원클릭으로
review
Quality dashboard with score breakdown, gap analysis, and readiness assessment
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
메뉴
Quality dashboard with score breakdown, gap analysis, and readiness assessment
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
Assign classes to unclassified components, boundaries, data flows, and data items
Auto-discover infrastructure components from codebase using the infrastructure-scout agent
Guided end-to-end threat modeling workflow — scope through validation and sync
Populate security attributes, MITRE ATT&CK references, credentials, and monitoring tools
Attack surface summary with component breakdown, trust boundary crossings, and control gap analysis
Push local model to platform, pull platform model to local, or check sync status
| name | review |
| description | Quality dashboard with score breakdown, gap analysis, and readiness assessment |
| agent | model-reviewer |
| context | fork |
| argument-hint | [directory-path] [--structure-only] |
Evaluate a Dethernety threat model's completeness, correctness, and readiness for platform analysis. This skill does not modify model data files. Quality results are displayed but not cached to disk — invoke via the guided workflow (/dethereal:threat-model) for persistent quality tracking.
/dethereal:create first and stopmanifest.json, structure.json, dataflows.json, data-items.json.dethereal/state.json for current workflow phase.dethereal/quality.json if it exists (previous quality cache)If $ARGUMENTS contains --structure-only, route to Structure-Only Mode.
Otherwise, proceed with Full Review Mode.
mcp__plugin_dethereal_dethereal__validate_model_json(action: 'validate') for structural checksmcp__plugin_dethereal_dethereal__validate_model_json(action: 'quality') for the 7-factor quality assessmentShow the quality score with label:
The quality score measures model completeness, not system security posture. A model with 95/100 quality could describe a system with critical vulnerabilities — the score reflects how thoroughly the model captures the system, not how secure the system is.
Display all 7 factors in a table. Render this dashboard as a markdown block in the conversation — when this skill (or Agent(model-reviewer)) feeds a guided workflow, the full factor breakdown and top issues belong in the conversation, never collapsed into a one-line score or an AskUserQuestion label.
### Factor Breakdown
| Factor | Score | Weight | Contribution |
|--------|-------|--------|-------------|
| Component classification | 60% | 25 | 15.0 |
| Attribute completion | 40% | 20 | 8.0 |
| Boundary hierarchy | 100% | 15 | 15.0 |
| Data flow coverage | 80% | 15 | 12.0 |
| Data classification | 50% | 10 | 5.0 |
| Control coverage | 0% | 10 | 0.0 |
| Credential coverage | 0% | 5 | 0.0 |
Evaluate all three gates and display pass/fail with details:
### Quality Gates
Gate 1 (Creation): PASS — all advisory checks clear
Gate 2 (Sync): PASS — structure valid, references intact
Gate 3 (Analysis): FAIL — 2 components unclassified, attribute completion at 40%
Gate 1 (Creation, advisory):
Gate 2 (Sync, blocking):
Gate 3 (Analysis, blocking):
classData (DATA class assigned) — the field that drives template enrichment and OPA, not just a sensitivity tagRed-flag surfacing (always shown with Gate 3, regardless of score): list any flow with auth_failure_mode: fail_open or fallback, and any Tier-1 (crown jewel) component with zero controls. Also list any control whose class binding carries empty attributes AND empty platformAttributes (the module emits no countermeasures for an empty binding — it looks assigned but contributes nothing), and any control with zero countermeasures after analysis. The quality score measures completeness, not posture — a 95/100 model can carry all of these; the gate must at least NAME them.
Check the model for frequently missing elements:
### Common Gaps
- [x] Administrative access paths
- [ ] Monitoring/logging flows
- [ ] Backup/recovery flows
- [x] Trust boundary crossings have data flows
- [ ] External dependencies (CDN, DNS, CA, registries)
- [x] Human actors (developers, operators, support)
- [ ] Bidirectional flows (request + response)
- [ ] Error/fallback paths
Determine presence by scanning structure.json and dataflows.json for relevant patterns. These checks are heuristic — to keep the findings list stable across reviews of an unchanged model, run the gap detection once and cache the results to .dethereal/quality.json (keyed by the model content hash); reuse the cached list while the model is unchanged. Detection guidance per item:
List the top 3 issues by severity:
### Top Issues
1. **[Critical]** 3 components have no class assigned (Web Server, Cache, Worker)
2. **[Warning]** Database component has no attribute file — security properties unknown
3. **[Info]** No data items defined — data sensitivity cannot be assessed
Suggest next actions based on the gaps found:
/dethereal:classify, /dethereal:enrich, /dethereal:add)Assess readiness with three states:
### Analysis Readiness
PARTIAL — Quality 72/100 but 2 components unclassified (Gate 3 requires 100%)
Readiness caveat (PASS with missing credentials/controls): If quality ≥ 70 and Gate 3 passes but control_coverage_rate = 0 AND credential_coverage_rate = 0:
Your model is structurally ready for analysis, but analysis quality will improve significantly with credentials (for lateral movement paths) and controls (for defense coverage gaps).
If .dethereal/discovery.json exists, read it to determine model provenance and display a one-line discovery basis:
Model based on: code analysis (10 components) + manual (2). Known gaps: 3.
Add the runtime validation recommendation:
Runtime Validation Recommended: This model reflects code-time infrastructure. Cross-reference with cloud asset inventory, DNS logs, or network flow data to identify shadow infrastructure not visible in code.
If discovery.json does not exist (model created manually or pulled from platform), omit the discovery basis but still show the runtime validation recommendation.
Check structure.json for components or boundaries with representedModel references. If found, display the cross-model gap warning per the model-reviewer's Cross-Model Gap Detection protocol.
[done] Review complete. Quality: X/100 (<label>).
[next] /dethereal:enrich (fill gaps) or /dethereal:sync push (publish)
A lightweight structural validation without quality scoring. Useful for catching errors before enrichment.
Run each check and display as [PASS], [FAIL], or [WARN]:
name and description; structure.json has boundaries array; dataflows.json has dataFlows arraysourceId and targetId values exist in structure.json (as component or external entity IDs)attributes/ whose element ID no longer exists in model files (warning)mcp__plugin_dethereal_dethereal__validate_model_json(action: 'validate') for full schema validation## Structural Validation: <Model Name>
Checks:
[PASS] Required fields present
[PASS] ID uniqueness (N elements, 0 duplicates)
[FAIL] Reference integrity: 2 flows reference missing components
- Flow "user-login" references source "auth-proxy" (not found)
- Flow "cache-read" references target "old-redis" (not found)
[WARN] 1 orphaned component: "Legacy Gateway" (no data flows)
[PASS] No empty boundaries
[PASS] No orphaned attribute files
[PASS] Schema validation passed
Result: 1 failure, 1 warning. Fix reference integrity before sync.
[done] Structural validation complete. N checks passed, M failed, K warnings.
[next] Fix reported issues, then /dethereal:review (full quality assessment)