Stats
Actions
Tags
From threatmodel
Complete threat modeling workflow. Discovers assets, analyzes threats (STRIDE), verifies controls, maps compliance, generates reports.
How this skill is triggered — by the user, by Claude, or both
Slash command
/threatmodel:fullThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
```
/threatmodel:full [--docs <path>] [--compliance owasp,soc2,pci-dss]
Runs complete threat modeling in 5 phases:
.threatmodel/
├── config.yaml
├── state/
│ ├── assets.json # Discovered components
│ ├── dataflows.json # Data movement
│ ├── threats.json # STRIDE analysis
│ ├── controls.json # Security controls found
│ ├── gaps.json # Missing controls
│ └── compliance.json # Framework mapping
├── diagrams/
│ └── architecture.mmd # Mermaid diagram
├── reports/
│ ├── risk-report.md
│ └── executive-summary.md
└── baseline/
└── snapshot-{date}.json
Risk = Likelihood (1-5) × Impact (1-5)
| Score | Level |
|---|---|
| 16-25 | Critical |
| 10-15 | High |
| 5-9 | Medium |
| 1-4 | Low |
npx claudepluginhub josemlopez/claude-threatmodel --plugin threatmodelSystematically identifies threats using STRIDE categories (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege). Guides creation of Data Flow Diagrams and documents threats per element.
Produce a threat model — assets, ranked threats, mitigations, accepted risks. Use when asked to "threat model this", "what could go wrong security-wise", "map our attack surface", or before designing any security-sensitive feature.
Systematically identify and document threats using the STRIDE framework (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege). Use when designing systems, reviewing architectures, conducting security design reviews, or updating threat models.