security-review

# Security Review ## Overview Perform a red-team style review of API endpoints, the UI flows that call them, permission boundaries, and database interactions. Produce prioritized findings with concrete exploit paths and fixes. ## Workflow Decision Tree 1. **Confirm scope** - If the user names specific endpoints/features, proceed. Otherwise ask for the feature list, roles, environments, and access level. - If the system is running and reachable, do both static review and dynamic tests. If not, do static-only and flag verification gaps. 2. **Inventory & mapping (static first)** - Enumerate API endpoints, handlers, auth middleware, and data access points. - Map UI flows to endpoints and identify where permissions should be enforced server-side. - Identify database tables and relationships accessed by the feature; use MCP DB tools to understand schema and permission boundaries. 3. **Threat model the feature** - Use STRIDE for endpoints and data flows; use LINDDUN for privacy risks; align with OWASP ASVS / OWASP API Security Top 10 categories. - Identify trust boundaries, entry points, assets, and abuse cases. 4. **Deep-dive reviews** - Authorization and permission gaps (vertical + horizontal) - Input validation and injection exposure - Session, token, and credential handling - Data access and tenancy isolation - Abuse protections (rate limits, replay, enumeration, business logic) 5. **Dynamic testing (when running system is available)**...