์Šคํ‚ฌ pytm
๐Ÿ›ก๏ธ

pytm

์•ˆ์ „ ๐ŸŒ ๋„คํŠธ์›Œํฌ ์ ‘๊ทผโš™๏ธ ์™ธ๋ถ€ ๋ช…๋ น์–ด

Create threat models with Python and STRIDE analysis

Threat modeling is critical for secure system design but often gets skipped due to complexity. This skill provides programmatic threat modeling using Python and the pytm library. Define architecture as code, automatically generate data flow diagrams, and identify security threats across trust boundaries.

์ง€์›: Claude Codex Code(CC)
๐Ÿ“Š 70 ์ ์ ˆํ•จ
1

์Šคํ‚ฌ ZIP ๋‹ค์šด๋กœ๋“œ

2

Claude์—์„œ ์—…๋กœ๋“œ

์„ค์ • โ†’ ๊ธฐ๋Šฅ โ†’ ์Šคํ‚ฌ โ†’ ์Šคํ‚ฌ ์—…๋กœ๋“œ๋กœ ์ด๋™

3

ํ† ๊ธ€์„ ์ผœ๊ณ  ์‚ฌ์šฉ ์‹œ์ž‘

ํ…Œ์ŠคํŠธํ•ด ๋ณด๊ธฐ

"pytm" ์‚ฌ์šฉ ์ค‘์ž…๋‹ˆ๋‹ค. Create a pytm threat model for a three-tier web application with user, load balancer, web server, app server, and database

์˜ˆ์ƒ ๊ฒฐ๊ณผ:

  • Trust Boundaries defined: Internet, DMZ, Internal Network
  • Components: Actor(User), Server(Load Balancer), Server(Web Server), Server(App Server), Datastore(Database)
  • Identified STRIDE Threats:
  • - Spoofing impersonation at: User authentication
  • - Tampering: Unencrypted web-to-app HTTP flow
  • - Information Disclosure: Database without encryption at rest
  • - Denial of Service: Load balancer without rate limiting
  • Data Flow Crossings: 4 trust boundary crossings require review

"pytm" ์‚ฌ์šฉ ์ค‘์ž…๋‹ˆ๋‹ค. Generate a threat report for a microservices architecture with API gateway, auth service, and database

์˜ˆ์ƒ ๊ฒฐ๊ณผ:

  • Architecture Overview: Cloud Microservices with 3 Lambda functions, 2 data stores
  • Trust Boundary: Cloud Provider VPC
  • STRIDE Analysis Results:
  • - Elevation of Privilege: API gateway without rate limiting
  • - Information Disclosure: Cache without encryption in transit
  • - Tampering: Auth function input validation missing
  • Recommended Mitigations: Implement WAF rules, enable TLS for cache, add input sanitization

๋ณด์•ˆ ๊ฐ์‚ฌ

์•ˆ์ „
v5 โ€ข 1/16/2026

Pure documentation skill containing only YAML frontmatter and markdown documentation teaching threat modeling concepts with the pytm library. No executable code, scripts, network calls, filesystem access, environment variable reads, or command execution capabilities are present. All static findings are false positives triggered by documentation patterns, not actual security risks.

2
์Šค์บ”๋œ ํŒŒ์ผ
758
๋ถ„์„๋œ ์ค„ ์ˆ˜
2
๋ฐœ๊ฒฌ ์‚ฌํ•ญ
5
์ด ๊ฐ์‚ฌ ์ˆ˜

์œ„ํ—˜ ์š”์ธ

๐ŸŒ ๋„คํŠธ์›Œํฌ ์ ‘๊ทผ (11)
skill-report.json:6 SKILL.md:21 SKILL.md:22 SKILL.md:23 SKILL.md:24 SKILL.md:569 SKILL.md:570 SKILL.md:571 SKILL.md:572 SKILL.md:573 SKILL.md:574
โš™๏ธ ์™ธ๋ถ€ ๋ช…๋ น์–ด (55)
SKILL.md:41-76 SKILL.md:76-79 SKILL.md:79-84 SKILL.md:84-95 SKILL.md:95-97 SKILL.md:97-114 SKILL.md:114-116 SKILL.md:116-123 SKILL.md:123-163 SKILL.md:163-169 SKILL.md:169-201 SKILL.md:201-207 SKILL.md:207-216 SKILL.md:216-260 SKILL.md:260-262 SKILL.md:262-263 SKILL.md:263-264 SKILL.md:264-265 SKILL.md:265-267 SKILL.md:267-269 SKILL.md:269-270 SKILL.md:270-271 SKILL.md:271-272 SKILL.md:272-274 SKILL.md:274-276 SKILL.md:276-277 SKILL.md:277-278 SKILL.md:278-279 SKILL.md:279-280 SKILL.md:280-286 SKILL.md:286-325 SKILL.md:325-329 SKILL.md:329-361 SKILL.md:361-367 SKILL.md:367-385 SKILL.md:385-391 SKILL.md:391-400 SKILL.md:400-441 SKILL.md:441-442 SKILL.md:442 SKILL.md:442-445 SKILL.md:445-452 SKILL.md:452-462 SKILL.md:462-470 SKILL.md:470-471 SKILL.md:471-472 SKILL.md:472-483 SKILL.md:483-491 SKILL.md:491-515 SKILL.md:515-521 SKILL.md:521-546 SKILL.md:546-552 SKILL.md:552-565 SKILL.md:188 SKILL.md:458
๊ฐ์‚ฌ์ž: claude ๊ฐ์‚ฌ ์ด๋ ฅ ๋ณด๊ธฐ โ†’

