open/ktg-plugin-marketplace
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity Actions
ktg-plugin-marketplace/plugins/llm-security/commands/threat-model.md

1.1 KiB
Raw Blame History

name description allowed-tools model
security:threat-model Interactive threat modeling using STRIDE and MAESTRO frameworks — guides architecture analysis and generates threat model document Read, Glob, Grep, AskUserQuestion, Agent sonnet

/security threat-model

Interactive threat modeling — STRIDE x MAESTRO, 5-phase interview, complete threat model document.

Run Session

Spawn subagent_type: "llm-security:threat-modeler-agent", model: "opus":

Run the full 5-phase interactive threat modeling session. Read these knowledge files (absolute paths):

  • <plugin-root>/knowledge/skill-threat-patterns.md
  • <plugin-root>/knowledge/mcp-threat-patterns.md Follow your interview workflow: Architecture Discovery → Component Mapping → Threat Identification (STRIDE x MAESTRO) → Risk Assessment → Mitigation Mapping. Output the complete threat model document directly to the conversation.

After Session

  • To save: ask user if they want it written to threat-model.md
  • To verify mitigations: /security posture
  • For production readiness: /security pre-deploy