threat-modeling

Threat modeling workflow for software systems: scope, data flow diagrams, STRIDE analysis, risk scoring, and turning mitigations into backlog and tests

9Star

2Fork

更新于 1/29/2026

获取 Skill 源代码

SKILL.md

readonly只读

name

threat-modeling

description

"Threat modeling workflow for software systems: scope, data flow diagrams, STRIDE analysis, risk scoring, and turning mitigations into backlog and tests"

version

1.0.0

Threat Modeling (STRIDE)

Outputs (Definition of Done)

Produce a data flow diagram, a threat register, and a mitigation plan that becomes tickets and tests.

Load Next (References)

references/stride-workshop.md — step-by-step workshop agenda + DFD guidance
references/common-threats-and-mitigations.md — threat catalog with mitigations
references/templates.md — copy/paste templates for docs and tickets

Related Skills

verify

243K

Use when you want to validate changes before committing, or when you need to check all React contribution requirements.

facebook

获取

test

243K

Use when you need to run tests for React core. Supports source, www, stable, and experimental channels.

facebook

获取

feature-flags

243K

Use when feature flag tests fail, flags need updating, understanding @gate pragmas, debugging channel-specific test failures, or adding new flags to React.

facebook

获取

extract-errors

243K

Use when adding new error messages to React, or seeing "unknown error code" warnings.

facebook

获取

flow

243K

Use when you need to run Flow type checking, or when seeing Flow type errors in React code.

facebook

获取

flags

243K

Use when you need to check feature flag states, compare channels, or debug why a feature behaves differently across release channels.

facebook

获取

threat-modeling

Threat Modeling (STRIDE)

Outputs (Definition of Done)

Load Next (References)

You Might Also Like

Related Skills

verify

test

feature-flags

extract-errors

flow

flags