ํ’ˆ์งˆ ์ ์ˆ˜

38
์•„ํ‚คํ…์ฒ˜
100
์œ ์ง€๋ณด์ˆ˜์„ฑ
87
์ฝ˜ํ…์ธ 
21
์ปค๋ฎค๋‹ˆํ‹ฐ
100
๋ณด์•ˆ
96
์‚ฌ์–‘ ์ค€์ˆ˜

๋งŒ๋“ค ์ˆ˜ ์žˆ๋Š” ๊ฒƒ

Architecture Security Review

Define system architecture in code and automatically identify security threats across trust boundaries before implementation

CI/CD Security Integration

Automate threat modeling in pull requests to catch security issues early in the development lifecycle

STRIDE Threat Enumeration

Generate comprehensive threat reports with categorized STRIDE threats and actionable mitigation strategies

์ด ํ”„๋กฌํ”„ํŠธ๋ฅผ ์‚ฌ์šฉํ•ด ๋ณด์„ธ์š”

Basic Threat Model 
Create a Python threat model using pytm for a web application with user authentication, a REST API backend, and a PostgreSQL database. Define trust boundaries for internet, DMZ, and internal network. Show how to generate the threat report.
Microservices Architecture 
Model a microservices architecture using pytm with Lambda functions for API gateway, auth service, and order service. Include Redis cache and DynamoDB. Generate a data flow diagram showing encrypted communication between services.
Custom Threats 
Show how to add custom threat definitions to a pytm threat model. Create a custom threat for API rate limiting bypass with specific conditions and mitigation guidance. Include it in the threat report output.
CI/CD Pipeline Integration 
Create a GitHub Actions workflow that runs pytm threat modeling on every pull request. Include steps to install dependencies, generate the threat model, and upload the DFD as an artifact. Check for unmitigated threats and fail the build if high-severity threats lack mitigations.

๋ชจ๋ฒ” ์‚ฌ๋ก€

  • Store threat models in version control alongside application code to track architecture changes
  • Set accurate component security attributes (isEncrypted, implementsAuthentication) to reduce false positives
  • Integrate threat model validation into CI/CD pipelines to catch security issues early

ํ”ผํ•˜๊ธฐ

  • Hardcoding credentials or secrets in threat model Python files
  • Skipping trust boundary definitions and modeling everything as a single zone
  • Ignoring identified threats without documenting why they do not apply

์ž์ฃผ ๋ฌป๋Š” ์งˆ๋ฌธ

Does pytm require Python 3.7 or newer?
Yes. Python 3.7 or newer is required. You also need graphviz installed on your system for diagram generation.
Can pytm generate diagrams without graphviz?
No. Graphviz is a required dependency for generating data flow diagrams. Install via brew (macOS) or apt-get (Linux).
How does pytm integrate with CI/CD pipelines?
pytm integrates via Python scripts run in CI. GitHub Actions or GitLab CI can execute threat models on each build and upload DFD artifacts.
Is my threat model data safe to store in version control?
Review threat models for sensitive architecture details before committing. Avoid hardcoding credentials. Use placeholders for secrets.
Why are expected threats not appearing in my report?
Verify component properties are set correctly (isSQL, isEncrypted). Ensure components are assigned to boundaries. Review trust boundary crossings.
How does pytm compare to other threat modeling tools?
pytm offers code-first threat modeling with version control benefits. Unlike graphical tools, it integrates naturally into CI/CD and developer workflows.

๊ฐœ๋ฐœ์ž ์„ธ๋ถ€ ์ •๋ณด

์ž‘์„ฑ์ž

AgentSecOps

๋ผ์ด์„ ์Šค

MIT

๋ฆฌํฌ์ง€ํ† ๋ฆฌ

https://github.com/AgentSecOps/SecOpsAgentKit/tree/main/skills/threatmodel/pytm

์ฐธ์กฐ

main

ํŒŒ์ผ ๊ตฌ์กฐ

๐Ÿ“„ SKILL.md