What is tenant isolation?

Tenant isolation means ensuring that data and operations for one tenant cannot be accessed or affected by another tenant, across API, DB, cache, and background jobs.

How does this checklist relate to tenant security review skills?

The notes acknowledge that this checklist overlaps with tenant security review skills, and should be used in conjunction with them to strengthen overall tenancy security.

What should I do if isolation fails?

Investigate the root cause, implement fixes to enforce boundaries, re-run the checks, and document the remediation and verification as part of security review.

tenant-isolation-checklist

npx machina-cli add skill tomkraaij/ai-skills-librarian/tenant-isolation-checklist --openclaw

Files (1)

SKILL.md

399 B

Tenant Isolation Checklist

Validate isolation at:

API layer
DB layer
Cache layer
Background jobs

Notes

This overlaps with tenant security review skills.

Source

git clone https://github.com/tomkraaij/ai-skills-librarian/blob/main/fixtures/manual-tests/team-security/skills/tenant-isolation-checklist/SKILL.md

View on GitHub

Overview

This checklist validates tenant isolation across API, database, cache, and background jobs in multi-tenant systems. It helps teams confirm that tenant boundaries prevent data leakage and cross-tenant access, aligning with security and multi-tenant best practices.

How This Skill Works

The skill guides you through layer-by-layer checks: verify API access controls and tenant-scoped requests, enforce tenant-aware DB queries (row-level or partitioning), ensure cache keys and eviction respect tenant boundaries, and validate background job handlers process tenant data in isolation. Documentation notes highlight its overlap with tenant security review skills.

When to Use It

Before deploying a multi-tenant application to production
During security/compliance reviews of tenant boundaries
After changes to tenant models, schemas, or access controls
When onboarding new tenants or updating tenant configurations
During post-incident reviews to verify isolation and identify breaches

Quick Start

Step 1: Identify all isolation points (API, DB, cache, background jobs) and tenant boundaries
Step 2: Implement and run automated checks to validate tenant isolation across layers
Step 3: Review results with the team and remediate any leakage or boundary violations

Best Practices

Define explicit tenant boundary contracts for API, DB, cache, and background jobs
Automate cross-tenant data access tests and tenant leakage checks
Apply strict tenant-scoped queries and access controls at the DB layer
Use tenant-aware cache keys and namespace isolation
Document findings and coordinate with tenant security review efforts

Example Use Cases

API Gateway rejects requests that specify a different tenant than the authenticated user
Database layer enforces per-tenant row-level security or partitioning to prevent cross-tenant access
Cache stores data with tenant-specific prefixes to avoid cross-tenant data leakage
Background job processor isolates processing per tenant and uses tenant-scoped queues
Security review uncovers no cross-tenant data exposure after changes

Frequently Asked Questions

Add this skill to your agents