SPM
Diagrams · Stage

Security gate

/security-review is a release gate, not a quarterly audit.

Security gate — /security-review as a release gateUAT signed offP0s clear/security-reviewruns in CI · blocks mergeThreat model fresh?Dependency scan clean?Secrets scan clean?AuthN / AuthZ tests pass?PII handling reviewed?Compliance docs current?→ Prodcanary → ramp↻ Blockno override w/o waiverRed light here blocks the release. No exceptions without a written waiver.
What it shows

Before any Vx hits prod, the security agent runs threat modelling, dependency scanning, and policy checks. A red light here blocks the release — no overrides without a written waiver.

Where it fits

Stage security in the master Ultimate AI PM workflow.

Run by the SPM Agent. Configured per project.

QA → UAT → updatesProd release
← All diagrams