Threat Modeling Expert
v1.0.1Threat modeling with STRIDE, PASTA, and attack trees. Analyze architectures for security gaps, extract security requirements, build data flow diagrams, and p...
⭐ 0· 110·0 current·0 all-time
bySolomon Neas@solomonneas
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name and description match the SKILL.md: it provides high-level threat modeling methods (STRIDE, PASTA, attack trees) and related activities. There are no unrelated requirements (no binaries, env vars, or installs) that conflict with the stated purpose.
Instruction Scope
SKILL.md contains high-level, appropriate steps for threat modeling (define scope, DFDs, apply STRIDE, build attack trees, score threats, design mitigations). Instructions do not direct the agent to read system files, environment variables, or external endpoints, nor do they request collecting unrelated data.
Install Mechanism
No install spec and no code files — the skill is instruction-only, so nothing is written to disk or fetched during install.
Credentials
The skill requests no environment variables, credentials, or config paths. This is proportionate for a guidance/analysis skill.
Persistence & Privilege
always is false and the skill does not request persistent system presence or elevated privileges. Autonomous invocation is allowed (platform default) but not itself a concern here.
Assessment
This skill is coherent and appears safe to install: it only provides high-level threat-modeling guidance and does not request credentials or install software. However, do not paste sensitive production secrets, credentials, or private keys into the model's prompts or threat models. Ensure you have authorization to share any architecture diagrams or data you submit, and treat outputs as advisory (not a replacement for hands-on security review or compliance certification).Like a lobster shell, security has layers — review code before you run it.
latestvk97cfk1kef1tcjzs69ka9chqn583882k
License
MIT-0
Free to use, modify, and redistribute. No attribution required.