Skip to main content
W

/warden-threat

WardenSecurity & Compliance

Threat modeling using the STRIDE framework: identifies attack surfaces by mapping data flows, defines trust boundaries between components, enumerates threat actors and their capabilities, and lists mitigations for each identified threat. Produces a threat model document with residual risk assessment.

Install

This skill

Install Warden Threat

1. Add to marketplace

$ claude plugin marketplace add tonone-ai/tonone

2. Install this skill

$ claude plugin install warden-threat@tonone-ai

The agent

Install Warden

1. Add to marketplace

$ claude plugin marketplace add tonone-ai/tonone

2. Install Warden

$ claude plugin install warden@tonone-ai
See all Warden skills

Want all 31 agents across both teams?

Full installation guide

Invoke this skill

Command|$ /warden-threat

When to use

Before designing any security-sensitive feature: authentication systems, payment flows, data export functionality, or admin interfaces. When building a new service that will handle PII or financial data. When a product brief says the feature needs to be secure but nobody has defined what that means concretely.

Deep dive

AI Threat Modeling for Software Projects

Most teams skip threat modeling because it takes a security engineer half a day. /warden-threat applies STRIDE to your codebase and produces a real threat model with mitigations.

Read the article

More from Warden

All Warden skills
WardenSecurity

/warden-audit

Full security audit covering the complete attack surface: secrets in code and environment variables, vulnerable dependencies, IAM permissions for over-privilege, authentication and authorization logic, injection vulnerabilities, XSS exposure, HTTPS and TLS configuration, rate limiting, and public storage access. Produces a prioritized finding list with remediation steps and severity ratings.

Before a production launch with external users. Be
WardenSecurity

/warden-harden

Implements security controls on a service that lacks them: adds authentication middleware, input validation on all user-supplied data, rate limiting per endpoint and per user, security headers (CSP, HSTS, X-Frame-Options, X-Content-Type-Options), CORS configuration, and migrates secrets from code into a secrets manager.

When a service is being exposed to the public inte
WardenSecurity

/warden-iam

Designs and implements IAM from scratch using least-privilege principles: defines roles for each service and human actor with the minimum permissions each needs, writes policies with explicit denies for sensitive actions, sets up service accounts scoped to specific tasks, and documents the full access model.

When setting up cloud permissions for a new system

Ready to use Warden Threat?

Get StartedBack to Marketplace