diff --git a/THREATMODEL.md b/THREATMODEL.md
index b1eb5ca8..9de6c5b9 100644
--- a/THREATMODEL.md
+++ b/THREATMODEL.md
@@ -402,11 +402,11 @@ This is the model that protects **what gets published as `axios` on npm**. A suc
| | |
| --------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| **Description** | Attacker with write access force-pushes an existing tag (`v1.15.0`) to point at a malicious commit, or pushes `v1.99.99` to publish out of band. |
+| **Description** | Attacker with write access force-pushes an existing tag to point at a malicious commit, or pushes `v1.99.99` to publish out of band. |
| **Likelihood** | Low (requires write access - assumed compromised at that point) |
| **Impact** | High |
-| **Mitigations** | • npm rejects re-publishing an existing version - re-tagging `v1.15.0` cannot overwrite the published `1.15.0`.
• Provenance attestation records the commit SHA the tag pointed to _at publish time_ - forensically verifiable.
• GitHub tag protection rules can prevent tag deletion/force-push. |
-| **Gaps** | • Verify that tag protection is actually enabled on `v*` (repo setting, not visible from the codebase).
• A _new_ malicious version (`v1.15.1`) is still publishable by anyone with tag-push rights - this collapses back into T-S3 (account security). |
+| **Mitigations** | • npm rejects re-publishing an existing version - re-tagging you cannot overwrite the published `1.15.0`.
• Provenance attestation records the commit SHA the tag pointed to _at publish time_ - forensically verifiable.
• GitHub tag protection rules can prevent tag deletion/force-push. |
+| **Gaps** | A _new_ malicious version (`v1.x.x`) is still publishable by anyone with tag-push rights - this collapses back into T-S3 (account security). |
---