Stats
Actions
Tags
From threat-modeling
Analyze the attack surface to identify exposed components, entry points, and potential attack vectors.
How this command is triggered — by the user, by Claude, or both
Slash command
/threat-modeling:analyze-attack-surface system name or API endpoint listThe summary Claude sees in its command listing — used to decide when to auto-load this command
# Analyze Attack Surface Command Chain these steps: 1. Use the `data-flow-diagram-security` skill to identify all entry points: external APIs, user inputs, integrations with third parties, admin interfaces 2. Use the `trust-boundary-analysis` skill to map which components are exposed to untrusted users vs. internal-only 3. Use the `threat-identification` skill to catalog known attack vectors for exposed technologies (e.g., OWASP Top 10 for web apps, MITRE ATT&CK for cloud) 4. Use the `attack-tree-modeling` skill to decompose how attackers could reach critical assets from external entry po...
Chain these steps:
data-flow-diagram-security skill to identify all entry points: external APIs, user inputs, integrations with third parties, admin interfacestrust-boundary-analysis skill to map which components are exposed to untrusted users vs. internal-onlythreat-identification skill to catalog known attack vectors for exposed technologies (e.g., OWASP Top 10 for web apps, MITRE ATT&CK for cloud)attack-tree-modeling skill to decompose how attackers could reach critical assets from external entry pointsabuse-case-design skill to identify business logic flaws that could be exploited at each entry pointDeliverables:
After completion, suggest follow-up commands: model-threats, assess-risk, review-api-security.
npx claudepluginhub sethdford/claude-skills --plugin security-threat-modeling/threat-modelingPerforms structured STRIDE security analysis on a system or endpoint, identifying threats, attack surfaces, and mitigations.
/threatsMaps application architecture, generates data flow diagrams (DFDs), and performs STRIDE threat modeling analysis.
/threat-modelGenerates a developer-focused threat model for a feature or component from its description, tech stack, and artifacts, listing attack scenarios, impacts, likelihoods, and data risks.
/surfaceReads recon output and hunt memory for a target domain, then invokes recon-ranker to produce a prioritized attack surface with P1, P2, and Kill List.
/security-reviewPerforms STRIDE-based security review on code paths or instructions with optional framework, generating Mermaid threat diagrams and assessment reports.