Jeden Skill in Manus ausführen
mit einem Klick

Jeden Skill in Manus mit einem Klick ausführen

$pwd:

phase-4-trust-boundaries

Name: Phase 4 Trust Boundaries
Author: awslabs

// Phase 4 Trust Boundary Analysis guide. Use when defining trust zones, crossing points, and security boundaries between system components.

In Manus ausführen

$ git log --oneline --stat

stars:60

forks:9

updated:24. April 2026 um 21:42

SKILL.md

readonly

name	phase-4-trust-boundaries
description	Phase 4 Trust Boundary Analysis guide. Use when defining trust zones, crossing points, and security boundaries between system components.

Phase 4: Trust Boundary Analysis

Objective

Identify where trust levels change in the system. Every crossing point is a potential attack surface that needs security controls.

Concepts

Trust Zone: A region where components share the same trust level
Crossing Point: Where data flows between zones (requires authentication/authorization)
Trust Boundary: The security perimeter with specific controls

Tools Reference

add_trust_zone(name, trust_level, description)

Parameter	Values
trust_level	Untrusted, Low, Medium, High, Full

add_component_to_zone(zone_id, component_id)

Assign a component to exactly one trust zone.

add_crossing_point(source_zone_id, destination_zone_id, authentication_method, authorization_method, description)

Parameter	Values
authentication_method	Password, Multi-factor, Certificate, Token, Biometric, API Key, IAM Role, OAuth, None, Other
authorization_method	Role-based, Attribute-based, Discretionary, Mandatory, Policy-based, Rule-based, None, Other

add_conn_to_crossing(crossing_point_id, connection_id)

Map existing connections to crossing points.

add_trust_boundary(name, type, crossing_point_ids, controls, description)

Parameter	Values
type	Network, Process, Physical, Container, Virtual Machine, Account, Other
crossing_point_ids	List of crossing point IDs
controls	List of security control names (strings)

Other Phase 4 Tools

list_trust_zones(), list_crossing_points(), list_trust_boundaries()
get_trust_boundary_detection_plan() -- AI-powered boundary detection
get_trust_boundary_analysis_plan() -- Security analysis guidance

Common Trust Zone Patterns

Web Application

Zone	Trust Level	Components
Internet	Untrusted	End users, external APIs
DMZ	Low	Load balancer, CDN, WAF
Application	Medium	App servers, API services
Data	High	Databases, caches, queues
Admin	Full	Admin consoles, CI/CD

Microservices

Zone	Trust Level	Components
Public	Untrusted	API Gateway, public endpoints
Service Mesh	Medium	Internal microservices
Data Layer	High	Databases, object stores
Secrets	Full	KMS, secret managers

Workflow

Call get_phase_4_guidance()
Call get_trust_boundary_detection_plan() for AI-guided detection
Create trust zones based on security domains
Assign components to zones with add_component_to_zone()
Define crossing points where data flows between zones
Map connections to crossing points with add_conn_to_crossing()
Create trust boundaries with security controls

Completion Criteria

All trust zones defined
Every component assigned to a zone
Crossing points defined for all inter-zone communication
Connections mapped to crossing points
Trust boundaries created with controls listed
Call advance_phase() to proceed to Phase 5

Common Pitfalls

Putting everything in one trust zone
Missing the boundary between internal services and external APIs
Not specifying authentication/authorization at crossing points
Forgetting admin/management plane boundaries

related-skills.json

gleiches Repository

phase-1-business-context.md

from "awslabs/threat-modeling-mcp-server"

Phase 1 Business Context Analysis guide. Use when starting a threat model, setting business context, or configuring business features like industry sector, data sensitivity, and regulatory requirements.

2026-04-2460

phase-2-architecture.md

from "awslabs/threat-modeling-mcp-server"

Phase 2 Architecture Analysis guide. Use when documenting system components, connections, data stores, or analyzing technical architecture for threat modeling.

2026-04-2460

phase-3-threat-actors.md

from "awslabs/threat-modeling-mcp-server"

Phase 3 Threat Actor Analysis guide. Use when identifying threat actors, setting relevance and priority, or analyzing who might attack the system.

2026-04-2460

phase-5-asset-flows.md

from "awslabs/threat-modeling-mcp-server"

Phase 5 Asset Flow Analysis guide. Use when identifying valuable assets, tracking data flows, or analyzing how sensitive data moves through the system.

2026-04-2460

phase-6-threat-identification.md

from "awslabs/threat-modeling-mcp-server"

Phase 6 Threat Identification guide with STRIDE methodology reference. Use when identifying threats, categorizing security issues, applying STRIDE analysis, or assessing threat severity and likelihood.

