Skip to content

feat: add /threat-model skill#411

Open
christinebuilds wants to merge 1 commit intogarrytan:mainfrom
christinebuilds:christinebuilds/threat-model
Open

feat: add /threat-model skill#411
christinebuilds wants to merge 1 commit intogarrytan:mainfrom
christinebuilds:christinebuilds/threat-model

Conversation

@christinebuilds
Copy link

@christinebuilds christinebuilds commented Mar 23, 2026

Summary

  • Adds a STRIDE-based threat modeling skill that produces a living THREATS.md document
  • Full workflow: system understanding → data flow mapping (ASCII diagrams) → adversary profiles → STRIDE enumeration → risk rating matrix → specific mitigations with verification steps
  • Designed with LLM-powered apps in mind — prompt injection is always in scope
  • Cross-references /red-team (feat: add /red-team skill #410) and /security-check (feat: add /security-check skill #279) findings
  • Both SKILL.md and SKILL.md.tmpl included per gstack conventions

Context

Built as part of claude-burndown, a security-first command suite for autonomous Claude Code development. This is the strategic planning layer — /threat-model identifies what to worry about, /red-team tests it, /security-check monitors it ongoing.

More context: Claude-ing after dark? How to practice safe autonomous coding.

Test plan

  • Verify SKILL.md.tmpl generates correctly via bun run gen:skill-docs
  • Run bun test for skill validation
  • Test /threat-model on a project with existing code to verify THREATS.md output

🤖 Generated with Claude Code

@claude
feat: add /threat-model skill — STRIDE-based attack surface mapping
e8d4e3c 
Threat modeling skill that produces a living THREATS.md document:
- System understanding via codebase analysis
- Data flow mapping with ASCII diagrams
- Adversary profiles (script kiddie through supply chain attacker)
- Full STRIDE enumeration (Spoofing, Tampering, Repudiation, Info Disclosure, DoS, Elevation)
- Risk rating matrix (Likelihood × Impact)
- Specific mitigations with verification steps
- Cross-references /red-team and /security-check findings

Designed for LLM-powered apps — prompt injection is always in scope.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@christinebuilds