pytm threat model from IaC
OfficialTurn AWS IaC into executable threat models.
Education & Research#threat modeling#infrastructure as code#pytm#aws cdk#json conversion#security evaluation#acse-eval
AuthorAgentic-AI-Risk-Mitigation
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Automatically turning AWS CDK/IaC code into actionable, structured threat models is time-consuming and error-prone, especially when you need consistent outputs for evaluation.
Core Features & Use Cases
- Generates a pytm threat model from IaC: Analyzes CDK constructs and security configuration to build a pytm-based architecture and trust boundaries.
- Produces evaluation-ready output: Executes the generated pytm script to create findings, then converts them into ACSE-Eval JSON for ground-truth comparison.
- Supports iterative research workflows: Enables repeatable threat modeling across applications and model variations by writing a standardized output directory structure.
Quick Start
Use the command to generate threats from an IaC directory: /pytm-threat-model acse-dataset/simple-image-upload-download-website/
Dependency Matrix
Required Modules
pytm
Components
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: pytm threat model from IaC Download link: https://github.com/Agentic-AI-Risk-Mitigation/iac-tm-experiments/archive/main.zip#pytm-threat-model-from-iac Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.