Threat Modeling

The threat-mitigation-mapping skill helps map identified threats to preventive, detective, and corrective controls across layers, supporting defense-in-depth, remediation planning, and control coverage review.

stride-analysis-patterns helps agents run a structured STRIDE threat-modeling pass for architectures, APIs, and data flows. Install from the wshobson/agents repo, read the SKILL.md file, and use it to turn system descriptions into categorized threats and control-focused review output.

security-requirement-extraction turns threat models and business context into testable security requirements, user stories, acceptance criteria, and backlog-ready outputs for Requirements Planning.

attack-tree-construction helps build structured attack trees for Threat Modeling with clear root goals, AND/OR branches, and testable leaf attacks. Use it to map attack paths, expose defense gaps, and support security review, testing, and mitigation planning.

anti-reversing-techniques is a reverse-engineering skill for authorized malware analysis, CTF work, packed binary triage, and security audits. It helps you identify anti-debugging, anti-VM, packing, and obfuscation patterns, then choose a practical analysis workflow using the core skill and advanced reference.

solidity-security is a focused Solidity audit and secure-coding skill for reviewing reentrancy, access control, unsafe external calls, and remediation patterns. Use it to prepare contracts for Security Audit, improve prompts, and get more structured review output than a generic audit request.