From f175ab5208cccf0418848b8e3264f0b420a9dc30 Mon Sep 17 00:00:00 2001
From: "Rafael Gonzaga rafael.nunu@hotmail.com" <rafael.nunu@hotmail.com>
Date: Wed, 19 Mar 2025 13:08:18 -0300
Subject: [PATCH 1/3] doc: add impairing ability to the project day 2 day

---
 MAINTAINERS_THREAT_MODEL.md | 54 +++++++++++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)

diff --git a/MAINTAINERS_THREAT_MODEL.md b/MAINTAINERS_THREAT_MODEL.md
index 1c7f95a35..32b0df0fd 100644
--- a/MAINTAINERS_THREAT_MODEL.md
+++ b/MAINTAINERS_THREAT_MODEL.md
@@ -198,3 +198,57 @@ Notes:
 | **Email** (io.js aliases)    | - | N\A |
 | **Slack**                    | - | N\A |
 | **Calendar**                 | - | N\A |
+
+### Imparing the ability of the project to do day-to-day work
+
+* Deleting repos
+* Destroying infra
+* Destroying publication keys (Apple, Windows..)
+* Deleting calendar
+
+**Vectors:**
+
+* Compromised credentials or accounts
+* Malicious insider threats
+* Unauthorized access to CI/CD pipelines
+* Unsecured backup systems
+* Weak MFA enforcement or bypass
+* Excessive permissions assigned to users
+
+**Related CWEs:**
+
+* CWE-284: Improper Access Control
+* CWE-285: Improper Authorization
+* CWE-287: Improper Authentication
+* CWE-522: Insufficiently Protected Credentials
+* CWE-732: Incorrect Permission Assignment for Critical Resource
+* CWE-778: Insufficient Logging
+
+| Resource | Minimum Access    | Description |
+|-         |-                  |-            |
+| **HackerOne**                | a | Exclude the Node.js project from H1 |
+| **MITRE**                    | - | N/A |
+| **private/node-private**     | a | Excluding the repository |
+| **private/security-release** | w | Excluding the list of current security release |
+| **private/secrets**          | r | Read access to secrets grants access to key resources |
+| **nodejs/node**              | w | - |
+| **nodejs/deps**              | w | Deleting repos can affect packages that relies on it |
+| **nodejs/build** (GH)        | w | Write access would allow key scripts, infra to be modified |
+| **nodejs/docker-node**       | w | - |
+| **nodejs/node-core-utils**   | w | - |
+| **nodejs/nodejs.org**        | w | - |
+| **npm account**              | w | - |
+| **Jenkins CI - test**        | w | - |
+| **Jenkins CI - release**     | w | - |
+| **Infra - test**             | w | - |
+| **Infra - release**          | w | - |
+| **Build infra**              | w | - |
+| **Website Infra**            | w | - |
+| **Youtube**                  | a | Deleting previous record meetings |
+| **Zoom**                     | a | - |
+| **1Password**                | r | - |
+| **Social media accounts**    | w | - |
+| **Email** (nodejs-sec)       | a | - |
+| **Email** (io.js aliases)    | w | - |
+| **nodejs/calendar**          | w | - |
+| **Slack**                    | a | - |

From 9c3914e8191e028574138fe02b61110eee90507e Mon Sep 17 00:00:00 2001
From: Rafael Gonzaga <rafael.nunu@hotmail.com>
Date: Wed, 19 Mar 2025 15:57:41 -0300
Subject: [PATCH 2/3] Apply suggestions from code review

Co-authored-by: Jordan Harband <ljharb@gmail.com>
Co-authored-by: flakey5 <73616808+flakey5@users.noreply.github.com>
---
 MAINTAINERS_THREAT_MODEL.md | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/MAINTAINERS_THREAT_MODEL.md b/MAINTAINERS_THREAT_MODEL.md
index 32b0df0fd..7f38bfac7 100644
--- a/MAINTAINERS_THREAT_MODEL.md
+++ b/MAINTAINERS_THREAT_MODEL.md
@@ -199,12 +199,12 @@ Notes:
 | **Slack**                    | - | N\A |
 | **Calendar**                 | - | N\A |
 
-### Imparing the ability of the project to do day-to-day work
+### Impairing the ability of the project to do day-to-day work
 
-* Deleting repos
+* Deleting or transferring repos
 * Destroying infra
 * Destroying publication keys (Apple, Windows..)
-* Deleting calendar
+* Deleting calendar and calendar recurring events
 
 **Vectors:**
 
@@ -237,6 +237,7 @@ Notes:
 | **nodejs/docker-node**       | w | - |
 | **nodejs/node-core-utils**   | w | - |
 | **nodejs/nodejs.org**        | w | - |
+| **nodejs/release-cloudflare-worker** | w | - |
 | **npm account**              | w | - |
 | **Jenkins CI - test**        | w | - |
 | **Jenkins CI - release**     | w | - |

From 0df4e204f1a883ee8eea40ecc4d5414db07d3171 Mon Sep 17 00:00:00 2001
From: Rafael Gonzaga <rafael.nunu@hotmail.com>
Date: Thu, 20 Mar 2025 15:29:59 -0300
Subject: [PATCH 3/3] Apply suggestions from code review
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: Ulises Gascón <ulisesgascongonzalez@gmail.com>
---
 MAINTAINERS_THREAT_MODEL.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/MAINTAINERS_THREAT_MODEL.md b/MAINTAINERS_THREAT_MODEL.md
index 7f38bfac7..82fe52132 100644
--- a/MAINTAINERS_THREAT_MODEL.md
+++ b/MAINTAINERS_THREAT_MODEL.md
@@ -202,9 +202,10 @@ Notes:
 ### Impairing the ability of the project to do day-to-day work
 
 * Deleting or transferring repos
-* Destroying infra
+* Destroying or misconfiguring infrastructure resources (e.g., build machines, cloud resources, etc.).
 * Destroying publication keys (Apple, Windows..)
 * Deleting calendar and calendar recurring events
+* Hijacking official communication channels (Slack, email, social media)
 
 **Vectors:**