PramodDutta/Security Threat Modeling
seed-skills/security-threat-model/SKILL.md
Repository-grounded threat modeling that enumerates trust boundaries, assets, attacker capabilities, abuse paths, and mitigations to produce actionable AppSec-grade threat models.
$ install --global
skillsauthnpx skillsauth add PramodDutta/qaskills Security Threat ModelingInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 15, 2026, 10:03 AM62.2s1 file scanned
SKILL.md
- name:
- Security Threat Modeling
- description:
- Repository-grounded threat modeling that enumerates trust boundaries, assets, attacker capabilities, abuse paths, and mitigations to produce actionable AppSec-grade threat models.
- version:
- 1.0.0
- author:
- openai
- license:
- MIT
- tags:
- [threat-model, security, appsec, trust-boundaries, abuse-paths]
- testingTypes:
- [security]
- frameworks:
- []
- languages:
- [python, typescript, javascript, go, java]
- domains:
- [web, api, backend, infrastructure]
- agents:
- [claude-code, cursor, github-copilot, windsurf, codex, aider, continue, cline, zed, bolt]
Security Threat Modeling
Deliver an actionable AppSec-grade threat model specific to the repository, not a generic checklist. Anchor every architectural claim to evidence in the repo and keep assumptions explicit. Prioritize realistic attacker goals and concrete impacts.
Workflow
1. Scope and Extract the System Model
- Identify primary components, data stores, and external integrations from the repo
- Identify how the system runs (server, CLI, library, worker) and its entrypoints
- Separate runtime behavior from CI/build/dev tooling and from tests/examples
- Map in-scope locations and exclude out-of-scope items explicitly
- Do not claim components, flows, or controls without evidence
2. Derive Boundaries, Assets, and Entry Points
- Enumerate trust boundaries as concrete edges between components
- Note protocol, auth, encryption, validation, and rate limiting at each boundary
- List assets that drive risk: data, credentials, models, config, compute resources, audit logs
- Identify entry points: endpoints, upload surfaces, parsers, job triggers, admin tooling
3. Calibrate Attacker Capabilities
- Describe realistic attacker capabilities based on exposure and intended usage
- List assets that drive risk: credentials, PII, integrity-critical state, availability
- Explicitly note non-capabilities to avoid inflated severity
4. Enumerate Threats as Abuse Paths
- Map attacker goals to assets and boundaries
- Focus on: exfiltration, privilege escalation, integrity compromise, denial of service
- Classify each threat and tie it to impacted assets
- Keep the number of threats small but high quality
5. Prioritize with Explicit Reasoning
- Use qualitative likelihood and impact (low/medium/high) with short justifications
- Set overall priority (critical/high/medium/low) using likelihood x impact
- State which assumptions most influence the ranking
6. Validate with the User
- Summarize key assumptions that affect threat ranking or scope
- Ask 1-3 targeted questions to resolve missing context
- Pause and wait for user feedback before producing the final report
7. Recommend Mitigations
- Distinguish existing mitigations (with evidence) from recommended mitigations
- Tie mitigations to concrete locations and control types
- Prefer specific implementation hints over generic advice
8. Quality Check
- Confirm all entrypoints are covered
- Confirm each trust boundary is represented in threats
- Confirm runtime vs CI/dev separation
- Write the final Markdown to
<repo-name>-threat-model.md
Risk Prioritization Guidance
- High: Pre-auth RCE, auth bypass, cross-tenant access, sensitive data exfiltration, key/token theft, sandbox escape
- Medium: Targeted DoS, partial data exposure, rate-limit bypass, log poisoning
- Low: Low-sensitivity info leaks, noisy DoS with easy mitigation, unlikely preconditions
Related Skills
PramodDutta/Vitest Migration & Config
testing
VerifiedTrustedCommunity
Teaches the agent to migrate a Jest suite to Vitest — vi.mock and the globals shim, vitest.config workspaces/projects, coverage, browser mode, and Vitest v4 breaking changes.
137SKILL.mdUpdated Jun 5, 2026
PramodDutta/Testcontainers Reuse (Node)
testing
VerifiedTrustedCommunity
Teaches the agent to speed up Node integration tests with Testcontainers reuse — withReuse(true), TESTCONTAINERS_REUSE_ENABLE, the .testcontainers.properties opt-in, stable hashing for Postgres/MySQL/Kafka, and Ryuk/CI caveats.
137SKILL.mdUpdated Jun 5, 2026
PramodDutta/Selenium to Playwright Migration
development
VerifiedTrustedCommunity
Port a Java Selenium suite to Playwright TypeScript - locator mapping, WebDriverWait to auto-wait, Grid to workers, Page Object port, with before/after code and a phased checklist.
137SKILL.mdUpdated Jun 5, 2026
PramodDutta/RAG Regression Testing
development
VerifiedTrustedCommunity
Gate RAG pipelines in CI with versioned golden eval sets, per-metric thresholds, baseline drift detection, and a build that fails when retrieval or answer quality regresses.
137SKILL.mdUpdated Jun 5, 2026