| name | threat-model |
| description | Perform STRIDE threat modeling on the application architecture. Use when user says "threat model", "STRIDE analysis", "identify threats", or "security architecture review". Systematically identifies threats, assesses risks with DREAD scoring, and recommends mitigations. |
| user-invocable | true |
| allowed-tools | Read, Grep, Glob, Bash |
| context | fork |
| agent | threat-modeler |
| argument-hint | [target-component or 'full'] |
| metadata | {"version":"3.0.0","updated":"2025-02"} |
Threat Modeling
Perform systematic threat modeling on $ARGUMENTS using STRIDE methodology.
Reference: Microsoft Threat Modeling
Modeling Strategy
- Identify the system scope and assets
- Create a Data Flow Diagram (DFD)
- Identify trust boundaries
- Apply STRIDE to each component and data flow
- Assess risk severity using DREAD
- Prioritize and recommend mitigations
Dynamic Context
Architecture overview:
!cat README.md 2>/dev/null | head -50 || cat ARCHITECTURE.md 2>/dev/null | head -50 || echo "No architecture docs found"
Authentication components:
!grep -rl "auth\|jwt\|session\|oauth\|passport" --include="*.py" --include="*.js" --include="*.ts" --include="*.go" 2>/dev/null | head -10
Data stores:
!grep -rl "database\|redis\|mongo\|postgres\|mysql\|sqlite" --include="*.py" --include="*.js" --include="*.ts" --include="*.go" --include="*.yaml" --include="*.yml" 2>/dev/null | head -10
API endpoints:
!grep -rn "app\.\(get\|post\|put\|delete\|patch\)\|@app\.route\|router\.\|@Get\|@Post" --include="*.py" --include="*.js" --include="*.ts" 2>/dev/null | head -15
References
Related Skills
Resources
Guardrails
- Prefer measured evidence over blanket rules of thumb.
- Ask for explicit human approval before destructive data operations (drops/deletes/truncates).