security-threat-model
✓Use when designing or reviewing systems handling sensitive data (PII, PHI, financial, auth credentials), building features with security implications (auth, payments, file uploads, APIs), preparing for security audits or compliance (PCI, HIPAA, SOC 2), investigating security incidents, integrating third-party services, or when user mentions "threat model", "security architecture", "STRIDE", "trust boundaries", "attack surface", or "security review".
Installation
SKILL.md
Security Threat Modeling systematically identifies vulnerabilities, threats, and mitigations for systems handling sensitive data. It transforms ad-hoc security thinking into structured analysis using STRIDE methodology, trust boundary mapping, and defense-in-depth principles.
Document components, external services, users, data stores, and communication paths. See Common Patterns for architecture examples. For straightforward systems → Use resources/template.md.
Mark where data crosses security domains (user → server, server → database, internal → third-party). See Trust Boundary Mapping for boundary types.
Use when designing or reviewing systems handling sensitive data (PII, PHI, financial, auth credentials), building features with security implications (auth, payments, file uploads, APIs), preparing for security audits or compliance (PCI, HIPAA, SOC 2), investigating security incidents, integrating third-party services, or when user mentions "threat model", "security architecture", "STRIDE", "trust boundaries", "attack surface", or "security review". Source: lyndonkl/claude.
Facts (cite-ready)
Stable fields and commands for AI/search citations.
- Install command
npx skills add https://github.com/lyndonkl/claude --skill security-threat-model- Source
- lyndonkl/claude
- Category
- !Security
- Verified
- ✓
- First Seen
- 2026-02-01
- Updated
- 2026-02-18
Quick answers
What is security-threat-model?
Use when designing or reviewing systems handling sensitive data (PII, PHI, financial, auth credentials), building features with security implications (auth, payments, file uploads, APIs), preparing for security audits or compliance (PCI, HIPAA, SOC 2), investigating security incidents, integrating third-party services, or when user mentions "threat model", "security architecture", "STRIDE", "trust boundaries", "attack surface", or "security review". Source: lyndonkl/claude.
How do I install security-threat-model?
Open your terminal or command line tool (Terminal, iTerm, Windows Terminal, etc.) Copy and run this command: npx skills add https://github.com/lyndonkl/claude --skill security-threat-model Once installed, the skill will be automatically configured in your AI coding environment and ready to use in Claude Code or Cursor
Where is the source repository?
https://github.com/lyndonkl/claude
Details
- Category
- !Security
- Source
- skills.sh
- First Seen
- 2026-02-01