ivan-sincek/threat-modeling-agent-skills

# Threat Modeling Agent Skills Easy-to-use, high-efficiency threat modeling agent skills. Made for educational purposes. I hope it will help! Future plans: * add PASTA and DREAD threat modeling frameworks, * add an option to output results as JSON. ## Table of Contents * [Frameworks](#frameworks) * [STRIDE](#stride) * [PASTA](#pasta) * [DREAD](#dread) * [How to Use](#how-to-use) * [Static Markdown Report](#static-markdown-report) * [Interactive HTML Report](#interactive-html-report) ## Frameworks ### STRIDE **Skill:** [stride-threat-modeling-framework/SKILL.md](https://github.com/ivan-sincek/threat-modeling-agent-skills/blob/main/stride-threat-modeling-framework/SKILL.md) **Description:** * STRIDE is a software-centric / system-centric threat modeling framework used to identify threats. * Applies structured single-step kill chain thinking with no consideration of business context, objectives, and impact. * Scoped to the application. **Example:** [examples/STRIDE_RESULTS.md](https://github.com/ivan-sincek/threat-modeling-agent-skills/blob/main/examples/STRIDE_RESULTS.md) ### PASTA In progress... **Skill:** [pasta-threat-modeling-framework/SKILL.md](https://github.com/ivan-sincek/threat-modeling-agent-skills/blob/main/pasta-threat-modeling-framework/SKILL.md) **Description:** * PASTA is a risk-centric threat modeling framework used to identify risks. * Applies structured multi-step kill chain thinking with strong consideration of business context, objectives, and impact. * Scoped to the application and its environment. **Example:** N/A ### DREAD **Skill:** N/A **Description:** * DREAD is a risk scoring and prioritization framework. * Not used to identify threats / risks. **Example:** N/A ## How to Use ### Static Markdown Report Prompt: Use the provided threat modeling skill to analyze this project and generate the results in "THREAT_MODEL.md". ### Interactive HTML Report Prompt: Export "THREAT_MODEL.md" to "THREAT_MODEL.html". Add Table of Contents. Make all non–key-value tables sortable. Mermaid CDN: https://cdn.jsdelivr.net/npm/mermaid@11.15.0/dist/mermaid.min.js