Refresh SWOT and THREAT_MODEL: dual-model AI, integration STRIDE coverage, corrected inventory#2841
Merged
Merged
Conversation
…MS docs Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
Copilot created this pull request from a session on behalf of
pethers
May 30, 2026 12:16
View session
github-actions
Bot
added
documentation
Contributor
🏷️ Automatic Labeling SummaryThis PR has been automatically labeled based on the files changed and PR metadata. Applied Labels: documentation,security,isms,iso-27001,nist-csf,cis-controls,size-m Label Categories
For more information, see |
Contributor
🔍 Lighthouse Performance Audit
📥 Download full Lighthouse report Budget Compliance: Performance budgets enforced via |
…nventory Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
Contributor
🔍 Lighthouse Performance Audit
📥 Download full Lighthouse report Budget Compliance: Performance budgets enforced via |
…-history references Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
Contributor
🔍 Lighthouse Performance Audit
📥 Download full Lighthouse report Budget Compliance: Performance budgets enforced via |
Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
Copilot
AI
changed the title
ISMS docs v1.0.0 refresh (session 1): strip changelog/version-history content
Reconcile ISMS/architecture docs with current system state for v1.0.0
May 30, 2026
Contributor
🔍 Lighthouse Performance Audit
📥 Download full Lighthouse report Budget Compliance: Performance budgets enforced via |
Contributor
🔍 Lighthouse Performance Audit
📥 Download full Lighthouse report Budget Compliance: Performance budgets enforced via |
… versions Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
Copilot
AI
changed the title
Reconcile ISMS/architecture docs with current system state for v1.0.0
Reconcile BCP, End-of-Life, and Financial ISMS docs to current state
May 30, 2026
Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
Copilot
AI
changed the title
Reconcile BCP, End-of-Life, and Financial ISMS docs to current state
Reconcile stale CRA Declaration of Conformity to current product state
May 30, 2026
Contributor
🔍 Lighthouse Performance Audit
📥 Download full Lighthouse report Budget Compliance: Performance budgets enforced via |
….9.41 Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
Copilot
AI
changed the title
Reconcile stale CRA Declaration of Conformity to current product state
Refresh THREAT_MODEL and SWOT to current state; bump to v0.9.41
May 30, 2026
Contributor
🔍 Lighthouse Performance Audit
📥 Download full Lighthouse report Budget Compliance: Performance budgets enforced via |
Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
Contributor
🔍 Lighthouse Performance Audit
📥 Download full Lighthouse report Budget Compliance: Performance budgets enforced via |
Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
Copilot
AI
changed the title
Refresh THREAT_MODEL and SWOT to current state; bump to v0.9.41
Refresh SWOT and THREAT_MODEL: dual-model AI, integration STRIDE coverage, corrected inventory
May 30, 2026
Contributor
🔍 Lighthouse Performance Audit
📥 Download full Lighthouse report Budget Compliance: Performance budgets enforced via |
Contributor
🔍 Lighthouse Performance Audit
📥 Download full Lighthouse report Budget Compliance: Performance budgets enforced via |
Contributor
There was a problem hiding this comment.
Pull request overview
This PR refreshes key ISMS/architecture documentation to match the current repository reality, focusing on the dual-model AI newsroom configuration and expanded STRIDE coverage for external integrations, alongside corrected inventory counts and toolchain/test metrics.
Changes:
- Updates THREAT_MODEL.md to v1.5 with a dual-model AI model card and new STRIDE addenda for SCB, World Bank, and Riksrevisionen integrations.
- Updates SWOT.md to v1.6 with corrected inventories (agents/skills/dashboards/methodologies/templates) and adds a new multi-source data-fusion strength.
- Refreshes multiple supporting architecture/ops docs (workflows, data model, CRA/BCP/EOL/financial plans) and bumps npm package version to 0.9.41.
Reviewed changes
Copilot reviewed 14 out of 15 changed files in this pull request and generated 9 comments.
