How does this skill help with threat modeling?

It provides a structured workflow using the STRIDE methodology (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege) and DREAD scoring to systematically identify and prioritize security risks.

Can it help me find vulnerabilities in my code?

Yes, it includes detailed secure code review checklists and identifies insecure vs. secure coding patterns for common issues like SQL injection, XSS, and improper secret handling.

How does it assist during a security incident?

The skill provides a multi-step incident response workflow that guides you through identification, containment, eradication of the root cause, recovery, and post-mortem analysis.

Does it support industry security standards?

Yes, it integrates guidance from the OWASP Top 10, Zero Trust principles, and common compliance frameworks to ensure your architecture meets modern security requirements.

Senior Security Engineering

Name: Senior Security Engineering
Author: micsapp

bymicsapp

0•

セキュリティとテスト

Provides a comprehensive security engineering toolkit for threat modeling, vulnerability analysis, and secure architecture design.

This skill equips Claude Code with the specialized knowledge of a senior security engineer, enabling it to perform systematic threat modeling using the STRIDE methodology, conduct vulnerability assessments based on OWASP standards, and design secure-by-default system architectures. It provides structured workflows for secure code reviews, incident response, and cryptographic implementation, ensuring that security is integrated throughout the entire software development lifecycle (SDLC) to mitigate risks like injection, broken authentication, and sensitive data exposure.

主な機能

01OWASP-aligned vulnerability assessment and remediation guidance

02Secure architecture design using defense-in-depth and Zero Trust

03Structured incident response and containment protocols

04STRIDE and DREAD threat modeling frameworks

050 GitHub stars

06Comprehensive secure code review checklists and pattern matching

ユースケース

01Performing a manual security audit of source code for injection and logic flaws

02Developing remediation plans for CVEs and discovered vulnerabilities

03Conducting a threat model for new features or complex system architectures

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add micsapp/micstec-skills senior-security

For use in Claude.ai and ChatGPT

主な機能

01OWASP-aligned vulnerability assessment and remediation guidance

02Secure architecture design using defense-in-depth and Zero Trust

03Structured incident response and containment protocols

04STRIDE and DREAD threat modeling frameworks

050 GitHub stars

06Comprehensive secure code review checklists and pattern matching

ユースケース

01Performing a manual security audit of source code for injection and logic flaws

02Developing remediation plans for CVEs and discovered vulnerabilities

03Conducting a threat model for new features or complex system architectures

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add micsapp/micstec-skills senior-security

For use in Claude.ai and ChatGPT