07-SECURITY.md

2.3 KiB
Raw Blame History

phase slug status threats_open asvs_level created
07 phase-06-mention-upload verified 0 1 2026-04-17

Phase 07 — Security

Per-phase security contract: threat register, accepted risks, and audit trail.

Trust Boundaries

Boundary Description Data Crossing
输入框展示态 -> 提交态 payload 同一条用户消息在展示与提交存在双态,需防止内部提示文案泄露到用户可见区 用户原文、拼接提示文本、附件/Skill 标识
前端组装器 -> 后端存档消息 拼接文案进入提交链路并可能回流,需要保证展示层过滤与提交层分离 提交消息正文、additional_kwargs.files、历史消息渲染内容

Threat Register

Threat ID Category Component Disposition Mitigation Status
T-07-01 I (Information Disclosure) frontend/src/core/threads/hooks.ts + frontend/src/components/workspace/messages/message-list-item.tsx mitigate 提交态使用 submitText,展示态经 stripPriorityHintSuffix 过滤E2E 验证消息区不回显优先提示 closed
T-07-02 T (Tampering / flow bypass) frontend/src/components/workspace/input-box.tsx mitigate 发送入口统一经 requestSubmit -> handleSubmit 透传 references/skills避免分支漏传 closed
T-07-03 R (Repudiation / traceability) frontend/tests/e2e/input-and-compose.spec.ts mitigate 增加请求拦截断言DF-INPUT-008A可审计提交内容含 XClaw优先使用 且 UI 不显示后缀 closed

Status: open · closed
Disposition: mitigate (implementation required) · accept (documented risk) · transfer (third-party)

Accepted Risks Log

No accepted risks.

Security Audit Trail

Audit Date Threats Total Closed Open Run By
2026-04-17 3 3 0 Codex (/gsd-secure-phase 7)

Sign-Off

  • All threats have a disposition (mitigate / accept / transfer)
  • Accepted risks documented in Accepted Risks Log
  • threats_open: 0 confirmed
  • status: verified set in frontmatter

Approval: verified 2026-04-17