Name: Security Threat Model: AI Agent Skill
Rating: 9 (1 reviews)
Author: openai

Question 1

What is Security Threat Model?

Accepted Answer

Security Threat Model is a free, open-source AI agent skill. Repository-grounded threat modeling that enumerates trust boundaries, assets, attacker capabilities, abuse paths, and mitigations, and writes a concise Markdown threat model. Trigger only when the user explicitly asks to threat model a codebase or path, enumerate threats/abuse paths, or perform AppSec threat modeling. Do not trigger for general architecture summaries, code review, or non-security design work.

Question 2

How do I install Security Threat Model?

Accepted Answer

Install Security Threat Model with a single command: npx mdskills install openai/security-threat-model. This downloads the skill files into your project and your AI agent picks them up automatically.

Question 3

What platforms support Security Threat Model?

Accepted Answer

Security Threat Model works with Claude Code, Claude Desktop, Cursor, Vscode Copilot, Windsurf, Continue Dev, Codex, Gemini Cli, Amp, Roo Code, Goose, Opencode, Trae, Qodo, Command Code. Skills use the open SKILL.md format which is compatible with any AI coding agent that reads markdown instructions.

Security Threat Model

Fork Lineage