71 lines
1.5 KiB
Plaintext
71 lines
1.5 KiB
Plaintext
@startuml
|
|
title Artifact Editor - Threat Model
|
|
|
|
actor "Malicious User" as attacker
|
|
actor "Legitimate User" as user
|
|
|
|
package "Artifact Editor" {
|
|
component "CLI Interface" as cli
|
|
component "Voice Input" as voice
|
|
component "AI Assistant" as ai
|
|
component "File Operations" as files
|
|
|
|
package "Renderers" {
|
|
component "PlantUML" as plantuml
|
|
component "OpenSCAD" as openscad
|
|
component "Mermaid" as mermaid
|
|
component "SVG" as svg
|
|
}
|
|
}
|
|
|
|
package "External" {
|
|
component "PlantUML JAR" as plantumljava
|
|
component "OpenSCAD Binary" as openscadbinary
|
|
component "AI Provider" as aiprovider
|
|
database "Filesystem" as fs
|
|
}
|
|
|
|
package "Parent App" as parent
|
|
|
|
user --> cli : normal usage
|
|
attacker --> cli : malicious input
|
|
|
|
cli --> voice : audio data
|
|
cli --> ai : edit requests
|
|
cli --> files : save/load
|
|
cli ..> parent : stdout protocol
|
|
|
|
voice --> aiprovider : transcription
|
|
ai --> aiprovider : generation
|
|
|
|
plantuml --> plantumljava : execute
|
|
openscad --> openscadbinary : execute
|
|
|
|
files --> fs : read/write
|
|
|
|
note right of attacker
|
|
**Attack Vectors:**
|
|
1. Path traversal in --output
|
|
2. Command injection via content
|
|
3. Prompt injection via voice
|
|
4. Malicious AI-generated code
|
|
5. Protocol injection in stdout
|
|
6. Resource exhaustion
|
|
7. Compromised dependencies
|
|
end note
|
|
|
|
note left of plantuml
|
|
**High Risk:**
|
|
External code execution
|
|
File system access
|
|
Network capabilities
|
|
end note
|
|
|
|
note bottom of files
|
|
**Critical:**
|
|
Validate all paths
|
|
Restrict to artifact dir
|
|
Check for traversal
|
|
end note
|
|
|
|
@enduml |