Threat Model
SentinelRN is a risk-based security framework. It does not claim perfect protection — mobile runtime checks can be bypassed, prompt-injection detection can miss attacks, and PII detection can produce false positives and negatives. The goal is to help developers make better, more informed security decisions.
Threats SentinelRN addresses
- Compromised runtime environments — rooted, jailbroken, emulated, or otherwise modified devices that weaken platform protections.
- Runtime instrumentation & tampering — debuggers, Frida, hooking frameworks, method swizzling, repackaged builds.
- Unsafe AI input handling — secrets, PII, or injection sent to an AI provider without inspection.
- Sensitive data leakage — secrets/PII leaking into logs, analytics, crash reports, or AI payloads.
- Poor application response to risk — boolean-only APIs with no severity, confidence, or recommended action.
What SentinelRN does not protect against
- A fully compromised backend
- A malicious authorized user
- Stolen credentials already accepted by the server
- A determined attacker with full device control
- All possible root/jailbreak bypasses or prompt-injection attacks
- Insecure API design or AI provider configuration
Backend still matters
SentinelRN should never be your only security boundary. Continue to enforce backend authorization, rate limiting, token revocation, server-side prompt validation, audit logging, and abuse detection.
The client can reduce risk. The server must enforce trust.
The full threat model lives in the repository: docs/THREAT_MODEL.md.