System Analysis Workflow

The System Analysis workflow examines codebases and documentation to extract system purpose, intended users, and business context. This workflow is perfect for understanding unfamiliar systems, generating threat models, or creating system documentation.

Overview

Workflow ID: system_analysis
Primary Use Case: System understanding and threat modeling preparation
Output: JSON report with system characteristics

Common focus areas:

authentication - User authentication and session management
authorization - Access control and permissions
data_processing - Data handling and storage
api_endpoints - API design and external interfaces
user_management - User roles and account management
payment_processing - Financial transactions
security - Security controls and measures
compliance - Regulatory and compliance features
integration - External system integrations
monitoring - Logging and observability

Common Use Cases

1. Threat Modeling Preparation

# Generate system understanding for threat modeling
fraim run system_analysis --location . \
  --business-context "Customer-facing web application" \
  --focus-areas "authentication,data_processing,external_integrations"

2. Security Assessment Kickoff

# Understand system before security review
fraim run system_analysis --location . \
  --focus-areas "security,authentication,data_processing"

3. Onboarding New Team Members

# Generate system overview for new developers
fraim run system_analysis --location . \
  --business-context "Internal tool for customer support team"

4. Compliance Documentation

# Understand system for compliance assessment
fraim run system_analysis --location . \
  --business-context "Healthcare data processing system" \
  --focus-areas "data_processing,compliance,security"

5. Legacy System Analysis

# Analyze unfamiliar legacy system
fraim run system_analysis --location . \
  --business-context "Legacy financial reporting system"

6. Documentation Generation

# Generate system overview for documentation
fraim run system_analysis --location . \
  --business-context "Internal API for user management" \
  --output ./docs/analysis/

Workflow-Specific Options

`--business-context <TEXT>`

Provide additional business context to improve analysis accuracy.

# Financial services context
fraim run system_analysis --location . \
  --business-context "Banking application for retail customers"

# Healthcare context  
fraim run system_analysis --location . \
  --business-context "Patient management system for medical practices"

# E-commerce context
fraim run system_analysis --location . \
  --business-context "Online marketplace connecting buyers and sellers"

`--focus-areas <AREAS>`

Specify particular areas to emphasize during analysis.

# Authentication focus
fraim run system_analysis --location . \
  --focus-areas "authentication,authorization,user_management"

# Data processing focus
fraim run system_analysis --location . \
  --focus-areas "data_processing,database,api_endpoints"

# Security focus
fraim run system_analysis --location . \
  --focus-areas "security,encryption,access_control,audit_logging"

GitHub Actions Integration

name: System Analysis
on:
  workflow_dispatch:
    inputs:
      business_context:
        description: 'Business context for analysis'
        required: false
        default: 'Web application'

jobs:
  system-analysis:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      
      - name: Run Fraim System Analysis
        uses: fraim-dev/fraim-action@423d9d6b3c80923557887930d80eec4ca22a5c24
        with:
          anthropic-api-key: ${{ secrets.ANTHROPIC_API_KEY }}
          workflow: system_analysis
          workflow_args: |
            {
              "business-context": "${{ github.event.inputs.business_context }}",
              "focus-areas": ["security", "authentication", "data_processing"]
            }
      
      - name: Upload Analysis
        uses: actions/upload-artifact@v3
        with:
          name: system-analysis
          path: fraim_output/system_analysis_*.json

Available workflow_args

Argument	Type	Default	Description
`chunk-size`	integer	`500`	Number of lines per chunk
`limit`	integer	`null`	Limit the number of files to scan
`globs`	array of strings	`null`	File patterns to include (uses workflow defaults if not provided)
`max-concurrent-chunks`	integer	`5`	Maximum number of chunks to process concurrently
`business-context`	string	`""`	Additional business context to consider during analysis
`focus-areas`	array of strings	`null`	Specific areas to focus on (e.g., authentication, data_processing, api_endpoints)

Get Started

Workflows

Integrations

CLI

System Analysis

System Analysis Workflow

Overview

Common Use Cases

1. Threat Modeling Preparation

2. Security Assessment Kickoff

3. Onboarding New Team Members

4. Compliance Documentation

5. Legacy System Analysis

6. Documentation Generation

Workflow-Specific Options

`--business-context <TEXT>`

`--focus-areas <AREAS>`

GitHub Actions Integration

Available workflow_args

Get Started

Workflows

Integrations

CLI

​System Analysis Workflow

​Overview

​Common Use Cases

​1. Threat Modeling Preparation

​2. Security Assessment Kickoff

​3. Onboarding New Team Members

​4. Compliance Documentation

​5. Legacy System Analysis

​6. Documentation Generation

​Workflow-Specific Options

​--business-context <TEXT>

​--focus-areas <AREAS>

​GitHub Actions Integration

​Available workflow_args

System Analysis Workflow

Overview

Common Use Cases

1. Threat Modeling Preparation

2. Security Assessment Kickoff

3. Onboarding New Team Members

4. Compliance Documentation

5. Legacy System Analysis

6. Documentation Generation

Workflow-Specific Options

`--business-context <TEXT>`

`--focus-areas <AREAS>`

GitHub Actions Integration

Available workflow_args