User accounts

Any user who has access to the source code repository could include a malicious component in the codebase and could be included in the deployed application, and components are connected with each other and perform their tasks with user accounts. Similar to access security, user permissions and the user accounts themselves can be an attack vector.