Stats
Actions
Tags
From threat-modeler — STRIDE/EoP gap ritual & self-improvement covenant
Threat-model a system or design using the Four-Question Framework + STRIDE + the two agentic axes (temporal, cognitive). Use when the user asks to "threat model" something, wants a STRIDE analysis, "what can go wrong with this design?", or to reason about an agentic/LLM/MCP system's risks. Grounded in named sources (STRIDE, MAESTRO, OWASP, MCP-38), not vibes.
How this skill is triggered — by the user, by Claude, or both
Slash command
/threat-modeler:threat-modelThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Produce a real threat model for a target by walking the Four Questions, using STRIDE as one of several
Produce a real threat model for a target by walking the Four Questions, using STRIDE as one of several intelligence sources (peer to MAESTRO, OWASP, MCP-38, LINDDUN), never as the only lens.
knowledge/four-questions.md and knowledge/stride-portals.md. For agentic/LLM/MCP targets
also read knowledge/maestro.md and knowledge/mcp-38.md; for data/privacy concerns, knowledge/linddun.md.Use node plugins/threat-modeler/scripts/coverage-matrix.mjs to ground "what can go wrong" in the
mechanical STRIDE matrix, then hand to the gap-ritual skill to formalise and propose fixes.
A portal-by-portal table (threat · mitigation/gap · framework id), the agentic-axis notes, and a ranked list of top unmitigated risks. Keep STRIDE honest: prefer concrete "an attacker can …" threats over category names.
npx claudepluginhub agentic-underground/skillsentry --plugin threat-modelerProvides CDSS development patterns for drug interaction checking, dose validation, clinical scoring (NEWS2, qSOFA), and alert classification integrated into EMR workflows.