Can I generate test cases with this skill?

Yes, it automatically generates security test specifications and individual test cases based on the extracted requirements.

Does it format output for project management tools?

Yes, it can export requirements in markdown format, structured as user stories that are easy to import into tools like Jira or GitHub Issues.

What frameworks does this skill support?

The skill uses the STRIDE threat modeling framework and supports mappings for compliance standards including OWASP, GDPR, HIPAA, SOC2, and PCI DSS.

How does it help with compliance audits?

It generates a traceability matrix that provides a clear link between identified threats, compliance requirements, and the technical controls implemented to mitigate them.

Security Requirement Extractor

Name: Security Requirement Extractor
Author: pur3v4d3r

bypur3v4d3r

•

Security & Testing

Transforms threat analysis and business contexts into actionable, testable security requirements and user stories.

This skill bridges the gap between high-level security analysis and technical implementation by automatically deriving structured security requirements from threat models. Using frameworks like STRIDE, it maps potential risks to specific functional requirements, technical controls, and compliance standards. It provides developers and security engineers with a streamlined way to generate comprehensive security documentation, including traceability matrices, acceptance criteria, and detailed test specifications, ensuring that security is integrated into the development lifecycle from the start.

Key Features

01Built-in traceability matrix generation linking threats to requirements

02Generation of security-specific user stories with predefined acceptance criteria

03Mapping support for compliance frameworks like GDPR, HIPAA, and PCI DSS

04Automated threat-to-requirement mapping based on STRIDE categories

05Creation of detailed security test specifications and verification cases

061 GitHub stars

Use Cases

01Generating a security traceability matrix for compliance audits and reporting

02Building security test plans based on identified system risks and technical constraints

03Translating an architectural threat model into a development backlog of security stories

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add pur3v4d3r/pur3-pkb-codebase security-requirement-extraction

For use in Claude.ai and ChatGPT

Download Skill