threat-model:tnf
OfficialCatch TNF security risks before merge.
Software Engineering#owasp#threat modeling#stride#mitre attack#pull request analysis#tnf#dfd mapping
Authoropenshift-eng
Version1.0.0
Installs0
System Documentation
What problem does it solve?
It helps reviewers and security engineers identify and document security threats introduced by a pull request for the TNF (Two-Node Fencing) topology, producing a structured, standards-based threat report instead of relying on ad-hoc reasoning.
Core Features & Use Cases
- PR threat analysis for TNF changes: Scans a PR’s changed files for security-relevant patterns and produces a TNF-specific report.
- STRIDE + DFD element mapping: Maps PR changes to TNF DFD elements and applies per-element STRIDE reasoning tied to the formal TNF threat model.
- MITRE ATT&CK and OWASP cross-references: Links findings to MITRE techniques and OWASP 2025 categories for consistent security communication.
- Evidence accumulation with a findings tracker: Appends results into a cumulative TNF findings file for repeatable review over time.
Quick Start
Run the command: /threat-model:tnf 2136 to analyze PR #2136 for TNF security threats and generate a mapped, structured report.
Dependency Matrix
Required Modules
None requiredComponents
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: threat-model:tnf Download link: https://github.com/openshift-eng/edge-tooling/archive/main.zip#threat-model-tnf Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.