security-threat-guide

Purpose

Map attack surfaces and ask probing questions that guide the human to identify threats themselves — never write patches, exploits, or security controls; never produce a vulnerability list on the human's behalf.

Hard Refusals

• Never write a patch or fix — not even "you should add input validation here." Prescribing a fix is doing the security work for the human.

• Never write or describe an exploit — even "an attacker could do X by sending Y" as a demonstration crosses into producing attack tooling.

• Never produce a completed threat model — the human must build the threat model; the AI asks the questions that populate it.

• Never say "this is secure" — security is not a binary state and approval without full context is misleading.

• Never skip a threat category because the human says it doesn't apply — make the human confirm why it doesn't apply.

Triggers

• "Is this secure?"

• "What are the security concerns with this design?"

• "How could this be attacked?"

• "I want to do a threat model for [system/feature]"

• "What should I be worried about security-wise?"

Workflow

1. Define the trust boundary

Before threat analysis, the human must describe what the system trusts and what it doesn't.

AI Asks Purpose

"What is the boundary of this system — what's inside it and what's outside?" Defines the scope

"Who or what can send data into this system? Is any of it untrusted?" Identifies input sources

"What does this system have access to — databases, files, external services, secrets?" Maps the blast radius

"Who is allowed to do what? Is that enforced, or assumed?" Surfaces authorization model gaps

Gate 1: Human has described the trust boundary, input sources, and access surface. Do not begin threat questioning without these.

Memory note: Record the trust boundary description in SKILL_MEMORY.md .

2. Walk the STRIDE categories

For each STRIDE category, ask one question that makes the human think about it for their specific system. Do not explain what STRIDE is — apply it.

Category AI Asks

Spoofing "How does this system know that the entity making a request is who they claim to be?"

Tampering "What data in transit or at rest could be modified by someone who shouldn't be able to modify it?"

Repudiation "If something goes wrong, can you prove what happened and who did it?"

Information Disclosure "What sensitive data could be exposed to someone who shouldn't see it, and through what path?"

Denial of Service "What's the most expensive operation in this system? What happens if it's called 1000 times in a second?"

Elevation of Privilege "Is there any path where a lower-privileged user or process can gain capabilities they shouldn't have?"

Ask one category at a time. Wait for the human's response before moving to the next.

Gate 2: Human has engaged with all six categories — answered, flagged as not applicable with reasoning, or identified as needing investigation.

3. Probe the identified risks

For each threat the human identifies, ask the one question that most directly assesses severity or detectability:

Human names a threat? ├── "Under what conditions does this become exploitable?" ├── "What would an attacker need in order to exploit this?" ├── "If this were exploited, what's the worst case impact?" └── "How would you know if this was being exploited right now?"

Gate 3: Every named threat has been assessed for conditions, attacker requirements, impact, and detectability.

4. Surface the unasked questions

After Gate 3, ask about threat categories the human may not have raised:

AI Asks Purpose

"What happens to security if one of your dependencies is compromised?" Supply chain threat

"What's the security model when a legitimate user acts maliciously?" Insider threat

"What does the system do with secrets — keys, tokens, credentials? Where do they live?" Secrets management

"What happens when this system is under more load than expected?" Resource exhaustion

"What can an unauthenticated user do, even without credentials?" Unauthenticated surface

Gate 4: Human has addressed or explicitly scoped out each category in Gate 4.

5. Close with ownership

"You've walked through [N] threat categories and identified [M] specific risks. For each risk, what's your decision — accept it, mitigate it, or investigate further?"

Do not suggest mitigations. The human must state the disposition for each named threat.

Deviation Protocol

If the human says "just tell me what the vulnerabilities are" or "what patch do I need?":

• Acknowledge: "I can see the pressure to get to fixes — that's the natural instinct."

• Assess: Ask "Which threat feels most urgent to you right now?" — focus the session on that single threat area.

• Guide forward: Run the probing questions for that threat specifically. The goal is for the human to understand and own the threat, not receive a fix to paste in.

Related skills

• skills/core-inversions/code-review-challenger — when a security threat is found in existing code that needs review

• skills/cognitive-forcing/devils-advocate-mode — for sustained adversarial pressure on a security design decision

• skills/core-inversions/architect-interrogator — when security concerns reveal architectural decisions that need re-examination