olek/AI_template
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
425227c6b86139802ea55f1b62a8c6c6cb645a21
AI_template/.claude/skills/threat-model/SKILL.md
olekhondera 5b28ea675d add SKILL
2026-02-14 07:38:50 +02:00

2.1 KiB
Raw Blame History

name, description, disable-model-invocation, argument-hint, context, agent
name description disable-model-invocation argument-hint context agent
threat-model Create a threat model for a feature or system — trust boundaries, attack vectors, risk assessment, and mitigations. true [feature-or-system] fork security-auditor

Threat Model

Create an AppSec-grade threat model for $ARGUMENTS.

Steps

  1. Scope & Extract:

    • Read relevant code and documentation
    • Map primary components, data stores, entry points
    • Identify external integrations and trust boundaries

  2. Derive Boundaries & Assets:

    • Enumerate trust boundaries with protocol/auth/encryption details
    • List risk-driving assets (user data, credentials, payment info, API keys)

  3. Attacker Profile:

    • Define realistic attacker goals tied to the assets
    • Consider: anonymous external, authenticated user, compromised internal service
    • Note what attackers cannot do (scoping assumptions)

  4. Enumerate Threats:

    • Frame as abuse paths: exfiltration, privilege escalation, integrity compromise, DoS
    • Tie each threat to a specific asset and boundary

  5. Prioritize:

    • Rate: likelihood (low/medium/high) × impact (low/medium/high)
    • Risk tiers:
      • High: pre-auth RCE, auth bypass, cross-tenant access, key theft
      • Medium: targeted DoS, partial data exposure, rate-limit bypass
      • Low: low-sensitivity info leaks, noisy DoS

  6. Validate — ask 1-3 targeted questions about deployment, auth, data sensitivity

  7. Recommend Mitigations — concrete, tied to specific code locations and control types

Output Format

# Threat Model: [feature/system name]

## Scope
[Components, data flows, boundaries]

## Architecture Diagram
[Mermaid diagram showing components and trust boundaries]

## Assets
| Asset | Sensitivity | Location |
|-------|-------------|----------|

## Threats
| # | Threat | Asset | Likelihood | Impact | Priority | Mitigation |
|---|--------|-------|------------|--------|----------|------------|

## Assumptions
[What was assumed about deployment, auth, environment]

## Open Questions
[Questions for the team]
Reference in New Issue View Git Blame Copy Permalink