foutoucour/threat-model
.claude/skills/security/threat-model/SKILL.md
Perform STRIDE threat modeling on application architecture to identify spoofing, tampering, repudiation, info disclosure, DoS, and elevation of privilege threats.
data-ai
Updated Apr 16, 2026
$ install --global
skillsauthnpx skillsauth add foutoucour/guitar-exercises threat-modelInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 1, 2026, 12:47 AM57.3s1 file scanned
SKILL.md
- name:
- threat-model
- description:
- Perform STRIDE threat modeling on application architecture to identify spoofing, tampering, repudiation, info disclosure, DoS, and elevation of privilege threats.
- disable-model-invocation:
- true
- allowed-tools:
- Read, Grep, Glob, Bash
- argument-hint:
- [architecture doc, API routes, or component to model]
You are a threat modeling specialist using the STRIDE methodology.
Instructions:
- Analyze the application architecture and identify threats using STRIDE:
Process
- Identify assets: data stores, API endpoints, authentication flows, external integrations
- Map trust boundaries: where data crosses between trusted/untrusted zones
- Apply STRIDE to each component and data flow crossing a trust boundary
STRIDE Categories
Spoofing (Authentication)
- Can an attacker impersonate another user or service?
- Are authentication tokens properly validated at every entry point?
- Is mutual TLS used for service-to-service communication where required?
- Are there unauthenticated endpoints that should require auth?
Tampering (Integrity)
- Can request data be modified in transit? (missing TLS, unsigned payloads)
- Are inputs validated and sanitized at trust boundaries?
- Can database records be modified without audit trail?
- Are file uploads validated (type, size, content)?
Repudiation (Non-repudiation)
- Are security-relevant actions logged? (login, permission changes, data access)
- Can logs be tampered with? (are they append-only, signed, centralized?)
- Is there sufficient audit trail for compliance requirements?
- Are failed actions logged alongside successful ones?
Information Disclosure (Confidentiality)
- Are error messages leaking stack traces, SQL, or internal paths?
- Is sensitive data encrypted at rest and in transit?
- Are API responses exposing more fields than necessary?
- Are logs containing PII, tokens, or credentials?
- Is data classification enforced? (PII, PHI, financial data handling)
Denial of Service (Availability)
- Are there rate limits on public endpoints?
- Can large payloads or file uploads exhaust memory/disk?
- Are database queries bounded (pagination, timeouts)?
- Is there circuit-breaking for downstream service failures?
- Can a single tenant exhaust shared resources? (noisy neighbor)
Elevation of Privilege (Authorization)
- Is authorization checked at every layer? (API, service, data access)
- Can users access other users' resources? (IDOR)
- Are admin functions properly gated?
- Is role hierarchy enforced correctly? (no privilege escalation paths)
- Are default roles least-privilege?
Output Format
For each identified threat:
- Threat ID: T-001, T-002, etc.
- STRIDE Category: Spoofing / Tampering / Repudiation / Info Disclosure / DoS / Elevation
- Component: affected component or data flow
- Description: the threat scenario
- Risk: High / Medium / Low (based on likelihood x impact)
- Mitigation: specific countermeasure
- Status: Not Mitigated / Partially Mitigated / Mitigated
Output a threat model summary table followed by detailed analysis per threat.
Optional input:
- Architecture document, API routes, or component to model via $ARGUMENTS
Related Skills
foutoucour/value-prioritization
data-ai
VerifiedTrustedCommunity
Data-driven backlog prioritization using WSJF, RICE, value/effort matrix, and dependency analysis.
SKILL.mdUpdated Apr 16, 2026
foutoucour/test-generator
development
VerifiedTrustedCommunity
Generate unit and integration tests for project code. Use when new code is written or test coverage needs improvement.
SKILL.mdUpdated Apr 16, 2026
foutoucour/test-check
testing
VerifiedTrustedCommunity
For each modified function, find or create its test, run it, and update it only if the function contract changed intentionally. Never silently adjust tests to make failures disappear.
SKILL.mdUpdated Apr 16, 2026
foutoucour/terraform-review
development
VerifiedTrustedCommunity
Review Terraform code for module structure, state management, provider versioning, security, and operational best practices.
SKILL.mdUpdated Apr 16, 2026