--- name: security:threat-model description: Interactive threat modeling using STRIDE and MAESTRO frameworks — guides architecture analysis and generates threat model document allowed-tools: Read, Glob, Grep, AskUserQuestion, Agent model: sonnet --- # /security threat-model Interactive threat modeling — STRIDE x MAESTRO, 5-phase interview, complete threat model document. ## Run Session Spawn `subagent_type: "llm-security:threat-modeler-agent"`, `model: "opus"`: > Run the full 5-phase interactive threat modeling session. > Read these knowledge files (absolute paths): > - \/knowledge/skill-threat-patterns.md > - \/knowledge/mcp-threat-patterns.md > Follow your interview workflow: Architecture Discovery → Component Mapping → Threat Identification (STRIDE x MAESTRO) → Risk Assessment → Mitigation Mapping. > Output the complete threat model document directly to the conversation. ## After Session - To save: ask user if they want it written to `threat-model.md` - To verify mitigations: `/security posture` - For production readiness: `/security pre-deploy` ## HTML Report After the threat-modeler agent has produced the complete threat-model markdown document: 1. Compute a temp markdown path: ```bash node -p "require('path').join(require('os').tmpdir(), 'sec-threat-model-' + Date.now() + '.md')" ``` 2. Use the Write tool to save the **entire threat-model markdown you just produced** (Architecture Discovery + Component Mapping + STRIDE × MAESTRO threat matrix + Risk Assessment + Mitigation Mapping) to that temp path. Verbatim. 3. Run the renderer: ```bash node /scripts/render-report.mjs threat-model --in "" ``` The CLI writes `reports/threat-model-.html` relative to CWD and prints `file:///abs/path.html` on stdout. 4. Append to your response (markdown link, no bare URL): > **HTML report:** [Open in browser](file:///abs/path.html) If the CLI exits non-zero, mention the error but do not block — the markdown threat-model document above is the primary deliverable.