skillZs
LIVE SKILL TAGS
>>> LIVE SKILLS INDEX <<<
* OPEN SOURCE *
NO LOGIN, NO TRACKING
REAL INSTALL DATA
← back to all skills
wshobson/agents8.6k installs

stride-analysis-patterns

Apply STRIDE methodology to systematically identify threats. Use when analyzing system security, conducting threat modeling sessions, or creating security documentation.

How do I install this agent skill?

npx skills add https://github.com/wshobson/agents --skill stride-analysis-patterns
view source ↗

Is this agent skill safe to install?

  • Gen Agent Trust Hubpass

    This skill provides templates and Python utility classes for conducting STRIDE threat modeling. It does not contain any executable code that performs network operations, file system access, or security bypasses.

  • Socketpass

    No alerts

  • Snykpass

    Risk: LOW · No issues

  • Runlayerpass

    1 file scanned · No issues

  • ZeroLeakspass

    Score: 93/100 · 2 sections analyzed

What does this agent skill do?

STRIDE Analysis Patterns

Systematic threat identification using the STRIDE methodology.

When to Use This Skill

  • Starting new threat modeling sessions
  • Analyzing existing system architecture
  • Reviewing security design decisions
  • Creating threat documentation
  • Training teams on threat identification
  • Compliance and audit preparation

Core Concepts

1. STRIDE Categories

S - Spoofing       → Authentication threats
T - Tampering      → Integrity threats
R - Repudiation    → Non-repudiation threats
I - Information    → Confidentiality threats
    Disclosure
D - Denial of      → Availability threats
    Service
E - Elevation of   → Authorization threats
    Privilege

2. Threat Analysis Matrix

CategoryQuestionControl Family
SpoofingCan attacker pretend to be someone else?Authentication
TamperingCan attacker modify data in transit/rest?Integrity
RepudiationCan attacker deny actions?Logging/Audit
Info DisclosureCan attacker access unauthorized data?Encryption
DoSCan attacker disrupt availability?Rate limiting
ElevationCan attacker gain higher privileges?Authorization

Templates and detailed worked examples

Full template library lives in references/details.md. Read that file when you need concrete templates for this skill.

Best Practices

Do's

  • Involve stakeholders - Security, dev, and ops perspectives
  • Be systematic - Cover all STRIDE categories
  • Prioritize realistically - Focus on high-impact threats
  • Update regularly - Threat models are living documents
  • Use visual aids - DFDs help communication

Don'ts

  • Don't skip categories - Each reveals different threats
  • Don't assume security - Question every component
  • Don't work in isolation - Collaborative modeling is better
  • Don't ignore low-probability - High-impact threats matter
  • Don't stop at identification - Follow through with mitigations

Add the canonical catalog link to the repository README so users can inspect current installs and available audits. The publishing guide covers the complete discovery path.

<a href="https://skillzs.dev/skills/wshobson/agents/stride-analysis-patterns">View stride-analysis-patterns on skillZs</a>