threat-modeling
Threat modeling workflow for software systems: scope, data flow diagrams, STRIDE analysis, risk scoring, and turning mitigations into backlog and tests
What this skill does
# Threat Modeling (STRIDE) ## Outputs (Definition of Done) Produce a data flow diagram, a threat register, and a mitigation plan that becomes tickets and tests. ## Load Next (References) - `references/stride-workshop.md` — step-by-step workshop agenda + DFD guidance - `references/common-threats-and-mitigations.md` — threat catalog with mitigations - `references/templates.md` — copy/paste templates for docs and tickets
Related in universal
headlessui
IncludedHeadless UI - Unstyled, fully accessible UI components for React and Vue with built-in ARIA patterns
mpm-orchestration-demo
IncludedReference implementation demonstrating the Command → Agent → Skill orchestration pattern in Claude MPM, showing both preloaded-skill and dynamic-skill-invocation styles
kubernetes
IncludedKubernetes operations playbook for deploying services: core objects, probes, resource sizing, safe rollouts, and fast kubectl debugging
opentelemetry
IncludedOpenTelemetry observability patterns: traces, metrics, logs, context propagation, OTLP export, Collector pipelines, and troubleshooting
terraform
IncludedTerraform infrastructure-as-code workflow patterns: state and environments, module design, safe plan/apply, drift control, and CI guardrails
sec-edgar-pipeline
IncludedSEC EDGAR extraction pipeline: setup, filing discovery by CIK, recipe-driven extraction, and report generation.