straymark-sec
OfficialGenerate a draft security assessment document
Legal & Compliance#documentation#threat modeling#compliance#code context#security assessment#draft review#owasp asvs
AuthorStrangeDaysTech
Version1.0.0
Installs0
System Documentation
What problem does it solve?
It streamlines creating Security Assessment (SEC) documentation by guiding an analyst through scoping, threat modeling methodology selection, and OWASP ASVS level targeting, then producing a pre-filled draft ready for human review.
Core Features & Use Cases
- Interactive security assessment workflow: Collects component scope, selects a threat modeling methodology (STRIDE/PASTA/LINDDUN/Custom), and chooses the OWASP ASVS verification level.
- Context-informed drafting: Uses repository context (git status/diff and targeted security-relevant pattern scanning) to populate threat model and ASVS compliance sections.
- Draft-first, review-required output: Always generates a document marked as draft with review_required, risk_level high, and a medium confidence signal, saving it into the expected
.straymark/08-security/location.
Quick Start
Invoke /straymark-sec with your component name (for example, /straymark-sec authentication-api) and answer the prompted questions to generate a draft SEC document with populated scope, threats, and ASVS controls.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: straymark-sec Download link: https://github.com/StrangeDaysTech/arborist-cli/archive/main.zip#straymark-sec Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.