2026-04-2460

phase-7-5-code-validation.md

from "awslabs/threat-modeling-mcp-server"

Phase 7.5 Code Validation guide. Use when validating threats against actual code, checking which security controls are implemented, or generating remediation reports.

2026-04-2460

package.json

"author": "awslabs"

"repository": "awslabs/threat-modeling-mcp-server"

GitHub-Repository öffnen Creator-Repositorys ansehen

$ install --global

$ download --local

In Manus ausführen

$ useful --forSOC

InformationssicherheitsanalystenInformatik- und Mathematikberufe15-1212L4

name	phase-4-trust-boundaries
description	Phase 4 Trust Boundary Analysis guide. Use when defining trust zones, crossing points, and security boundaries between system components.

Phase 4: Trust Boundary Analysis

Objective

Identify where trust levels change in the system. Every crossing point is a potential attack surface that needs security controls.

Concepts

Trust Zone: A region where components share the same trust level
Crossing Point: Where data flows between zones (requires authentication/authorization)
Trust Boundary: The security perimeter with specific controls

Tools Reference

add_trust_zone(name, trust_level, description)

Parameter	Values
trust_level	Untrusted, Low, Medium, High, Full

add_component_to_zone(zone_id, component_id)

Assign a component to exactly one trust zone.

add_crossing_point(source_zone_id, destination_zone_id, authentication_method, authorization_method, description)

Parameter	Values
authentication_method	Password, Multi-factor, Certificate, Token, Biometric, API Key, IAM Role, OAuth, None, Other
authorization_method	Role-based, Attribute-based, Discretionary, Mandatory, Policy-based, Rule-based, None, Other

add_conn_to_crossing(crossing_point_id, connection_id)

Map existing connections to crossing points.

add_trust_boundary(name, type, crossing_point_ids, controls, description)

Parameter	Values
type	Network, Process, Physical, Container, Virtual Machine, Account, Other
crossing_point_ids	List of crossing point IDs
controls	List of security control names (strings)

Other Phase 4 Tools

list_trust_zones(), list_crossing_points(), list_trust_boundaries()
get_trust_boundary_detection_plan() -- AI-powered boundary detection
get_trust_boundary_analysis_plan() -- Security analysis guidance

Common Trust Zone Patterns

Web Application

Zone	Trust Level	Components
Internet	Untrusted	End users, external APIs
DMZ	Low	Load balancer, CDN, WAF
Application	Medium	App servers, API services
Data	High	Databases, caches, queues
Admin	Full	Admin consoles, CI/CD

Microservices

Zone	Trust Level	Components
Public	Untrusted	API Gateway, public endpoints
Service Mesh	Medium	Internal microservices
Data Layer	High	Databases, object stores
Secrets	Full	KMS, secret managers

Workflow

Call get_phase_4_guidance()
Call get_trust_boundary_detection_plan() for AI-guided detection
Create trust zones based on security domains
Assign components to zones with add_component_to_zone()
Define crossing points where data flows between zones
Map connections to crossing points with add_conn_to_crossing()
Create trust boundaries with security controls

Completion Criteria

All trust zones defined
Every component assigned to a zone
Crossing points defined for all inter-zone communication
Connections mapped to crossing points
Trust boundaries created with controls listed
Call advance_phase() to proceed to Phase 5

Common Pitfalls

Putting everything in one trust zone
Missing the boundary between internal services and external APIs
Not specifying authentication/authorization at crossing points
Forgetting admin/management plane boundaries

phase-4-trust-boundaries

Phase 4: Trust Boundary Analysis

Objective

Concepts

Tools Reference

add_trust_zone(name, trust_level, description)

add_component_to_zone(zone_id, component_id)

add_crossing_point(source_zone_id, destination_zone_id, authentication_method, authorization_method, description)

add_conn_to_crossing(crossing_point_id, connection_id)

add_trust_boundary(name, type, crossing_point_ids, controls, description)

Other Phase 4 Tools

Common Trust Zone Patterns

Web Application

Microservices

Workflow

Completion Criteria

Common Pitfalls

Mehr aus diesem Repository

Mehr aus diesem Repository

Phase 4: Trust Boundary Analysis

Objective

Concepts

Tools Reference

add_trust_zone(name, trust_level, description)

add_component_to_zone(zone_id, component_id)

add_crossing_point(source_zone_id, destination_zone_id, authentication_method, authorization_method, description)

add_conn_to_crossing(crossing_point_id, connection_id)

add_trust_boundary(name, type, crossing_point_ids, controls, description)

Other Phase 4 Tools

Common Trust Zone Patterns

Web Application

Microservices

Workflow

Completion Criteria

Common Pitfalls