Attack Tree Construction
Systematic attack path visualization and analysis.
Use this skill when
-
Visualizing complex attack scenarios
-
Identifying defense gaps and priorities
-
Communicating risks to stakeholders
-
Planning defensive investments or test scopes
Do not use this skill when
-
You lack authorization or a defined scope to model the system
-
The task is a general risk review without attack-path modeling
-
The request is unrelated to security assessment or design
Instructions
-
Confirm scope, assets, and the attacker goal for the root node.
-
Decompose into sub-goals with AND/OR structure.
-
Annotate leaves with cost, skill, time, and detectability.
-
Map mitigations per branch and prioritize high-impact paths.
-
If detailed templates are required, open resources/implementation-playbook.md .
Safety
-
Share attack trees only with authorized stakeholders.
-
Avoid including sensitive exploit details unless required.
Resources
- resources/implementation-playbook.md for detailed patterns, templates, and examples.
🧠 Knowledge Modules (Fractal Skills)
- implementation-playbook