Name: Attack Tree Construction
Author: sickn33

name	attack-tree-construction
description	Build comprehensive attack trees to visualize threat paths. Use when mapping attack scenarios, identifying defense gaps, or communicating security risks to stakeholders.
risk	offensive
source	community
date_added	2026-02-27

AUTHORIZED USE ONLY: Use this skill only for authorized security assessments, defensive validation, or controlled educational environments.

Attack Tree Construction

Systematic attack path visualization and analysis.

Confirm scope, assets, and the attacker goal for the root node.
Decompose into sub-goals with AND/OR structure.
Annotate leaves with cost, skill, time, and detectability.
Map mitigations per branch and prioritize high-impact paths.
If detailed templates are required, open resources/implementation-playbook.md.

resources/implementation-playbook.md for detailed patterns, templates, and examples.

Use this skill only when the task clearly matches the scope described above.
Do not treat the output as a substitute for environment-specific validation, testing, or expert review.
Stop and ask for clarification if required inputs, permissions, safety boundaries, or success criteria are missing.

name	attack-tree-construction
description	Build comprehensive attack trees to visualize threat paths. Use when mapping attack scenarios, identifying defense gaps, or communicating security risks to stakeholders.
risk	offensive
source	community
date_added	2026-02-27

AUTHORIZED USE ONLY: Use this skill only for authorized security assessments, defensive validation, or controlled educational environments.

Systematic attack path visualization and analysis.

Confirm scope, assets, and the attacker goal for the root node.
Decompose into sub-goals with AND/OR structure.
Annotate leaves with cost, skill, time, and detectability.
Map mitigations per branch and prioritize high-impact paths.
If detailed templates are required, open resources/implementation-playbook.md.

resources/implementation-playbook.md for detailed patterns, templates, and examples.

Use this skill only when the task clearly matches the scope described above.
Do not treat the output as a substitute for environment-specific validation, testing, or expert review.
Stop and ask for clarification if required inputs, permissions, safety boundaries, or success criteria are missing.

attack-tree-construction