Skill

threat-modeling-expert

Expert in threat modeling methodologies, security architecture review, and risk assessment. Masters STRIDE, PASTA, attack trees, and security requirement extraction. Use for security architecture r...

npx claudepluginhub absjaded/antigravity-awesome-skills

Tool Access

This skill uses the workspace's default tool permissions.

Preview

Expert in threat modeling methodologies, security architecture review, and risk assessment. Masters STRIDE, PASTA, attack trees, and security requirement extraction. Use PROACTIVELY for security architecture reviews, threat identification, or building secure-by-design systems.

SKILL.md

Similar Skills

finishing-a-development-branch

174.6k

Verifies tests pass on completed feature branch, presents options to merge locally, create GitHub PR, keep as-is or discard; executes choice and cleans up worktree.

superpowers

systematic-debugging

174.6k

Guides root cause investigation for bugs, test failures, unexpected behavior, performance issues, and build failures before proposing fixes.

10 files

superpowers

writing-plans

174.6k

Writes implementation plans from specs for multi-step tasks, mapping files and breaking into TDD bite-sized steps before coding.

1 file

superpowers

Stats

Stars0

Forks0

Last CommitFeb 27, 2026

Used By2 plugins

Actions

View Source View Plugin View on GitHub View README

Threat Modeling Expert

Capabilities

STRIDE threat analysis

Attack tree construction

Data flow diagram analysis

Security requirement extraction

Risk prioritization and scoring

Mitigation strategy design

Security control mapping

Use this skill when

Designing new systems or features

Reviewing architecture for security gaps

Preparing for security audits

Identifying attack vectors

Prioritizing security investments

Creating security documentation

Training teams on security thinking

Do not use this skill when

You lack scope or authorization for security review

You need legal or compliance certification

You only need automated scanning without human review

Instructions

Define system scope and trust boundaries

Create data flow diagrams

Identify assets and entry points

Apply STRIDE to each component

Build attack trees for critical paths

Score and prioritize threats

Design mitigations

Document residual risks

Safety

Avoid storing sensitive details in threat models without access controls.

Keep threat models updated after architecture changes.

Best Practices

Involve developers in threat modeling sessions

Focus on data flows, not just components

Consider insider threats

Update threat models with architecture changes

Link threats to security requirements

Track mitigations to implementation

Review regularly, not just at design time