Security Analysis

This skill provides comprehensive security threat modeling capabilities using the STRIDE methodology. It helps security professionals build attack trees to visualize threat paths, map threats to security controls, extract security requirements from threat models, and configure SAST tools for automated vulnerability detection.

Coordinate multi-agent code review with specialized perspectives. Use when conducting code reviews, analyzing PRs, evaluating staged changes, or reviewing specific files. Handles security, performance, quality, and test coverage analysis with confidence scoring and actionable recommendations.

A comprehensive security threat modeling skill that analyzes codebases using STRIDE methodology across 8 phases. It generates data flow diagrams, identifies threats with CWE/CAPEC/ATT&CK mappings, validates risks with POC designs, and produces detailed security assessment reports. Supports AI/LLM security, multi-cloud environments, and includes a knowledge base of 974 CWEs, 615 attack patterns, and 323K+ CVEs.