add_trust_boundary
Add a trust boundary to define a security zone in a threat model. Specify assets crossing the boundary and attack vectors allowed through, with optional sealing for air-gapped enclaves.
Instructions
Add a trust boundary. Creates a new model version.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| passes | No | Optional comma-separated AttackVector values the boundary allows through (subset of "Network,Adjacent,Local,Physical"). Omit for the methodology default (passes-everything). Narrowing this set is what makes a boundary block specific attacker vectors in the deterministic reachability composer. | |
| sealed | No | Optional. Set True to declare the boundary has NO lateral ingress — the only way into its zone is crossing the perimeter (an air-gap / network-segmented enclave). A sealed boundary that blocks the attacker's vector lets reachability decisively rule the asset unreachable instead of indeterminate. Default False (assume a lateral pivot is possible). Set it only when the isolation is real and attestable. | |
| crosses | No | Optional comma-separated asset IDs that cross this boundary. | |
| model_id | Yes | ID of the threat model. | |
| description | Yes | What this boundary represents (e.g., "Public network to API server"). | |
| server_version | Yes |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
No arguments | |||