# Send Threat Modeling Expert to your agent Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually. ## Fast path - Download the package from Yavira. - Extract it into a folder your agent can access. - Paste one of the prompts below and point your agent at the extracted folder. ## Suggested prompts ### New install ```text I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete. ``` ### Upgrade existing ```text I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run. ``` ## Machine-readable fields ```json { "schemaVersion": "1.0", "item": { "slug": "threat-modeling", "name": "Threat Modeling Expert", "source": "tencent", "type": "skill", "category": "AI 智能", "sourceUrl": "https://clawhub.ai/brandonwise/threat-modeling", "canonicalUrl": "https://clawhub.ai/brandonwise/threat-modeling", "targetPlatform": "OpenClaw" }, "install": { "downloadUrl": "/downloads/threat-modeling", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=threat-modeling", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "packageFormat": "ZIP package", "primaryDoc": "SKILL.md", "includedAssets": [ "SKILL.md" ], "downloadMode": "redirect", "sourceHealth": { "source": "tencent", "slug": "threat-modeling", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-05-04T04:07:34.579Z", "expiresAt": "2026-05-11T04:07:34.579Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=threat-modeling", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=threat-modeling", "contentDisposition": "attachment; filename=\"threat-modeling-1.0.0.zip\"", "redirectLocation": null, "bodySnippet": null, "slug": "threat-modeling" }, "scope": "item", "summary": "Item download looks usable.", "detail": "Yavira can redirect you to the upstream package for this item.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/threat-modeling" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] } }, "links": { "detailUrl": "https://openagent3.xyz/skills/threat-modeling", "downloadUrl": "https://openagent3.xyz/downloads/threat-modeling", "agentUrl": "https://openagent3.xyz/skills/threat-modeling/agent", "manifestUrl": "https://openagent3.xyz/skills/threat-modeling/agent.json", "briefUrl": "https://openagent3.xyz/skills/threat-modeling/agent.md" } } ``` ## Documentation ### Threat Modeling Expert Expert in threat modeling methodologies, security architecture review, and risk assessment using STRIDE, PASTA, attack trees, and security requirement extraction. ### Description USE WHEN: Designing new systems or features (secure-by-design) Reviewing architecture for security gaps Preparing for security audits Identifying attack vectors and threat actors Prioritizing security investments Creating security documentation Training teams on security thinking DON'T USE WHEN: Lack scope or authorization for security review Need legal compliance certification (consult legal) Only need automated scanning (use vulnerability-scanner) ### 1. Define Scope System boundaries Assets to protect Trust boundaries Regulatory requirements ### 2. Create Data Flow Diagram [User] → [Web App] → [API Gateway] → [Backend] → [Database] ↓ [External API] ### 3. Identify Assets & Entry Points Assets: User data, credentials, business logic, infrastructure Entry Points: APIs, forms, file uploads, admin panels ### 4. Apply STRIDE Spoofing: Can someone impersonate? Tampering: Can data be modified? Repudiation: Can actions be denied? Information Disclosure: Can data leak? Denial of Service: Can availability be affected? Elevation of Privilege: Can access be escalated? ### 5. Build Attack Trees Goal: Access Admin Panel ├── Steal admin credentials │ ├── Phishing │ ├── Brute force │ └── Session hijacking ├── Exploit vulnerability │ ├── SQL injection │ └── Auth bypass └── Social engineering └── Support desk compromise ### 6. Score & Prioritize Use DREAD or CVSS: Damage potential Reproducibility Exploitability Affected users Discoverability ### 7. Design Mitigations Map threats to controls and validate coverage. ### 8. Document Residual Risks What's accepted vs. mitigated. ### STRIDE Analysis Template ComponentSpoofingTamperingRepudiationInfo DisclosureDoSEoPWeb AppAuth bypassXSS, CSRFMissing logsError messagesRate limitBroken accessAPIToken theftInput manipNo auditData exposureResource exhaustPrivilege escalationDatabaseCredential theftSQL injectionNo audit trailBackup exposureConnection floodDirect access ### Application Layer Injection (SQL, XSS, command) Broken authentication Sensitive data exposure Broken access control Security misconfiguration Using vulnerable components ### Network Layer Man-in-the-middle Eavesdropping Replay attacks DNS spoofing DDoS ### Infrastructure Layer Unauthorized access Misconfigured services Unpatched systems Weak credentials Exposed admin interfaces ### Human Layer Phishing Social engineering Insider threats Credential sharing ### Data Flow Diagram Elements ElementSymbolDescriptionExternal EntityRectangleUsers, external systemsProcessCircleApplication logicData StoreParallel linesDatabase, cache, filesData FlowArrowData movementTrust BoundaryDashed lineSecurity perimeter ### Risk Prioritization Matrix LOW IMPACT HIGH IMPACT HIGH LIKELIHOOD MEDIUM HIGH LOW LIKELIHOOD LOW MEDIUM ### DREAD Scoring (1-10 each) FactorQuestionDamageHow bad if exploited?ReproducibilityHow easy to reproduce?ExploitabilityHow easy to attack?Affected UsersHow many impacted?DiscoverabilityHow easy to find? Score: Sum / 5 = Risk Level ### Input Validation Whitelist validation Parameterized queries Output encoding Content-Type enforcement ### Authentication MFA where possible Strong password policies Account lockout Secure session management ### Authorization Principle of least privilege Role-based access control Resource ownership checks Regular permission audits ### Cryptography TLS 1.2+ everywhere Strong key management Secure password hashing Encrypted data at rest ### Monitoring Security event logging Anomaly detection Alert thresholds Incident response plan ### Best Practices Involve developers in threat modeling sessions Focus on data flows, not just components Consider insider threats Update models with architecture changes Link threats to security requirements Track mitigations to implementation Review regularly, not just at design time Keep models living documents ### Output Template # Threat Model: [System Name] ## Scope - Components in scope - Out of scope ## Assets - Critical assets list ## Trust Boundaries - Internal vs external - Admin vs user ## Data Flow Diagram [DFD here] ## STRIDE Analysis [Table here] ## Prioritized Threats 1. [High] Description - Mitigation 2. [Medium] Description - Mitigation ## Residual Risks - Accepted risks with justification ## Review Schedule - Next review date ## Trust - Source: tencent - Verification: Indexed source record - Publisher: brandonwise - Version: 1.0.0 ## Source health - Status: healthy - Item download looks usable. - Yavira can redirect you to the upstream package for this item. - Health scope: item - Reason: direct_download_ok - Checked at: 2026-05-04T04:07:34.579Z - Expires at: 2026-05-11T04:07:34.579Z - Recommended action: Download for OpenClaw ## Links - [Detail page](https://openagent3.xyz/skills/threat-modeling) - [Send to Agent page](https://openagent3.xyz/skills/threat-modeling/agent) - [JSON manifest](https://openagent3.xyz/skills/threat-modeling/agent.json) - [Markdown brief](https://openagent3.xyz/skills/threat-modeling/agent.md) - [Download page](https://openagent3.xyz/downloads/threat-modeling)