security-threat-modeler
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill provides structured guidance for identifying security threats in software architectures using established industry methodologies like STRIDE and DREAD.
- [NO_CODE]: This skill consists entirely of instructional Markdown and reference documentation; it does not contain any executable scripts, binaries, or configuration files.
- [PROMPT_INJECTION]: No patterns of behavior override or safety filter bypass instructions were found in the skill text.
- [DATA_EXFILTRATION]: The skill does not perform network requests or access sensitive local file system paths.
- [SAFE]: The skill includes a potential surface for indirect prompt injection because it processes external system architecture data. The risk is negligible as the skill lacks executable capabilities. Ingestion points: system-architecture and data-flow-diagram inputs. Boundary markers: Absent. Capability inventory: Limited to text-based report generation. Sanitization: Absent.
Audit Metadata