About
This skill generates security-focused threat models by analyzing code repositories to identify trust boundaries, assets, and potential abuse paths. It creates actionable Markdown reports grounded in actual code evidence when explicitly asked to perform threat modeling or enumerate security threats. Use it specifically for AppSec analysis, not for general architecture reviews or code audits.
Quick Install
Claude Code
Recommendednpx skills add plurigrid/asi -a claude-code/plugin add https://github.com/plurigrid/asigit clone https://github.com/plurigrid/asi.git ~/.claude/skills/security-threat-modelCopy and paste this command in Claude Code to install this skill
GitHub Repository
Frequently asked questions
What is the security-threat-model skill?
security-threat-model is a Claude Skill by plurigrid. Skills package instructions and resources that Claude loads on demand, so Claude can perform security-threat-model-related tasks without extra prompting.
How do I install security-threat-model?
Use the install commands on this page: add security-threat-model to Claude Code as a plugin, or clone its repository into your skills directory, then restart Claude so it picks up the skill.
What category does security-threat-model belong to?
security-threat-model is in the Design category, tagged design.
Is security-threat-model free to use?
Yes. security-threat-model is listed on AIMCP and free to install. It runs inside Claude, so no separate service account is required to use the skill itself.
Related Skills
Use the executing-plans skill when you have a complete implementation plan to execute in controlled batches with review checkpoints. It loads and critically reviews the plan, then executes tasks in small batches (default 3 tasks) while reporting progress between each batch for architect review. This ensures systematic implementation with built-in quality control checkpoints.
This skill dispatches a code-reviewer subagent to analyze code changes against requirements before proceeding. It should be used after completing tasks, implementing major features, or before merging to main. The review helps catch issues early by comparing the current implementation with the original plan.
This skill provides a comprehensive guide for developers to connect MCP servers to Claude Code using HTTP, stdio, or SSE transports. It covers installation, configuration, authentication, and security for integrating external services like GitHub, Notion, and custom APIs. Use it when setting up MCP integrations, configuring external tools, or working with Claude's Model Context Protocol.
This skill helps developers choose between Claude Code Web and CLI interfaces based on task analysis, then enables seamless session teleportation between these environments. It optimizes workflow by managing session state and context when switching between web, CLI, or mobile. Use it for complex projects requiring different tools at various stages.
