← Back to Skills Marketplace
solomonneas

Threat Modeling Expert

by Solomon Neas · GitHub ↗ · v1.0.1 · MIT-0
cross-platform ✓ Security Clean
196
Downloads
0
Stars
1
Active Installs
2
Versions
Install in OpenClaw
/install threat-modeling-expert
Description
Threat modeling with STRIDE, PASTA, and attack trees. Analyze architectures for security gaps, extract security requirements, build data flow diagrams, and p...
Usage Guidance
This skill is coherent and appears safe to install: it only provides high-level threat-modeling guidance and does not request credentials or install software. However, do not paste sensitive production secrets, credentials, or private keys into the model's prompts or threat models. Ensure you have authorization to share any architecture diagrams or data you submit, and treat outputs as advisory (not a replacement for hands-on security review or compliance certification).
Capability Analysis
Type: OpenClaw Skill Name: threat-modeling-expert Version: 1.0.1 The skill bundle is entirely informational, containing only metadata and Markdown instructions for performing threat modeling (STRIDE, PASTA). There is no executable code, network activity, or evidence of prompt injection; the instructions in SKILL.md are strictly aligned with the stated purpose of security architecture review.
Capability Assessment
Purpose & Capability
Name and description match the SKILL.md: it provides high-level threat modeling methods (STRIDE, PASTA, attack trees) and related activities. There are no unrelated requirements (no binaries, env vars, or installs) that conflict with the stated purpose.
Instruction Scope
SKILL.md contains high-level, appropriate steps for threat modeling (define scope, DFDs, apply STRIDE, build attack trees, score threats, design mitigations). Instructions do not direct the agent to read system files, environment variables, or external endpoints, nor do they request collecting unrelated data.
Install Mechanism
No install spec and no code files — the skill is instruction-only, so nothing is written to disk or fetched during install.
Credentials
The skill requests no environment variables, credentials, or config paths. This is proportionate for a guidance/analysis skill.
Persistence & Privilege
always is false and the skill does not request persistent system presence or elevated privileges. Autonomous invocation is allowed (platform default) but not itself a concern here.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install threat-modeling-expert
  3. After installation, invoke the skill by name or use /threat-modeling-expert
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
Natural description rewrite
v1.0.0
Initial release of Threat Modeling Expert skill. - Provides expert guidance on threat modeling using methodologies like STRIDE, PASTA, and attack trees. - Supports data flow diagram analysis, extraction of security requirements, and mapping to security controls. - Enables risk prioritization and scoring to guide mitigation and investment. - Designed for proactive security architecture review and secure system design—not for code scanning, penetration testing, or malware analysis. - Includes best practices, safety guidance, and step-by-step process for effective threat modeling.
Metadata
Slug threat-modeling-expert
Version 1.0.1
License MIT-0
All-time Installs 1
Active Installs 1
Total Versions 2
Frequently Asked Questions

What is Threat Modeling Expert?

Threat modeling with STRIDE, PASTA, and attack trees. Analyze architectures for security gaps, extract security requirements, build data flow diagrams, and p... It is an AI Agent Skill for Claude Code / OpenClaw, with 196 downloads so far.

How do I install Threat Modeling Expert?

Run "/install threat-modeling-expert" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Threat Modeling Expert free?

Yes, Threat Modeling Expert is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Threat Modeling Expert support?

Threat Modeling Expert is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Threat Modeling Expert?

It is built and maintained by Solomon Neas (@solomonneas); the current version is v1.0.1.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463368 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259467 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200457 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191163 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190189 · by oswalpalash

💬 Comments