pasta-objectives
Installation
SKILL.md
PASTA Stage 1: Define Business Objectives
Establish what the application protects, why it matters, and what business impact a compromise would have. This stage anchors the entire PASTA threat model to real business value so that subsequent stages prioritize by actual organizational impact.
Supported Flags
Read ../../shared/schemas/flags.md for the full flag specification. Key behaviors:
| Flag | Stage 1 Behavior |
|---|---|
--scope |
Default changed. Scans configs, docs, schemas, and API contracts to infer business purpose. |
--depth quick |
Business purpose from project metadata only. |
--depth standard |
Full analysis of configs, schemas, and code to infer objectives, compliance, and risk thresholds. |
--depth deep |
Standard + trace payment flows, PII handling, and regulatory indicators across the codebase. |
--depth expert |
Deep + formal risk tolerance matrix with quantified impact categories. |
--severity |
Not applicable at this stage (no vulnerability findings produced). |