CtrlK
BlogDocsLog inGet started
Tessl Logo

security-threat-model

Repository-grounded threat modeling that enumerates trust boundaries, assets, attacker capabilities, abuse paths, and mitigations, and writes a concise Markdown threat model. Trigger only when the user explicitly asks to threat model a codebase or path, enumerate threats/abuse paths, or perform AppSec threat modeling. Do not trigger for general architecture summaries, code review, or non-security design work.

88

2.54x
Quality

Does it follow best practices?

Impact

94%

2.54x

Average score across 3 eval scenarios

SecuritybySnyk

Passed

No known issues

SKILL.md
Quality
Evals
Security

Quality

Content

70%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

A well-structured, security-competent skill body with a clear multi-step workflow, explicit validation checkpoints, and properly split one-level-deep references. Its main weaknesses are minor redundancy and a process-level (rather than inline-executable) actionability that leans on the referenced prompt template.

Suggestions

Remove the duplicated asset listing: step 2 already says 'List assets that drive risk', so step 3 should reference or extend it rather than restate 'List the assets that drive risk (credentials, PII, ...)' — this tightens conciseness.

Make abstract directives more concrete with brief inline examples, e.g. pair 'Describe realistic attacker capabilities' with a one-line illustration (unauthenticated remote caller vs. authenticated tenant) so the body is actionable without forcing a jump to the reference.

Fix the intro fragment 'Prioritizing realistic attacker goals and concrete impacts over generic checklists.' into a complete sentence or fold it into the section's instruction to avoid a dangling clause.

DimensionReasoningScore

Conciseness

Mostly lean bullet-based prose that assumes security competence, but it could be tightened — 'List the assets that drive risk' is repeated across steps 2 and 3, and the intro fragment 'Prioritizing realistic attacker goals...' is a dangling clause. Not a 3 because not every token earns its place.

2 / 3

Actionability

Some concrete guidance (specific control types, example 'enforce schema at gateway for upload payloads', output filename convention, verbatim prompt-template reuse), but many steps remain abstract directives ('Describe realistic attacker capabilities', 'Prefer attacker goals that map to assets') and the executable contract is deferred to the reference rather than given inline.

2 / 3

Workflow Clarity

Eight clearly sequenced workflow steps with explicit validation checkpoints — step 6 pauses for user feedback and step 8 is a pre-finalization quality checklist — matching the score-3 anchor for clear sequence with validation steps and checklists. Not capped because verification steps are present.

3 / 3

Progressive Disclosure

Clear overview body with well-signaled one-level-deep references (references/prompt-template.md and references/security-controls-and-assets.md, both verified to exist and non-nested) and an explicit 'Only load the reference files you need' note, matching the score-3 anchor.

3 / 3

Total

10

/

12

Passed

Description

100%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

A high-quality, third-person description that clearly states concrete capabilities, gives explicit positive and negative trigger conditions, and is well-distinguished from adjacent skills. It avoids vagueness and verbosity while remaining specific to AppSec threat modeling.

DimensionReasoningScore

Specificity

Lists multiple concrete actions — 'enumerates trust boundaries, assets, attacker capabilities, abuse paths, and mitigations, and writes a concise Markdown threat model' — matching the score-3 anchor for multiple specific concrete actions.

3 / 3

Completeness

Explicitly answers what (enumerate boundaries/assets/capabilities/abuse paths/mitigations + write Markdown) and when ('Trigger only when the user explicitly asks...'), satisfying the score-3 both-what-and-when anchor; not capped at 2 since an explicit trigger clause is present.

3 / 3

Trigger Term Quality

Natural trigger phrases a security user would say — 'threat model a codebase or path', 'enumerate threats/abuse paths', 'AppSec threat modeling' — give good coverage rather than jargon-only or generic terms.

3 / 3

Distinctiveness Conflict Risk

Clear niche with explicit anti-triggers ('Do not trigger for general architecture summaries, code review, or non-security design work') making it unlikely to fire for the wrong skill.

3 / 3

Total

12

/

12

Passed

Validation

100%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation16 / 16 Passed

Validation for skill structure

No warnings or errors.

Repository
openai/skills
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.