ワンクリックで
surface
Attack surface summary with component breakdown, trust boundary crossings, and control gap analysis
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
メニュー
Attack surface summary with component breakdown, trust boundary crossings, and control gap analysis
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
SOC 職業分類に基づく
Assign classes to unclassified components, boundaries, data flows, and data items
Auto-discover infrastructure components from codebase using the infrastructure-scout agent
Guided end-to-end threat modeling workflow — scope through validation and sync
Populate security attributes, MITRE ATT&CK references, credentials, and monitoring tools
Quality dashboard with score breakdown, gap analysis, and readiness assessment
Push local model to platform, pull platform model to local, or check sync status
| name | surface |
| description | Attack surface summary with component breakdown, trust boundary crossings, and control gap analysis |
| agent | model-reviewer |
| context | fork |
| argument-hint | [directory-path] |
Produce a structured attack surface summary for a Dethernety threat model. This is a read-only skill — no model files are modified. Shows structural data, control gaps, and platform-computed exposures if the model is synced.
/dethereal:create first and stopmanifest.json, structure.json, dataflows.json, data-items.jsonstructure.json has 0 components, show: "Model has no components. Run /dethereal:discover or /dethereal:add to populate the model first." Stop.attributes/ directory (components, dataFlows, boundaries).dethereal/state.json for current workflow phaseRender every section below as a markdown table/tree in the conversation — the attack-surface summary is the deliverable, not a preamble to a modal. Information that lands only inside an AskUserQuestion label cannot be reviewed or scrolled back to.
Read structure.json and recursively traverse the boundary hierarchy. Count components by type (PROCESS, STORE, EXTERNAL_ENTITY) per boundary.
### Components (N total)
| Boundary | PROCESS | STORE | EXTERNAL_ENTITY | Total |
|----------|---------|-------|-----------------|-------|
| DMZ | 2 | 0 | 0 | 2 |
| Internal | 3 | 2 | 0 | 5 |
| External | 0 | 0 | 2 | 2 |
Identify all data flows where source and target are in different boundaries. For each crossing:
encryption_in_transit, authentication, and auth_failure_mode statusimplicit_deny_enabled, egress_filtering)### Trust Boundary Crossings (K flows)
| From → To | Flow Count | Encrypted | Authenticated | Enforcement |
|-----------|------------|-----------|---------------|-------------|
| External → DMZ | 2 | 2/2 TLS | 1/2 | enforced |
| DMZ → Internal | 3 | 3/3 mTLS | 3/3 | enforced |
| Internal → Data | 2 | 1/2 | 2/2 | logical only |
Annotate flows where auth_failure_mode is fail_open — these appear authenticated but provide no security guarantee on failure. Display boundary enforcement as "enforced" (implicit_deny + egress filtering) or "logical only."
Highlight any unencrypted, unauthenticated, or fail-open cross-boundary flows — these are high-priority control gaps.
Check manifest.model.id to determine if the model has been synced to the platform.
If synced: Call mcp__plugin_dethereal_dethereal__manage_exposures(action: 'list') with the model ID. Group exposures by component. Display:
### Exposures
N exposures across M components.
Top affected: <component-name> (K exposures)
If not synced:
### Exposures
Model not synced — push to platform for exposure analysis.
Run /dethereal:sync push to publish.
This step produces a two-tier coverage report: inferred coverage (from enrichment attributes) and formal coverage (from assigned controls). When the model is synced, it additionally integrates MITRE-chain-grounded gap analysis from the platform.
If model is synced (manifest.model.id is set and non-null):
mcp__plugin_dethereal_dethereal__get_control_gaps(model_id) for MITRE-chain-grounded gap analysisaddressesCountconfiguredCoverage count: controls assigned to the element but addressing different techniquesnoMitreChain count: "N exposures have no ATT&CK technique mapping and cannot be analyzed through the framework chain"### MITRE-Grounded Gap Analysis
N unmitigated exposures (addressable), M unaddressable (module gap), K with no MITRE chain.
Unmitigated:
api-server: SQL Injection (T1190 → M1016 Vulnerability Scanning)
payment-db: Data Manipulation (T1565 → M1041 Encrypt Sensitive Info)
Recommended Controls:
1. WAF Protection — addresses 3 techniques, D3FEND: D3-WSAA
2. DB Encryption (PG) — addresses 2 techniques, D3FEND: D3-DENCR
Unaddressable (module gap — no installed ControlClass):
scheduler: Resource Hijacking (T1496 → M1047)
If model is not synced: Skip this section. Gap analysis requires platform exposure data.
Call mcp__plugin_dethereal_dethereal__validate_model_json(action: 'coverage', directory_path: <model-path>) to compute the per-category inferred coverage breakdown.
### Inferred Coverage (from enrichment attributes)
| Protection | Coverage | Missing |
|------------|----------|---------|
| Authentication | 10/12 (83%) | scheduler, batch-worker |
| Encryption in transit | 8/10 cross-boundary flows (80%) | internal→data-tier, worker→queue |
| Encryption at rest | 3/4 stores (75%) | session-cache |
| Monitoring | 6/12 (50%) | scheduler, batch-worker, config-svc, ... |
Note: Inferred from component attributes. Sufficient for security posture review;
insufficient for compliance evidence. Run /dethereal:enrich to fill gaps.
