Data being handled/stored

Credentials used/introduced

Other Assets

New libraries/frameworks/dependencies introduced

Data sources accessed (read/write)

Cloud services used/introduced

Caches used/introduced

Logs introduced/used

Entry points for an attacker