threat-modeler
by tmart234
Produce structured threat models for software, systems, networks, IoT/embedded devices, medical devices, or business processes. Walks Shostack's Four Question Framework, produces a Mermaid DFD with trust boundaries, runs STRIDE-Per-Element with prioritized mitigations and derived security requirements, and a Q4 self-assessment. Trigger on threat modeling, STRIDE, DFD / data flow diagram, attack surface, abuse / misuse cases, security architecture review, trust boundaries, "what can go wrong / what are the threats to X / how would someone attack X", or pasting architecture and asking about risks. Also trigger when the user names a methodology (LINDDUN, PASTA, DREAD, attack trees) or asks for a regulatory threat-model deliverable (FDA premarket cybersecurity, IEC 62443, IEC 81001-5-1). Greenfield and brownfield. Do NOT trigger for penetration testing planning, vulnerability scanning, or incident response.