From security-scanning
Apply STRIDE methodology to systematically identify threats in system architecture. Use for threat modeling sessions, security design reviews, and creating threat documentation.
How this skill is triggered — by the user, by Claude, or both
Slash command
/security-scanning:stride-analysis-patternsThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Systematic threat identification using the STRIDE methodology.
Systematic threat identification using the STRIDE methodology.
S - Spoofing → Authentication threats
T - Tampering → Integrity threats
R - Repudiation → Non-repudiation threats
I - Information → Confidentiality threats
Disclosure
D - Denial of → Availability threats
Service
E - Elevation of → Authorization threats
Privilege
| Category | Question | Control Family |
|---|---|---|
| Spoofing | Can attacker pretend to be someone else? | Authentication |
| Tampering | Can attacker modify data in transit/rest? | Integrity |
| Repudiation | Can attacker deny actions? | Logging/Audit |
| Info Disclosure | Can attacker access unauthorized data? | Encryption |
| DoS | Can attacker disrupt availability? | Rate limiting |
| Elevation | Can attacker gain higher privileges? | Authorization |
Full template library lives in references/details.md. Read that file when you need concrete templates for this skill.
3plugins reuse this skill
First indexed Jul 7, 2026
npx claudepluginhub wshobson/agents --plugin security-scanningApply STRIDE methodology to systematically identify threats in system architecture. Use for threat modeling sessions, security design reviews, and creating threat documentation.
Applies STRIDE methodology to systematically identify threats during security analysis, threat modeling sessions, or security documentation creation.
Applies STRIDE methodology to systematically identify threats during security analysis, threat modeling sessions, and security documentation creation.