Exécutez n'importe quel Skill dans Manus
en un clic

Exécutez n'importe quel Skill dans Manus en un clic

tachi-threat-reporting

Étoiles79

Forks18

Mis à jour16 avril 2026 à 20:56

Domain knowledge for narrative threat report generation — executive summary structure, architecture overview patterns, per-category narrative templates, attack tree construction rules with Mermaid syntax, and reference attack tree examples. Consumed by the threat-report agent during report generation.

Installation

Installer avec Codex ou Claude Copiez ce prompt, collez-le dans Codex, Claude ou un autre assistant, puis laissez-le vérifier la page du skill et l'installer pour vous.

Exécuter dans Manus

Source

davidmatousek

davidmatousek/tachi

Ouvrir le dépôt GitHub Voir les dépôts du créateur

Téléchargement

Exécuter dans Manus

Métiers associésSOC

Basé sur la classification professionnelle SOC

Analystes en sécurité de l'informationProfessions informatiques et mathématiques·SOC 15-1212

Explorateur de fichiers

4 fichiers

SKILL.md

readonly

name	tachi-threat-reporting
description	Domain knowledge for narrative threat report generation — executive summary structure, architecture overview patterns, per-category narrative templates, attack tree construction rules with Mermaid syntax, and reference attack tree examples. Consumed by the threat-report agent during report generation.

tachi-threat-reporting

Narrative threat report domain knowledge extracted from the tachi threat-report agent. This skill provides the templates, construction rules, and reference examples that the threat-report agent uses to transform structured threat model output into comprehensive narrative reports with Mermaid attack trees.

Domain Overview

The threat report agent produces two output types:

threat-report.md -- A 7-section narrative report conforming to schemas/report.yaml containing executive summary, architecture overview, per-category threat analysis, cross-cutting themes, Mermaid attack trees, remediation roadmap, and finding reference appendix
attack-trees/{finding-id}-attack-tree.md -- Standalone Mermaid attack tree files for every Critical and High finding

Report generation applies three bodies of domain knowledge:

Narrative Templates -- Structural patterns for each report section: executive summary elements, architecture overview layout, per-category subsection headers, per-finding narrative pattern, progressive depth rules, cross-cutting theme detection criteria, and language conventions
Attack Tree Construction -- Rules for building Mermaid flowchart attack trees: tree structure (root/intermediate/leaf), minimum depth requirements, decomposition stopping rules, Mermaid syntax conventions, color styling, node naming, and validation checklist
Attack Tree Examples -- Reference implementations demonstrating correct syntax, naming, gate logic, and decomposition depth for Critical and High severity patterns

Loading Table

Reference files are loaded on-demand by the threat-report agent at specific workflow phases using the Read tool.

Reference	File	Load When
Narrative Templates	`references/narrative-templates.md`	Generating Executive Summary (Section 1), Architecture Overview (Section 2), Threat Analysis (Section 3), Cross-Cutting Themes (Section 4), Remediation Roadmap (Section 6)
Attack Tree Construction	`references/attack-tree-construction.md`	Constructing Mermaid attack trees for Critical and High findings (Section 5)
Attack Tree Examples	`references/attack-tree-examples.md`	Before generating the first attack tree -- load once as reference patterns

Plus depuis ce dépôt

même dépôt

tachi-orchestration

davidmatousek/tachi

Domain knowledge for the tachi orchestrator agent: input format detection, DFD classification, trust boundary notation, STRIDE-per-Element dispatch rules, coverage requirements per component type, coverage matrix model, SARIF 2.1.0 generation specification, output schema tables for threats.md, baseline correlation, structural validation checklist, and error handling templates. Loaded on-demand by the orchestrator during specific pipeline phases.

2026-06-0479

tachi-risk-scoring

davidmatousek/tachi

Domain knowledge for quantitative risk scoring — four-dimensional scoring model (CVSS 3.1, exploitability, scalability, reachability), CVSS base vector mappings, composite score formulas, severity band thresholds, and governance field derivation rules. Consumed by the risk-scorer agent during scoring pipeline execution.

2026-06-0179

tachi-shared

davidmatousek/tachi

Shared reference files consumed by multiple tachi agents. Contains canonical definitions for severity bands, STRIDE+AI categories, and finding format that serve as the single source of truth across the pipeline. Agents Read individual reference files on-demand rather than maintaining inline copies.

2026-06-0179

aod-build

davidmatousek/tachi

Generate standardized checkpoint reports for multi-phase implementation projects. Use this skill when pausing implementation at strategic milestones (phase completion, user story completion, critical features) to create comprehensive progress reports with task breakdowns, metrics, knowledge base entries, and resume instructions.

2026-05-0479

aod-foundation

davidmatousek/tachi

Guided post-init workshop that helps new AOD Kit adopters establish product vision and design identity. Two-part flow: Part 1 (Vision) asks 5 guided questions to populate product-vision.md; Part 2 (Design) browses archetypes to generate brand files (brand.md, tokens.css, anti-patterns.md). Supports --vision and --design flags for partial execution. Use when a developer invokes /aod.foundation after running make init.

2026-05-0479

aod-stack

davidmatousek/tachi

Manage stack packs — activate, remove, list, and scaffold technology-specific conventions for AI coding agents. Use when developers want to select a stack, set up conventions, or manage pack lifecycle.

2026-05-0479

name	tachi-threat-reporting
description	Domain knowledge for narrative threat report generation — executive summary structure, architecture overview patterns, per-category narrative templates, attack tree construction rules with Mermaid syntax, and reference attack tree examples. Consumed by the threat-report agent during report generation.

tachi-threat-reporting

Domain Overview

The threat report agent produces two output types:

threat-report.md -- A 7-section narrative report conforming to schemas/report.yaml containing executive summary, architecture overview, per-category threat analysis, cross-cutting themes, Mermaid attack trees, remediation roadmap, and finding reference appendix
attack-trees/{finding-id}-attack-tree.md -- Standalone Mermaid attack tree files for every Critical and High finding

Report generation applies three bodies of domain knowledge:

Narrative Templates -- Structural patterns for each report section: executive summary elements, architecture overview layout, per-category subsection headers, per-finding narrative pattern, progressive depth rules, cross-cutting theme detection criteria, and language conventions
Attack Tree Construction -- Rules for building Mermaid flowchart attack trees: tree structure (root/intermediate/leaf), minimum depth requirements, decomposition stopping rules, Mermaid syntax conventions, color styling, node naming, and validation checklist
Attack Tree Examples -- Reference implementations demonstrating correct syntax, naming, gate logic, and decomposition depth for Critical and High severity patterns

Loading Table

Reference files are loaded on-demand by the threat-report agent at specific workflow phases using the Read tool.

Reference	File	Load When
Narrative Templates	`references/narrative-templates.md`	Generating Executive Summary (Section 1), Architecture Overview (Section 2), Threat Analysis (Section 3), Cross-Cutting Themes (Section 4), Remediation Roadmap (Section 6)
Attack Tree Construction	`references/attack-tree-construction.md`	Constructing Mermaid attack trees for Critical and High findings (Section 5)
Attack Tree Examples	`references/attack-tree-examples.md`	Before generating the first attack tree -- load once as reference patterns