Claude Code Plugins

Community-maintained marketplace

Feedback

threat-modeling

@dralgorhythm/claude-agentic-framework
1
0

Identify and analyze security threats. Use when designing systems, reviewing architecture, or assessing risk. Covers STRIDE methodology.

Install Skill

1Download skill
2Enable skills in Claude

Open claude.ai/settings/capabilities and find the "Skills" section

3Upload to Claude

Click "Upload skill" and select the downloaded ZIP file

Note: Please verify skill by going through its instructions before using it.

SKILL.md

name threat-modeling
description Identify and analyze security threats. Use when designing systems, reviewing architecture, or assessing risk. Covers STRIDE methodology.
allowed-tools Read, Write, Glob, Grep, mcp__serena__*, mcp__sequential-thinking__*

Threat Modeling

MCP Tools

Sequential Thinking (systematic analysis): Use for structured STRIDE analysis:

  1. Enumerate each threat category systematically
  2. Consider attack vectors step-by-step
  3. Evaluate mitigations with pros/cons
  4. Document reasoning for risk acceptance

Serena (attack surface mapping):

  • get_symbols_overview — Map entry points and APIs
  • find_symbol — Locate security-critical functions
  • find_referencing_symbols — Trace data flow from inputs

Why Threat Model?

  • Identify threats early
  • Prioritize security efforts
  • Document security assumptions
  • Guide security testing

STRIDE Methodology

Use Sequential Thinking to work through each category:

S - Spoofing

Pretending to be someone else.

  • Example: Forged authentication tokens
  • Mitigation: Strong authentication, MFA

T - Tampering

Modifying data without authorization.

  • Example: Changing request parameters
  • Mitigation: Integrity checks, signatures
  • Trace with Serena: Find all input handlers

R - Repudiation

Denying an action occurred.

  • Example: User denies making transaction
  • Mitigation: Audit logging, non-repudiation

I - Information Disclosure

Exposing confidential data.

  • Example: API returns sensitive fields
  • Mitigation: Encryption, access controls
  • Trace with Serena: Find data return points

D - Denial of Service

Making system unavailable.

  • Example: Resource exhaustion attack
  • Mitigation: Rate limiting, auto-scaling

E - Elevation of Privilege

Gaining unauthorized access.

  • Example: User becomes admin
  • Mitigation: Least privilege, input validation
  • Trace with Serena: Find authorization checks

Threat Modeling Process

1. Decompose System

  • Use get_symbols_overview to identify entry points
  • Draw data flow diagrams
  • Identify trust boundaries

2. Identify Threats

Use Sequential Thinking to systematically ask STRIDE questions for each component.

3. Trace Data Flow

Use find_referencing_symbols to trace:

  • User input → processing → storage
  • Authentication token flow
  • Sensitive data paths

4. Rate Threats

Use DREAD or CVSS scoring:

  • Damage potential
  • Reproducibility
  • Exploitability
  • Affected users
  • Discoverability

5. Mitigate

  • Avoid: Remove the feature
  • Transfer: Use third-party
  • Mitigate: Add controls
  • Accept: Document risk (use Sequential Thinking to justify)

Threat Model Document

## Asset: User Database

### Threats
| Threat | Type | Likelihood | Impact | Risk |
|--------|------|------------|--------|------|
| SQL Injection | Tampering | Medium | High | High |
| Data Breach | Info Disclosure | Low | Critical | High |

### Mitigations
1. Parameterized queries
2. Encryption at rest
3. Access logging