threat-model:lvms
OfficialMap LVMS PR risks to MITRE and OWASP
Legal & Compliance#pull requests#security review#shellcheck#threat-modeling#lvms#mitre att&ck#owasp mapping
Authoropenshift-eng
Version1.0.0
Installs0
System Documentation
What problem does it solve?
It helps you proactively identify and document security threats introduced by pull requests to the LVMS (LVM Storage) operator, reducing the chance that risky changes ship without review.
Core Features & Use Cases
- PR-focused security threat analysis: Reviews changed files in a target pull request and produces a formal security report.
- Threat mapping and evidence tracking: Maps findings to MITRE ATT&CK and OWASP Top 10:2025, and logs results in a cumulative findings tracker.
- ShellCheck-driven shell risk scanning: Scans shell scripts for security-relevant patterns (command injection, credential exposure, path traversal, etc.) and incorporates those results into the report.
- DFD/STRIDE readiness: Supports enhanced STRIDE/per-element DFD mapping when the LVMS DFD catalog is later populated (currently proceeds without DFD element mapping).
- Use case: For an LVMS PR, generate a security review that ties code changes to ATT&CK techniques and OWASP categories, with actionable notes for reviewers.
Quick Start
Ask the skill to analyze a specific LVMS pull request by sending: /threat-model:lvms 2271
Dependency Matrix
Required Modules
None requiredComponents
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: threat-model:lvms Download link: https://github.com/openshift-eng/edge-tooling/archive/main.zip#threat-model-lvms Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.