Present the per-tier breakdown from the coverage tool output. Each component is assigned to its highest-priority matching tier only (a crown jewel that is also cross-boundary appears only in Tier 1):
crownJewel: true in structure.json)### Formal Control Coverage (from assigned controls)
| Tier | Components | With Controls | Gap |
|------|------------|---------------|-----|
| 1 — Crown Jewels | 3 | 2 (67%) | payment-db |
| 2 — Cross-boundary | 4 | 1 (25%) | api-gw, auth-svc, msg-queue |
| 3 — Internet-facing | 2 | 2 (100%) | — |
| 4 — Internal | 3 | 0 (0%) | scheduler, batch-worker, config-svc |
| **Total** | **12** | **5 (42%)** | **7 components without formal controls** |
Formal coverage required for: SOC2 CC6.1, ISO 27001 A.8, PCI-DSS 6.x.
Run /dethereal:enrich --focus controls to assign controls.
If no classified components have controls: "No formal controls assigned. Run /dethereal:enrich --focus controls to assign controls."
When presenting gap recommendations (from get_control_gaps): the rows are per-(Control, ControlClass) — multiple rows naming related ControlClasses for the same mechanism may be satisfied by ONE multi-class Control (one classes[] entry per class), not one Control per row. See the grouping rule in controls-enrichment.md.
If any controls have a source field, present the verification status:
### Control Verification Status
| Source | Controls | Note |
|--------|----------|------|
| Discovered (verified in code/IaC) | 8 | Full confidence — implementation confirmed |
| Declared (user-asserted) | 5 | Assumed effective, unverified |
| Both (discovered + declared) | 2 | Highest confidence — governed and verified |
Omit this section if no controls have source field.
Read .dethereal/scope.json. If declared_governance_controls is populated, list them:
### Governance Controls (declared)
- Patch management: monthly patching cycle
- Access reviews: quarterly
- Change control: CAB approval required for production
Omit this section entirely if declared_governance_controls is empty or absent.
Tactic coverage is derived from Exposure.exploitedBy — MITRE techniques populated by OPA policies during platform analysis. The plugin does not maintain a separate client-side technique annotation (see BACKEND_DELEGATION §3).
If synced and exposures returned by §3: Aggregate the exploitedBy[].attack_id values across every exposure fetched in §3. Deduplicate. Determine which of the 14 Enterprise ATT&CK tactics are covered:
Derive tactic names from technique IDs (e.g., T1566 → Initial Access). If a mapping is uncertain, resolve it via mcp__plugin_dethereal_dethereal__search_mitre_attack(action: 'technique', attack_id). Display covered vs. not covered:
### MITRE ATT&CK Coverage (platform-derived)
Techniques mapped: N (from M exposures across K elements)
Tactics covered (X/14): Initial Access, Lateral Movement, Credential Access
Tactics not covered: Reconnaissance, Resource Development, Execution, Persistence,
Privilege Escalation, Defense Evasion, Discovery, Collection, Exfiltration,
Command and Control, Impact
If synced but no exposures returned (analysis has not run, or modules emit no exposures for this model):
### MITRE ATT&CK Coverage
No exposures — analysis has not produced technique mappings yet.
Run /dethereal:analyse to generate exposures (or install a module with policies
that cover this model's components).
If not synced:
### MITRE ATT&CK Coverage
Model not synced — push to platform and run an analysis for MITRE tactic coverage.
Run /dethereal:sync push, then /dethereal:analyse.
Summarize credential usage across the model:
required_credentials attributesstores_credentials: true### Credential Topology
K flows with credentials, J shared credentials
Credential blast radius: db-admin (used by 3 flows across 2 boundaries)
Credential stores: PostgreSQL, Redis (stores_credentials: true)
If no credential data: "No credential mappings. Run /dethereal:enrich --focus credentials to map credential topology."
Check attribute files for monitoring_tools data. List components where monitoring_tools is empty or unset — these are SOC blind spots with no SIEM/EDR/NDR visibility.
### Detection Coverage
Monitored: N components (SIEM: K, EDR: J, NDR: M)
Blind spots: <component-1>, <component-2> (no monitoring tools configured)
If no components have monitoring_tools data: "No monitoring data. Run /dethereal:enrich to configure monitoring tools per component."
Check structure.json for components or boundaries with representedModel references. If found, display the cross-model gap warning:
### Cross-Model Analysis Boundaries
N components reference external models. Attack paths through these
components are not included in this model's analysis.
If credential_scope values in attribute files reference credentials that also appear in other locally available models (check .dethernety/models.json), warn about cross-model credential reuse.
If no cross-model references, omit this section.
[done] Surface analysis complete. <N> components, <K> boundary crossings, <J> control gaps.
[next] /dethereal:enrich (fill control gaps) or /dethereal:sync push (publish for exposure analysis)