About
This Claude Skill performs threat modeling and attack scenario design using STRIDE, attack trees, and risk matrices to identify security risks before they become vulnerabilities. It helps developers analyze threats from an attacker's perspective, prioritize countermeasures, and optimize security investments. Use it during the design or review phase to systematically assess risks, especially for applications handling sensitive data like crypto assets or AI prompts.
Quick Install
Claude Code
Recommendednpx skills add openclaw/skills -a claude-code/plugin add https://github.com/openclaw/skillsgit clone https://github.com/openclaw/skills.git ~/.claude/skills/threat-modelCopy and paste this command in Claude Code to install this skill
GitHub Repository
Frequently asked questions
What is the threat-model skill?
threat-model is a Claude Skill by openclaw. Skills package instructions and resources that Claude loads on demand, so Claude can perform threat-model-related tasks without extra prompting.
How do I install threat-model?
Use the install commands on this page: add threat-model to Claude Code as a plugin, or clone its repository into your skills directory, then restart Claude so it picks up the skill.
What category does threat-model belong to?
threat-model is in the Design category, tagged design.
Is threat-model free to use?
Yes. threat-model is listed on AIMCP and free to install. It runs inside Claude, so no separate service account is required to use the skill itself.
Related Skills
Use the executing-plans skill when you have a complete implementation plan to execute in controlled batches with review checkpoints. It loads and critically reviews the plan, then executes tasks in small batches (default 3 tasks) while reporting progress between each batch for architect review. This ensures systematic implementation with built-in quality control checkpoints.
This skill dispatches a code-reviewer subagent to analyze code changes against requirements before proceeding. It should be used after completing tasks, implementing major features, or before merging to main. The review helps catch issues early by comparing the current implementation with the original plan.
This skill provides a comprehensive guide for developers to connect MCP servers to Claude Code using HTTP, stdio, or SSE transports. It covers installation, configuration, authentication, and security for integrating external services like GitHub, Notion, and custom APIs. Use it when setting up MCP integrations, configuring external tools, or working with Claude's Model Context Protocol.
This skill helps developers choose between Claude Code Web and CLI interfaces based on task analysis, then enables seamless session teleportation between these environments. It optimizes workflow by managing session state and context when switching between web, CLI, or mobile. Use it for complex projects requiring different tools at various stages.
