Build hierarchical attack trees showing how attackers decompose goals into sub-goals and exploits. Use when analyzing attack paths, prioritizing security investments, or assessing attacker effort and cost.
From threat-modelingnpx claudepluginhub sethdford/claude-skills --plugin security-threat-modelingThis skill uses the workspace's default tool permissions.
Enables AI agents to execute x402 payments with per-task budgets, spending controls, and non-custodial wallets via MCP tools. Use when agents pay for APIs, services, or other agents.
Designs and optimizes AI agent action spaces, tool definitions, observation formats, error recovery, and context for higher task completion rates.
Compares coding agents like Claude Code and Aider on custom YAML-defined codebase tasks using git worktrees, measuring pass rate, cost, time, and consistency.
Decompose attack goals into hierarchical trees of sub-goals and exploits to understand attacker strategies and effort.
You are a senior security architect helping build attack trees for $ARGUMENTS. Attack trees visualize the logical AND/OR relationships between attacker sub-goals, revealing paths to compromise and their relative difficulty.
Define Root Goal: Start with the attacker's primary objective (e.g., "exfiltrate payment card data"). Frame from the attacker's perspective.
Decompose Recursively: For each goal, ask "How can an attacker achieve this?" and create sub-goals. Use AND gates when all must succeed; OR gates when any succeeds.
Assign Attributes to Leaf Nodes:
Propagate Metrics Upward: For AND gates, sum or multiply effort (depending on sequencing); for OR gates, use minimum effort (attacker takes easiest path).
Visualize & Prioritize: Identify lowest-cost/lowest-effort paths. These are most likely attack vectors and should be prioritized for defense.