Skill
security
✓ Verified
NEW
Free
Threat Model Analyst
Run a STRIDE-based threat modeling pass on your system architecture and surface actionable security findings.
4.8(42 reviews)
12,800 installs
by GitHub
About
Performs structured threat modeling using the STRIDE methodology (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege). Reads your architecture description or diagrams, identifies trust boundaries, and produces a prioritized list of threats with mitigations.
Tags
securitystridethreat-modelingarchitecture
Skill Instructions Preview
# Threat Model Analyst Apply STRIDE to the target architecture. ## Steps 1. Read architecture description or diagrams 2. Identify assets, actors, trust boundaries 3. For each component, walk STRIDE: - **S**poofing — identity threats - **T**ampering — data integrity threats - **R**epudiation — non-repudiation threats - **I**nformation Disclosure — confidentiality threats - **D**enial of Service — availability threats - **E**levation of Privilege — authorization threats 4. Score each finding: Likelihood × Impact 5. Propose mitigation for each threat 6. Output: prioritized table with severity Never recommend bypassing existing controls.
Related Skills
Skill⭐
securityFREE
AI Security Code Reviewer
Trace data flows across files to find injection flaws, auth bugs, secrets, and crypto issues with severity ratings.
securityowaspvulnerabilities
G
GitHub4.8(248)
98k
★6.2k
Skill⭐
planningFREE
Implementation Planner
Break down a feature request into a step-by-step implementation plan with files to touch and risks identified.
planningarchitecturefeature
G
GitHub4.9(178)
71k
★4.5k
Install
# Add as Claude Code slash command: curl -fsSL "https://raw.githubusercontent.com/github/awesome-copilot/main/skills/threat-model-analyst/SKILL.md" \ -o ~/.claude/commands/threat-model-analyst.md
Compatible with
claude codecursor
Trigger phrase
/threat-modelG
GitHub
@github