Local Threat Model

1. Scope

This threat model applies to:

• StaticPlay website
• StaticPlay local-first software
• User-installed AI models and tooling

It assumes local execution by default and user intent as the primary control surface.

2. Core Assumptions

StaticPlay operates under the following assumptions:

• The user controls their own hardware
• The user selects and installs models intentionally
• The software does not run autonomously
• No cloud inference or remote execution is performed by StaticPlay

If these assumptions are violated, responsibility shifts to the environment, not the software.

3. In-Scope Threats (What We Consider)

3.1 Local System Compromise

Threat: Malware, rootkits, or compromised OS environments affecting AI execution.

Mitigation:

• StaticPlay does not escalate privileges
• No background daemons
• No auto-execution on boot
• All execution is user-initiated

Residual Risk: High — local compromise cannot be solved at application level.

3.2 Malicious or Untrusted Models

Threat: Third-party models containing malicious code, unsafe weights, or unexpected behaviour.

Mitigation:

• Models are not bundled silently
• Users choose sources explicitly
• No remote model execution
• Documentation encourages license and source review

Residual Risk: Medium — user discretion is required.

3.3 Data Leakage

Threat: User prompts, images, or outputs leaking to third parties.

Mitigation:

• No telemetry of AI inputs or outputs
• No cloud processing
• No silent uploads
• Network activity is visible and optional

Residual Risk: Low — leakage requires external user action.

3.4 Misuse of Generated Content

Threat: User generates unlawful, harmful, or misleading content.

Mitigation:

• Explicit user intent required
• No automated publishing or sharing
• No content distribution features

Residual Risk: High — content responsibility rests with the user.

3.5 Resource Exhaustion

Threat: Excessive CPU, GPU, RAM, or disk usage impacting system stability.

Mitigation:

• Clear hardware requirements
• User-controlled execution
• No hidden background jobs

Residual Risk: Medium — inherent to compute-heavy workloads.

3.6 Supply Chain Risks

Threat: Compromised dependencies, installers, or third-party libraries.

Mitigation:

• Open-source components where possible
• Transparent build scripts
• No forced auto-updates

Residual Risk: Medium — shared across all modern software ecosystems.

4. Out-of-Scope Threats (What We Do NOT Claim to Solve)

StaticPlay does not attempt to mitigate:

• User criminal intent
• Insider misuse
• Hardware-level attacks
• BIOS / firmware compromise
• OS-level keylogging or screen capture
• Network surveillance external to the application

Claiming otherwise would be dishonest.

5. Trust Boundaries

[ User Intent ]
      |
      v
[ StaticPlay UI ]
      |
      v
[ Local Execution Environment ]
      |
      v
[ User-Owned Outputs ]

StaticPlay does not cross trust boundaries without user action.

6. Design Philosophy

• Local-first over cloud control
• Transparency over enforcement
• User agency over paternal safeguards
• Explicit actions over automation
• Security is achieved by reducing surface area, not pretending to police intent

7. Legal & Compliance Context

This threat model aligns with:

• UK GDPR (data minimisation, user control)
• UK Online Safety principles (tool provider vs publisher)
• Software publisher liability norms

StaticPlay provides tools, not outcomes.

8. Summary

StaticPlay is secure by being:

• Simple
• Local
• Intent-driven
• Non-invasive

The safest data is data never collected.

The safest execution is execution the user controls.