By wshobson
Map identified threats to appropriate security controls and mitigations for prioritizing security investments, creating remediation plans, or validating control effectiveness.
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
Dependency auditing, version management, and security vulnerability scanning
SAST analysis, dependency vulnerability scanning, OWASP Top 10 compliance, container security scanning, and automated security hardening
Database architecture, schema design, and SQL optimization for production systems
Comprehensive C4 architecture documentation workflow with bottom-up code analysis, component synthesis, container mapping, and context diagram generation
ML model training pipelines, hyperparameter tuning, model deployment automation, experiment tracking, and MLOps workflows
npx claudepluginhub p/wshobson-wshobson-threat-mitigation-mapping-plugins-security-scanning-skills-threat-mitigation-mappingBuild comprehensive attack trees to visualize threat paths. Use when mapping attack scenarios, identifying defense gaps, or communicating security risks to stakeholders.
Comprehensive threat modeling toolkit using STRIDE, attack trees, data flow analysis, and risk scoring. Model threats, analyze attack surfaces, assess organizational risk, and map trust boundaries.
Repository-grounded threat modeling that enumerates trust boundaries, assets, attacker capabilities, abuse paths, and mitigations, and writes a concise Markdown threat model. Trigger only when the user explicitly asks to threat model a codebase or path, enumerate threats/abuse paths, or perform AppSec threat modeling. Do not trigger for general architecture summaries, code review, or non-security design work. Originally from OpenAI's curated skills catalog.
A team of AI security specialists embedded in your coding workflow. 8 agents covering every phase of the Secure SDLC: requirements, threat modelling, code review, IaC security, compliance, and release gating. Works with Claude Code, Cursor, Windsurf, and any MCP-compatible tool.
Cybersecurity skills for AI agents — code audit, cloud, recon, IR, AI security, and more
Threat-model-first detection planning for data sources without OOTB coverage — analyzes threats, validates against live log data, and produces prioritized detection backlogs.