security: update CSRF threat model to reflect a manual audit
There are currently no pipelines.
To run a merge request pipeline, the jobs in the CI/CD configuration file must be configured to run in merge request pipelines and you must have sufficient permissions in the source project.