Can I export the threat model status data?

Yes, you can use the --format json argument to generate machine-readable output for use in other security tools or documentation.

What is baseline comparison in tm-status?

Baseline comparison allows you to see exactly how your security posture has changed (assets added, threats mitigated) since your last saved security snapshot.

Which threat modeling frameworks are supported?

The skill primarily supports the STRIDE and PASTA frameworks for threat categorization, but it can be adapted for various security modeling needs.

How do I start a new threat model if none exists?

If no model is detected, tm-status will provide a 'Getting Started' guide, recommending commands like /tm-init or /tm-full to begin discovery.

Threat Modeling Status

Name: Threat Modeling Status
Author: josemlopez

byjosemlopez

0•

Security & Testing

Displays a comprehensive overview of security posture, including asset counts, threat distribution, and compliance coverage within Claude Code.

The tm-status skill provides a centralized dashboard for managing your application's security posture. It aggregates data from the Threat Modeling Toolkit to show a detailed breakdown of discovered assets, data flows crossing trust boundaries, and threats categorized by severity and STRIDE framework. By tracking control implementation and verification status, it helps teams identify critical gaps and monitor compliance against industry standards like OWASP and SOC2, ensuring security remains a priority throughout the development lifecycle.

Key Features

01Real-time tracking of security control implementation and verification

02Categorized threat distribution by STRIDE and severity levels

03Visual summaries of assets, data flows, and attack surfaces

04Baseline comparisons to monitor security drift and recent changes

050 GitHub stars

06Compliance mapping for OWASP Top 10 and SOC2 frameworks

Use Cases

01Reviewing the current security state and unmitigated risks of an application

02Generating status reports for stakeholders regarding compliance and security coverage

03Identifying high-priority security gaps that require immediate remediation

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add josemlopez/threat-modeling-toolkit tm-status

For use in Claude.ai and ChatGPT

Download Skill