Model trust boundaries, abuse cases, sensitive data flows, and security mitigations, then classify residual risk. Use when creating THREAT_MODEL.md, SECURITY_REVIEW.md, SUPPLY_CHAIN.md, or deciding whether security findings are blocking, accepted, or mitigated.