Stats
Actions
Tags
From security-scanning
Apply STRIDE methodology to systematically identify threats. Use when analyzing system security, conducting threat modeling sessions, or creating security documentation.
How this skill is triggered — by the user, by Claude, or both
Slash command
/security-scanning:stride-analysis-patternsThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Systematic threat identification using the STRIDE methodology.
Systematic threat identification using the STRIDE methodology.
S - Spoofing → Authentication threats
T - Tampering → Integrity threats
R - Repudiation → Non-repudiation threats
I - Information → Confidentiality threats
Disclosure
D - Denial of → Availability threats
Service
E - Elevation of → Authorization threats
Privilege
| Category | Question | Control Family |
|---|---|---|
| Spoofing | Can attacker pretend to be someone else? | Authentication |
| Tampering | Can attacker modify data in transit/rest? | Integrity |
| Repudiation | Can attacker deny actions? | Logging/Audit |
| Info Disclosure | Can attacker access unauthorized data? | Encryption |
| DoS | Can attacker disrupt availability? | Rate limiting |
| Elevation | Can attacker gain higher privileges? | Authorization |
Full template library lives in references/details.md. Read that file when you need concrete templates for this skill.
npx claudepluginhub yo-steven/agents-exploration-20260523 --plugin security-scanningGuides test-driven development for Django applications using pytest-django, factory_boy, and Django REST Framework. Covers red-green-refactor workflow, conftest fixtures, and coverage reporting.