Show a summary per file
| File | Description |
|---|---|
| WORKFLOWS.md | Updates workflow inventory/counts and CI/test/toolchain references. |
| THREAT_MODEL.md | Dual-model AI corrections + new integration STRIDE addenda (SCB/WB/RiR) and updated inventories. |
| SWOT.md | Updates strategic inventory counts and adds multi-source data-fusion strength; aligns threat-model reference. |
| STATEDIAGRAM.md | Refreshes state/quality-gate metrics text. |
| SECURITY_ARCHITECTURE.md | Updates dashboard/security header/CSP narrative and version references. |
| package.json | Bumps package version to 0.9.41. |
| package-lock.json | Keeps lockfile version in sync with package.json bump. |
| MINDMAP.md | Updates platform/test-count references in mindmap. |
| FLOWCHART.md | Removes prior “what changed” blocks; keeps process diagrams as the main content. |
| FinancialSecurityPlan.md | Updates effective dates/versioning and cost/control inventory wording. |
| End-of-Life-Strategy.md | Updates toolchain/EOL tables to current dependency versions and removes stale change-log blocks. |
| DATA_MODEL.md | Updates dashboard/code-splitting/data-validation references to current architecture. |
| CRA-ASSESSMENT.md | Refreshes CRA evidence references and test-count/file-count claims. |
| BCPPlan.md | Updates effective dates/next review and removes stale change-log blocks. |
| ARCHITECTURE.md | Updates architecture diagrams/text to reflect lazy-loaded dashboard module reality and current versions. |
| { | ||
| "name": "riksdagsmonitor", | ||
| "version": "0.9.40", | ||
| "version": "0.9.41", |
| - [FUTURE_WORKFLOWS.md](FUTURE_WORKFLOWS.md) — Future workflow projections | ||
| - [AGENTS.md](AGENTS.md) — Custom agent reference (14 agents) | ||
| - [SKILLS.md](SKILLS.md) — Skill definitions (91 skills) | ||
| - [AGENTS.md](AGENTS.md) — Custom agent reference (24 agents) |
Comment on lines
83
to
85
| 📦 Platform v0.9.40 | ||
| 7,500+ Tests (237 files) | ||
| 24 Agents · 93 Skills |
|
|
||
| ## 📊 SCB Integration — STRIDE Threats | ||
|
|
||
| > **Effective:** 2026-05-30 · **Classification:** Public · **Entry point:** `scripts/scb-fetch.ts` · **Client:** `scripts/scb-client.ts` / `scripts/scb-context.ts` · **Sources:** third-party MCP relay `https://scb-mcp.onrender.com/mcp` (primary) and the SCB Open Data API `www.scb.se` (direct fallback) · **Cache:** `analysis/data/scb/`. |
|
|
||
| > **Effective:** 2026-05-30 · **Classification:** Public · **Entry point:** `scripts/scb-fetch.ts` · **Client:** `scripts/scb-client.ts` / `scripts/scb-context.ts` · **Sources:** third-party MCP relay `https://scb-mcp.onrender.com/mcp` (primary) and the SCB Open Data API `www.scb.se` (direct fallback) · **Cache:** `analysis/data/scb/`. | ||
|
|
||
| SCB (Statistics Sweden) supplies the Swedish-specific ground-truth statistics layer (population, labour, economy, public finance). The integration is unique among data sources because its primary transport is a **community-hosted Model Context Protocol relay on Render** rather than a first-party SCB endpoint — a deliberate supply-chain trust boundary that is mitigated by a direct-API fallback and provenance discipline. |
|
|
||
| | ID | Asset / flow | STRIDE | Threat | Likelihood | Impact | Mitigations | | ||
| |---|---|---|---|---|---|---| | ||
| | T-SCB-01 | `scb-mcp.onrender.com` MCP relay | Spoofing | Third-party relay impersonated or DNS/TLS-intercepted, returning forged table data | LOW | HIGH | HTTPS-only egress; allow-list `scb-mcp.onrender.com` + `www.scb.se`; direct SCB Open Data API fallback (`DIRECT_SCB_SERVER_URL` bypass); source URL + table id recorded in provenance. | |
