model
Installation
SKILL.md
Threat Modeling
Full architecture-level threat modeling with automated discovery, data flow
mapping, STRIDE-per-component analysis, and attack tree generation. Produces
persistent, incremental threat models stored in .appsec/model/ that evolve
as the codebase changes.
Supported Flags
Read ../../shared/schemas/flags.md for the full flag specification.
| Flag | Model Behavior |
|---|---|
--scope |
Default full. Threat models benefit from whole-system visibility. Narrow scopes produce partial models with a warning. |
--depth quick |
Component inventory and trust boundary identification only. |
--depth standard |
Full threat model: components, data flows, STRIDE analysis, mitigations. |
--depth deep |
Standard + attack trees, cross-component threat chains, external dependency threats. |
--depth expert |
Deep + DREAD scoring, attack simulation narratives, compliance mapping. |
--severity |
Filter reported threats by severity in output. |
Related skills