Fixed some markdown issues with Threat Model pages

## Getting Started

> [!note] Use the AI threat model agent

> With the introduction of a AI supported threat model agent, every engineer can create a threat model from scratch themselves. 

> For more information consult the [how-to guide to threat modeling](howto.md)

{{% alert title="Note" color="primary" %}}

With the introduction of a AI supported threat model agent, every engineer can create a threat model from scratch themselves. 

For more information consult the [how-to guide to threat modeling](howto.md)

{{% /alert %}}

Here are a few resources to help get you started in threat modeling:

  - Try to order by most likely and impactful threats first.

- Document the threats and map them back to your feature. Create follow-up issues with directly responsible individuals and due dates.

> [!note] We recommend using the [Threat Model Agent](#threat-model-agent) for creating Threat Models that cover our requirements and guide you through the whole process, whether it be creating a new threat model or checking if a threat model is complete and valid. 

{{% alert title="Note" color="primary" %}}

We recommend using the [Threat Model Agent](#threat-model-agent) for creating Threat Models that cover our requirements and guide you through the whole process, whether it be creating a new threat model or checking if a threat model is complete and valid. 

{{% /alert %}}

## What is Threat Modeling

Finalized threat models are stored in the [threat-models repository](https://gitlab.com/gitlab-com/gl-security/product-security/appsec/threat-models).

> [!IMPORTANT] Why use the Threat Model Agent?

> While an LLM-based agent can be a valuable asset for creating or evaluating threat models, it should be regarded as an enabler and support tool for the threat modeling process rather than a replacement for human judgment. Threats can be notoriously difficult to identify through automated means alone, but this approach ensures that team members never have to start from scratch. It also guarantees that threat models consistently meet our documentation requirements and maintain a uniform standard across the organization. Moreover, it delivers rapid initial results that can be iteratively refined over time.

> That said, the agent's output should always be reviewed and verified by the team. We strongly encourage adding any additional threats that the agent may not have identified.

{{% alert title="Why use the Threat Model Agent?" color="primary" %}}

While an LLM-based agent can be a valuable asset for creating or evaluating threat models, it should be regarded as an enabler and support tool for the threat modeling process rather than a replacement for human judgment. Threats can be notoriously difficult to identify through automated means alone, but this approach ensures that team members never have to start from scratch. It also guarantees that threat models consistently meet our documentation requirements and maintain a uniform standard across the organization. Moreover, it delivers rapid initial results that can be iteratively refined over time.

That said, the agent's output should always be reviewed and verified by the team. We strongly encourage adding any additional threats that the agent may not have identified.

{{% /alert %}}

### Availability