| | ID | Asset / flow | STRIDE | Threat | Likelihood | Impact | Mitigations | | ||
| |---|---|---|---|---|---|---| | ||
| | T-SCB-01 | `scb-mcp.onrender.com` MCP relay | Spoofing | Third-party relay impersonated or DNS/TLS-intercepted, returning forged table data | LOW | HIGH | HTTPS-only egress; allow-list `scb-mcp.onrender.com` + `www.scb.se`; direct SCB Open Data API fallback (`DIRECT_SCB_SERVER_URL` bypass); source URL + table id recorded in provenance. | | ||
| | T-SCB-02 | JSON-stat / PXWeb payload | Tampering | Relay or upstream mutates statistic values, footnotes, or contents codes | LOW | HIGH | Direct-API cross-check path; typed client contract checks; persisted raw/derived artifacts with `.meta.json` sidecars; reviewer diff inspection on persisted `analysis/data/scb/`. | |
| | T-SCB-02 | JSON-stat / PXWeb payload | Tampering | Relay or upstream mutates statistic values, footnotes, or contents codes | LOW | HIGH | Direct-API cross-check path; typed client contract checks; persisted raw/derived artifacts with `.meta.json` sidecars; reviewer diff inspection on persisted `analysis/data/scb/`. | | ||
| | T-SCB-03 | Table-cell mapping | Information integrity | Variable/value-code drift maps wrong dimension (region, period, contents) to a cell | MEDIUM | MEDIUM | Metadata fetched per table before query; value-code validation; unit tests for SCB client parsing; omit context rather than emit unmapped figures. | | ||
| | T-SCB-04 | SCB citation in article | Repudiation | Article cites "SCB reports X" without table id / vintage → unauditable claim | MEDIUM | MEDIUM | Provenance block records `mcpTool`, table id, `fetchedAt`; ECONOMIC_DATA_CONTRACT vintage discipline applies to the Swedish ground-truth layer. | | ||
| | T-SCB-05 | Relay / API availability | Denial of service | Render relay cold-start or SCB API timeout blocks enrichment | MEDIUM | LOW | 15s timeout (`DEFAULT_TIMEOUT`); cache-first reuse; optional-enrichment semantics; automatic direct-API fallback when relay degraded. | |
|
|
||
| ### SCB residual risk | ||
|
|
||
| - **Residual risk:** LOW-MEDIUM integrity risk concentrated in the third-party MCP relay; mitigated by the direct SCB Open Data API fallback and provenance sidecars. |
…counts, fix SCB STRIDE to reflect MCP-only architecture Co-authored-by: pethers <1726836+pethers@users.noreply.github.com>
Contributor
🔍 Lighthouse Performance Audit
📥 Download full Lighthouse report Budget Compliance: Performance budgets enforced via |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
A ground-truth audit of the repo (v0.9.40) against
SWOT.mdandTHREAT_MODEL.mdsurfaced stale component counts, an AI model card describing the wrong model, and three external data integrations with no threat coverage. Both ISMS documents are updated to match reality.THREAT_MODEL.md → v1.5
news-translatefan-out. Rewrote the card as a two-column comparison and corrected all model references repo-wide (asset inventory ASSET-007, scope, OWASP LLM line, lifecycle/version-management).scb-mcp.onrender.com/mcp(fallback); no direct SCB API clientapi.worldbank.org/v2, with canonical IMF-first contract violation modeled as a first-class threatdoktyp=skrfollow-up tracker; report↔skrivelse matching and deadline integritySWOT.md → v1.6
Review feedback addressed
package.json/package-lock.jsonversion bump (0.9.41 → 0.9.40) — PR is documentation-only.Notes