Skills

security-requirement-extraction

Installation
Summary

Transform threat analysis into actionable security requirements.

  • Converts STRIDE threat categories into functional, non-functional, and constraint requirements with automatic priority calculation based on impact and likelihood
  • Generates security user stories, acceptance criteria, and test cases directly from threats; includes traceability matrices linking threats to requirements
  • Maps requirements to compliance frameworks (PCI-DSS, HIPAA, GDPR, SOC2, NIST, ISO 27001, OWASP) and identifies coverage gaps
  • Organizes requirements by security domain (authentication, authorization, data protection, audit logging, input validation, cryptography, and six others) with built-in filtering and export to markdown
SKILL.md

Security Requirement Extraction

Transform threat analysis into actionable security requirements.

When to Use This Skill

  • Converting threat models to requirements
  • Writing security user stories
  • Creating security test cases
  • Building security acceptance criteria
  • Compliance requirement mapping
  • Security architecture documentation

Core Concepts

1. Requirement Categories

Business Requirements → Security Requirements → Technical Controls
Related skills

More from wshobson/agents

Installs
12.5K
Repository
wshobson/agents
GitHub Stars
35.3K
First Seen
Jan 20, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass