How does this skill detect changes?

It compares your current threat model state files against a saved baseline JSON snapshot to identify added, removed, or modified components across assets, flows, and controls.

Do I need a baseline to use tm-drift?

Yes, you can create a baseline using the --create-baseline flag, which serves as the 'source of truth' for all future security comparisons.

What is security drift?

Security drift occurs when the actual state of a system's architecture or controls deviates from its original security design, often introducing unmanaged risks during rapid development.

Can I use this for compliance monitoring?

Absolutely. By tracking control status changes and asset modifications, it provides an audit trail for maintaining compliance with frameworks like SOC2, HIPAA, or ISO 27001.

Security Drift Detection

Name: Security Drift Detection
Author: josemlopez

byjosemlopez

0•

セキュリティとテスト

Monitors and reports architectural changes to identify security drift and new potential risks in your threat model.

The Security Drift Detection skill enables developers and security engineers to track the evolution of their system's security posture by comparing current architectural states against established baselines. It automatically detects new assets, modified data flows, and degraded security controls, providing a structured drift report that highlights new attack surfaces and provides actionable recommendations for risk mitigation. This is essential for maintaining a continuous security posture in rapidly changing development environments.

主な機能

01Detailed drift reporting with risk impact assessments

02Identification of new potential threats based on architectural changes

030 GitHub stars

04Baseline snapshots of complete threat model states

05Tracking of security control degradation and status changes

06Automated comparison of assets, data flows, and trust boundaries

ユースケース

01Automating security reviews by identifying new attack surfaces in PRs

02Monitoring for 'security drift' where controls are inadvertently removed or degraded

03Validating security posture after major code refactors or feature releases

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add josemlopez/threat-modeling-toolkit tm-drift

For use in Claude.ai and ChatGPT

Download Skill