tahr-threat-model-app

Installation
SKILL.md

Tahr Threat Model App

Use source as evidence of observed implementation and use specifications and documents as evidence of intent. Produce a decision-oriented threat model, not a list of isolated code smells and not a verified vulnerability report.

Set scope and evidence classes

  1. Record the repository revision, included packages, deployment environments, supplied documents/specifications, exclusions, and unanswered questions.
  2. Label every material statement as observed, intended, inferred, or unknown. Do not let documentation or a framework convention prove runtime behavior.
  3. Default to read-only source and document analysis. Use a runtime target only with explicit authorization for that target and safe test objective.
  4. Redact credentials, tokens, private keys, personal data, and customer data. Preserve only the minimum non-secret evidence needed for traceability.
Installs
3
First Seen
1 day ago
tahr-threat-model-app — tahr-security/tahr-security-skills