From security-scanning
Build comprehensive attack trees to visualize threat paths. Use when mapping attack scenarios, identifying defense gaps, or communicating security risks to stakeholders.
How this skill is triggered — by the user, by Claude, or both
Slash command
/security-scanning:attack-tree-constructionThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Systematic attack path visualization and analysis.
Systematic attack path visualization and analysis.
[Root Goal]
|
┌────────────┴────────────┐
│ │
[Sub-goal 1] [Sub-goal 2]
(OR node) (AND node)
│ │
┌─────┴─────┐ ┌─────┴─────┐
│ │ │ │
[Attack] [Attack] [Attack] [Attack]
(leaf) (leaf) (leaf) (leaf)
| Type | Symbol | Description |
|---|---|---|
| OR | Oval | Any child achieves goal |
| AND | Rectangle | All children required |
| Leaf | Box | Atomic attack step |
| Attribute | Description | Values |
|---|---|---|
| Cost | Resources needed | $, $$, $$$ |
| Time | Duration to execute | Hours, Days, Weeks |
| Skill | Expertise required | Low, Medium, High |
| Detection | Likelihood of detection | Low, Medium, High |
Full template library lives in references/details.md. Read that file when you need concrete templates for this skill.
npx claudepluginhub wshobson/agents --plugin security-scanningConstructs attack trees to visualize threat paths, map attack scenarios, identify defense gaps, and communicate security risks. For authorized security assessments only.
Build hierarchical attack trees showing how attackers decompose goals into sub-goals and exploits. Use when analyzing attack paths, prioritizing security investments, or assessing attacker effort and cost.
Models multi-step adversary strategies as goal-oriented tree decompositions to reveal cheapest attack paths and highest-leverage defenses.