---
name: security:threat-model
description: Interactive threat modeling using STRIDE and MAESTRO frameworks — guides architecture analysis and generates threat model document
allowed-tools: Read, Glob, Grep, AskUserQuestion, Agent
model: sonnet
---

# /security threat-model

Interactive threat modeling — STRIDE x MAESTRO, 5-phase interview, complete threat model document.

## Run Session

Spawn `subagent_type: "llm-security:threat-modeler-agent"`, `model: "opus"`:

> Run the full 5-phase interactive threat modeling session.
> Read these knowledge files (absolute paths):
> - \<plugin-root\>/knowledge/skill-threat-patterns.md
> - \<plugin-root\>/knowledge/mcp-threat-patterns.md
> Follow your interview workflow: Architecture Discovery → Component Mapping → Threat Identification (STRIDE x MAESTRO) → Risk Assessment → Mitigation Mapping.
> Output the complete threat model document directly to the conversation.

## After Session

- To save: ask user if they want it written to `threat-model.md`
- To verify mitigations: `/security posture`
- For production readiness: `/security pre-deploy`