Skip to content

Add async saga compensation threat modeling gates#2236

Open
Errordog2 wants to merge 1 commit into
UnitOneAI:mainfrom
Errordog2:codex/threat-modeling-saga-compensation-gates
Open

Add async saga compensation threat modeling gates#2236
Errordog2 wants to merge 1 commit into
UnitOneAI:mainfrom
Errordog2:codex/threat-modeling-saga-compensation-gates

Conversation

@Errordog2

@Errordog2 Errordog2 commented Jun 10, 2026

Copy link
Copy Markdown

/claim #2224

Summary

  • Adds async saga and compensation evidence gates to threat-modeling.
  • Extends DFD annotations with delivery semantics, side-effect idempotency, replay windows, compensation paths, DLQ ownership, and reconciliation evidence.
  • Adds STRIDE threat cases for skipped compensation, duplicate side effects, unowned DLQs, replay abuse, and cross-boundary compensation events.
  • Updates the threat register output with async saga evidence and adds changelog/common pitfall coverage for v1.0.1.

Why

Issue #2224 notes that async workflows should not be treated as unsafe only because they lack one ACID transaction, but also should not pass without evidence for idempotency, compensation ownership, DLQ handling, reconciliation SLA, and auditability. This PR makes those gates explicit.

Validation

  • git diff --check
  • Frontmatter required-field check across skills and roles
  • index.yaml file existence check
  • Prompt-injection phrase scan across skills and roles
  • Targeted rg check for version and new async saga sections

@Errordog2 Errordog2 mentioned this pull request Jun 10, 2026
Open
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Errordog2