---
name: threat-model
trigger: /review threat
description: Produce a threat model from design or architecture documents
---

# Skill: Threat Model

## Trigger
`/review threat [component or feature name]`

## Description
Produce a threat model for the specified component or feature using STRIDE methodology.

## Inputs
- target: string, component, feature, or architecture area to model (required)

## Process
1. Read the design documents, ADRs, and API contracts for the target
2. Identify trust boundaries and data flows
3. Apply STRIDE analysis:
   - **S**poofing: authentication weaknesses
   - **T**ampering: data integrity risks
   - **R**epudiation: audit trail gaps
   - **I**nformation Disclosure: data exposure risks
   - **D**enial of Service: availability risks
   - **E**levation of Privilege: authorisation weaknesses
4. For each threat: assess likelihood and impact
5. Recommend mitigations with specific implementation guidance for TypeScript/React/Node.js
6. Map threats to OWASP Top 10 categories
7. Produce the threat model document

## Output
Threat model document with STRIDE analysis, risk assessment, and mitigation recommendations.

## Autonomy
- Tier 1: producing the threat model

## Error Handling
- If design documents are insufficient: escalate with specific information needed