Ejecuta cualquier Skill en Manus
con un clic

Ejecuta cualquier Skill en Manus con un clic

threat-modeling

Apply STRIDE threat modeling to system designs, identify IDOR and authorization vulnerabilities, and build threat matrices for security reviews. Use when the user designs a new system, reviews an architecture, prepares for a security audit, or asks about common API vulnerabilities like IDOR or broken access control.

Ejecutar en Manus

Estrellas15

Forks3

Actualizado15 de abril de 2026, 10:04

Fuente

sawrus

sawrus/agent-guides

Abrir repositorio de GitHub Ver repositorios del creador

Comando de instalación

Descarga

Ejecutar en Manus

Útil paraSOC

Analistas de seguridad de la informaciónOcupaciones informáticas y matemáticas15-1212L4

SKILL.md

readonly

name	threat-modeling
type	skill
description	Apply STRIDE threat modeling to system designs, identify IDOR and authorization vulnerabilities, and build threat matrices for security reviews. Use when the user designs a new system, reviews an architecture, prepares for a security audit, or asks about common API vulnerabilities like IDOR or broken access control.
related-rules	["security-baseline.md"]
allowed-tools	Read, Bash

Skill: Threat Modeling

Expertise: STRIDE framework, IDOR prevention, authorization boundary analysis, threat matrices for API and system security reviews.

When to load

When designing a new system, adding an integration, reviewing an architecture, or preparing for a security review.

STRIDE Framework

Threat	Question	Example
Spoofing	Can an attacker impersonate a user/service?	Forged JWT, SSRF to metadata service
Tampering	Can data be modified in transit/at rest?	SQL injection, cache poisoning
Repudiation	Can users deny performing an action?	Missing audit logs
Information Disclosure	Can sensitive data be exposed?	Error messages leaking stack traces
Denial of Service	Can the service be made unavailable?	No rate limiting on public endpoints
Elevation of Privilege	Can a low-privilege user gain higher access?	IDOR, broken object-level authorization

Threat Modeling Workflow

Identify assets — list sensitive data, APIs, and trust boundaries in the system
Apply STRIDE — walk through each threat category against every asset and boundary
Score risks — rank by likelihood × impact (Critical / High / Medium / Low)
Prioritize mitigations — address Critical/High first; document accepted risks for Medium/Low
Validate — verify mitigations with code review, SAST/DAST scans, or penetration testing

IDOR — Most Common API Vulnerability

# ❌ Vulnerable
@app.get("/invoices/{invoice_id}")
def get_invoice(invoice_id: int, current_user: User = Depends(get_current_user)):
    return db.query(Invoice).filter(Invoice.id == invoice_id).first()

# ✅ Safe: always scope to authenticated user
@app.get("/invoices/{invoice_id}")
def get_invoice(invoice_id: int, current_user: User = Depends(get_current_user)):
    invoice = db.query(Invoice).filter(
        Invoice.id == invoice_id,
        Invoice.owner_id == current_user.id  # ← ownership check
    ).first()
    if not invoice:
        raise HTTPException(status_code=404)  # 404, not 403
    return invoice

Common Mistakes

Returning 403 instead of 404 — reveals that the resource exists, enabling enumeration
Client-side authorization only — always enforce ownership and role checks server-side
Missing audit logs for sensitive actions — makes repudiation threats undetectable
Trusting internal service-to-service calls — apply zero-trust; validate JWTs at every boundary

Más de este repositorio

mismo repositorio

github-actions-patterns

sawrus/agent-guides

Production-grade GitHub Actions workflows — reusable workflows, OIDC cloud auth, caching, matrix builds, and environment protection rules. Use when the user creates, reviews, or debugs CI/CD pipelines in .github/workflows, or asks about GitHub Actions deployment, OIDC authentication, or workflow optimization.

2026-04-1515

pod-troubleshooting

sawrus/agent-guides

Systematic diagnosis of Kubernetes pod failures — CrashLoopBackOff, OOMKilled, Pending, ImagePullBackOff, and service connectivity issues. Use when the user encounters pods not starting, container restart loops, scheduling failures, or service unreachability in a K8s cluster.

2026-04-1515

distributed-tracing

sawrus/agent-guides

Implement distributed tracing with OpenTelemetry, Tempo/Jaeger — instrumentation, sampling, and trace-to-log correlation. Use when the user asks about distributed tracing, OpenTelemetry setup, span instrumentation, trace propagation, or connecting traces to logs and metrics.

2026-04-1515

component-design

sawrus/agent-guides

Design reusable React components with compound patterns, controlled/uncontrolled hybrids, typed prop APIs, async state handling, and ARIA accessibility. Use when the user creates, refactors, or reviews React components, or mentions props, hooks, .tsx files, component APIs, or accessible UI patterns.

2026-04-1515

pipeline-security

sawrus/agent-guides

Secure CI/CD pipelines with keyless signing, OIDC federation, provenance attestations, policy enforcement, and hardened runners.

2026-04-1015

artifact-management

sawrus/agent-guides

Manage container images, Helm charts, and build artifacts — registry organization, retention, promotion between environments.

2026-03-0815

Skill: Threat Modeling

Expertise: STRIDE framework, IDOR prevention, authorization boundary analysis, threat matrices for API and system security reviews.

When to load

When designing a new system, adding an integration, reviewing an architecture, or preparing for a security review.

STRIDE Framework

Threat

Question

Example

Spoofing

Can an attacker impersonate a user/service?

Forged JWT, SSRF to metadata service

Tampering

Can data be modified in transit/at rest?

SQL injection, cache poisoning

Repudiation

Can users deny performing an action?

Missing audit logs

Information Disclosure

Can sensitive data be exposed?

Error messages leaking stack traces

Denial of Service

Can the service be made unavailable?

No rate limiting on public endpoints

Elevation of Privilege

Can a low-privilege user gain higher access?

IDOR, broken object-level authorization

Threat Modeling Workflow

Identify assets — list sensitive data, APIs, and trust boundaries in the system

Apply STRIDE — walk through each threat category against every asset and boundary

Score risks — rank by likelihood × impact (Critical / High / Medium / Low)

Prioritize mitigations — address Critical/High first; document accepted risks for Medium/Low

Validate — verify mitigations with code review, SAST/DAST scans, or penetration testing

IDOR — Most Common API Vulnerability

# ❌ Vulnerable @app.get("/invoices/{invoice_id}") def get_invoice(invoice_id: int, current_user: User = Depends(get_current_user)): return db.query(Invoice).filter(Invoice.id == invoice_id).first() # ✅ Safe: always scope to authenticated user @app.get("/invoices/{invoice_id}") def get_invoice(invoice_id: int, current_user: User = Depends(get_current_user)): invoice = db.query(Invoice).filter( Invoice.id == invoice_id, Invoice.owner_id == current_user.id # ← ownership check ).first() if not invoice: raise HTTPException(status_code=404) # 404, not 403 return invoice

Common Mistakes

Returning 403 instead of 404 — reveals that the resource exists, enabling enumeration

Client-side authorization only — always enforce ownership and role checks server-side

Missing audit logs for sensitive actions — makes repudiation threats undetectable

Trusting internal service-to-service calls — apply zero-trust; validate JWTs at every boundary