Skills stride-analysis-patterns
📦

stride-analysis-patterns

Safe 🌐 Network access⚙️ External commands

Identify Security Threats with STRIDE

This skill helps identify and document security threats in systems using the STRIDE threat modeling methodology. It provides templates, code patterns, and analysis frameworks for systematic threat identification and mitigation planning.

Supports: Claude Codex Code(CC)
📊 69 Adequate
1

Download the skill ZIP

2

Upload in Claude

Go to Settings → Capabilities → Skills → Upload skill

3

Toggle on and start using

Test it

Using "stride-analysis-patterns". Analyze a web API that accepts user input, processes it against a database, and returns results

Expected outcome:

  • **Spoofing Threats**: Session hijacking, token forgery, credential stuffing
  • **Tampering Threats**: SQL injection, parameter manipulation, input validation bypass
  • **Repudiation Threats**: Transaction denial, missing audit logs
  • **Information Disclosure**: Data breach through insecure transmission, error message leakage
  • **Denial of Service**: Resource exhaustion, database connection pool exhaustion
  • **Elevation of Privilege**: IDOR vulnerabilities, role-based access bypass

Using "stride-analysis-patterns". Generate a threat model document template for a microservices architecture

Expected outcome:

  • # Threat Model: Microservices Architecture
  • ## Trust Boundaries: External to DMZ, DMZ to Internal Network, Service to Service
  • ## Key Assets: User Credentials (High), PII (High), Session Data (Medium)
  • ## STRIDE Analysis Summary: 18 total threats identified across 6 categories

Security Audit

Safe
v5 • 1/21/2026

All 54 static findings are false positives. This is a legitimate defensive security skill for threat modeling. Static patterns detected are: security documentation terminology (not ransomware), markdown code blocks (not shell execution), risk-scoring enums (not weak crypto), and documentation links to Microsoft/OWASP (not hardcoded malicious URLs). No actual security concerns identified.

2
Files scanned
1,119
Lines analyzed
2
findings
5
Total audits

Risk Factors

🌐 Network access (4)
skill-report.json:6 SKILL.md:654 SKILL.md:655 SKILL.md:656
⚙️ External commands (13)
SKILL.md:23-33 SKILL.md:33-50 SKILL.md:50-59 SKILL.md:59-64 SKILL.md:64-165 SKILL.md:165-172 SKILL.md:172-199 SKILL.md:199-203 SKILL.md:203-423 SKILL.md:423-427 SKILL.md:427-545 SKILL.md:545-549 SKILL.md:549-634
Audited by: claude View Audit History →

Quality Score

38
Architecture
100
Maintainability
85
Content
21
Community
100
Security
87
Spec Compliance

What You Can Build

New Application Threat Modeling

Security engineers use this skill to document threats when designing new applications. The skill generates questionnaires, identifies trust boundaries, and produces structured threat models for architecture review.

Security Documentation Creation

Developers use the templates to create security documentation for compliance audits. The skill provides markdown templates with threat tables, mitigations, and risk prioritization frameworks.

Team Security Training

Team leads use this skill to train developers on threat identification. The structured STRIDE categories provide a memorable framework for thinking about security during design reviews.

Try These Prompts

Basic STRIDE Analysis 
Use the STRIDE methodology to analyze our [system/component name] architecture. Identify potential threats in each category: Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege. For each threat, provide a description, potential impact, and recommended mitigation.
Data Flow Analysis 
Analyze the data flows in our system for trust boundary crossings. Identify unencrypted data flows between zones of different trust levels. For each crossing, list applicable STRIDE threats and suggest security controls.
Interactive Threat Matrix 
Generate a threat matrix for these system interactions: [list interactions]. For each interaction between [source component] and [target component], identify applicable STRIDE threats, their descriptions, and context.
Risk Prioritization Report 
Create a prioritized risk report from the following threats: [list threats with impact/likelihood ratings]. Calculate risk scores, categorize by severity, and recommend remediation order based on the risk matrix.

Best Practices

  • Cover all six STRIDE categories systematically to avoid missing threat types
  • Involve stakeholders from security, development, and operations for comprehensive coverage
  • Update threat models when system architecture changes significantly
  • Prioritize mitigations based on risk scores rather than treating all threats equally

Avoid

  • Skipping STRIDE categories because some seem less relevant to your system
  • Assuming a component is secure without analyzing each threat category
  • Focusing only on high-likelihood threats and ignoring high-impact, low-probability risks
  • Identifying threats without documenting or tracking mitigation plans

Frequently Asked Questions

What is STRIDE and why should I use it?
STRIDE is a threat modeling methodology developed by Microsoft. It provides a systematic way to identify security threats by categorizing them into Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege. It helps ensure comprehensive security coverage during design.
How is this skill different from automated security scanners?
This skill helps with threat modeling and documentation, not automated scanning. It guides you through identifying threats conceptually rather than scanning running code for vulnerabilities. Use both approaches for comprehensive security coverage.
Can I use this skill for compliance documentation?
Yes. The skill provides structured templates suitable for compliance documentation including SOC 2, PCI-DSS, and ISO 27001 requirements. The threat models and mitigation tracking support audit preparation.
What outputs does this skill produce?
The skill produces threat questionnaires, markdown documentation templates, data flow analysis reports, risk matrices with prioritization, and mitigation checklists. Outputs are human-readable and suitable for documentation systems.
Does this skill execute any code on my system?
No. The skill provides guidance, templates, and analysis frameworks. It does not execute code, scan systems, or make changes to your environment. All threat modeling is conceptual and documentation-focused.
How detailed are the threat models produced?
Detail level depends on your input. The skill can produce high-level threat summaries or detailed documents with specific threat descriptions, impact ratings, likelihood assessments, risk scores, and mitigation recommendations.

Developer Details

Author

wshobson

License

MIT

Repository

https://github.com/wshobson/agents/tree/main/plugins/security-scanning/skills/stride-analysis-patterns

Ref

main

File structure

📄 SKILL.md