What is the output of a security analysis?

The skill produces a structured Threat Model Report including identified threats, risk levels, and specific technical or process-based mitigation recommendations.

Does it support cloud platforms like AWS or Azure?

Yes, it is designed to analyze architectures across Web, Cloud (AWS/GCP/Azure), IoT, and Mobile environments.

Can I use this for existing code or just new designs?

While it is most effective during the design phase to 'shift left' on security, it can be used to review existing architectures and identify legacy vulnerabilities.

How are security risks prioritized?

Risks are classified by severity and can be further refined using the DREAD scoring system, which evaluates Damage, Reproducibility, Exploitability, Affected Users, and Discoverability.

Security Threat Modeler

Name: Security Threat Modeler
Author: organvm-iv-taxis

byorganvm-iv-taxis

•

セキュリティとテスト

Analyzes system architectures using the STRIDE methodology to identify security vulnerabilities and propose actionable mitigation strategies.

The Security Threat Modeler skill empowers Claude to act as a Senior Security Architect, providing a systematic approach to uncovering vulnerabilities within software designs. By decomposing systems into Data Flow Diagrams (DFDs) and identifying trust boundaries, the skill applies the STRIDE framework—Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege—to ensure comprehensive coverage of the attack surface. It is ideal for developers and architects who need to integrate security into the design phase, offering detailed risk ranking via DREAD and specific technical controls to harden systems against modern threats.

主な機能

01Actionable mitigation plans based on industry standards like OWASP

022 GitHub stars

03DREAD methodology for granular risk scoring

04Structured Threat Model Report generation

05STRIDE-based systematic vulnerability identification

06Data Flow Diagram (DFD) and Trust Boundary analysis

ユースケース

01Conducting security reviews for new cloud-based microservices architectures

02Identifying potential attack vectors in mobile or IoT authentication flows

03Generating documentation for compliance-driven security audits

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add organvm-iv-taxis/a-i--skills security-threat-modeler

For use in Claude.ai and ChatGPT

主な機能

01Actionable mitigation plans based on industry standards like OWASP

022 GitHub stars

03DREAD methodology for granular risk scoring

04Structured Threat Model Report generation

05STRIDE-based systematic vulnerability identification

06Data Flow Diagram (DFD) and Trust Boundary analysis

ユースケース

01Conducting security reviews for new cloud-based microservices architectures

02Identifying potential attack vectors in mobile or IoT authentication flows

03Generating documentation for compliance-driven security audits

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add organvm-iv-taxis/a-i--skills security-threat-modeler

For use in Claude.ai and ChatGPT