Say I manufacture door locks, and I ask you to audit the security of my system. Wouldn't it make sense to agree with you that stuff like lockpicking is fine, but going around the building, breaking a window and entering the room doesn't count as "breaking the lock security"?
That's the whole point of a threat model: Mullvad has a threat model, and they build a product resistant to that. When someone audits the product, they should audit it against the threat model.
That's the whole point of a threat model: Mullvad has a threat model, and they build a product resistant to that. When someone audits the product, they should audit it against the threat model.