Lobster / OpenClaw — STRIDE threat model

Data flow diagram with trust boundaries and 46 enumerated threats across 11 components. Generated from architecture at lobster.shahine.com.

Click any element in the diagram below to filter the threat table.

Read the full article Download threat assessment Download Threat Dragon JSON
TB1: Internet boundary TB2: Tailscale mesh (encrypted, ACL-gated) TB3: Agent Mac — OpenClaw gateway process TB4: Restricted agent context (least-privilege) TB5: Host OS exec boundary (allowlist-gated) Email senders Untrusted WhatsApp External users Webhooks HomeKit / Travel Web / APIs MCP, LLM, etc. Owner iMessage DM Family iMessage DM Groups iMessage Blue Bubbles OpenClaw Gateway Main agent Full access Group agent Restricted Family agent Restricted WA agent Shadow mode HomeClaw Webhook agent Travel Hub Webhook agent A2A comms Config / Secrets openclaw.json, secrets.json Apple PIM Calendar, Contacts, Mail Fastmail Email (MCP) Memory Agent state Logs Audit trail Exec Allowlist Elevated access Owner @mention SMTP HTTP Binding Owner DM
TB1: Internet
TB2: Tailscale
TB3: Gateway
TB4: Restricted
TB5: Host OS / Exec
A2A comms
▭ External entity
○ Process
═ Data store

Threat catalog

| |
#CatSevComponentThreat descriptionMitigationStatus

Trust boundary crossings summary