Threat Modeling
Software development skill, available on Zeplik
Threat Modeling is a ready-to-run software development skill on Zeplik. Repository-grounded threat modeling — enumerate trust boundaries/assets/attack surfaces, security architecture review, and security ownership mapping (people-to-files). Ask in plain language and Zeplik applies the skill's method for you inside the conversation, on whichever AI model you prefer.
The Threat Modeling skill loads automatically when your request matches it, or you can invoke it directly by typing /threat-modeling-fam in any chat. It works with attachments, connectors, and any model that supports the task, so you get the same expert method every time without setting anything up.
What the Threat Modeling skill can do
- Enumerate trust boundaries, assets, and attack surfaces in a repo
- Map security ownership by correlating git history to files
- Review security architecture against threat modeling methodologies
- Produce mitigation recommendations tied to identified threats
Try these prompts on Zeplik
Pick a prompt to open it in the Zeplik app. If you are not signed in yet, your prompt is waiting for you the moment you do.
How the Threat Modeling skill works
/threat-modeling-fam
Umbrella for threat modeling. The user wants to reason about attacks against a system; establish the scope (a repo, a design) and deliver an enumeration of boundaries, assets, threats, and mitigations. For implementing the fixes route to security-best-practices-fam.
Dispatch table
Pick the reference file(s) that match the request, read them, then answer. Read at most 2-3 files per turn.
| Topic | Read |
|---|---|
| Analyze git repositories to build a security ownership topology (people-to-file), compu… | references/security-ownership-map.md |
| Repository-grounded threat modeling that enumerates trust boundaries, assets, attacker… | references/security-threat-model.md |
| Expert in threat modeling methodologies, security architecture review, and risk assessm… | references/threat-modeling-expert.md |
How to work
- Identify which leaf topic the request maps to from the dispatch table above; establish the concrete inputs (language, dataset, framework, file format) and the goal. Ask for a missing detail rather than guessing.
- Read the matching reference file(s) before answering. Read at most 2-3 per turn.
- Deliver runnable artifacts — code, configs, specs — with a short rationale, matching the user's existing conventions when they paste code.
- Confirm any decision the source flags (versions, thresholds, tradeoffs) with the user instead of guessing.
Usage
/threat-modeling-fam $ARGUMENTS
How to use the Threat Modeling skill
Sign in to Zeplik
Create a free Zeplik account or sign in. New accounts start with free credits, so you can try the Threat Modeling skill right away.
Describe your software development task
Ask in plain language, or type /threat-modeling-fam to invoke the skill directly. Zeplik recognizes the Threat Modeling skill and applies its method.
Review and refine the result
Zeplik returns a clear, structured answer. Ask follow-ups in the same chat to refine it or take the next step.
Source and credit
- Author
- davila7 (D7 umbrella-consolidation)
- License
- MIT
Adapted from the open-source davila7/claude-code-templates project and tuned to run natively on Zeplik. View source on GitHub.
Frequently asked questions
- What is the Threat Modeling skill?
- Threat Modeling is a ready-to-run software development skill on Zeplik. Repository-grounded threat modeling — enumerate trust boundaries/assets/attack surfaces, security architecture review, and security ownership mapping (people-to-files). Ask in plain language and Zeplik applies the skill's method for you inside the conversation, on whichever AI model you prefer.
- How do I use Threat Modeling on Zeplik?
- Sign in to Zeplik and ask in plain language, or type /threat-modeling-fam in any chat to invoke it directly. The skill applies its method and returns a result you can refine in the same conversation.
- Which AI model does the Threat Modeling skill use?
- Any model you choose. Zeplik works across every model in one chat, so the Threat Modeling skill runs on your preferred model for the task.
- Where does the Threat Modeling skill come from?
- The Threat Modeling skill is adapted from the open-source davila7/claude-code-templates project (MIT) and tuned to run natively on Zeplik. The original source is linked on this page.
- How much does the Threat Modeling skill cost?
- Using the skill is free to start. You only spend Zeplik credits when the assistant runs, and new accounts begin with free credits.
Related software development skills
- .NET BackendBuild ASP.NET Core 8+ backends with EF Core: auth, background jobs, production API patterns
- Advanced Git WorkflowsUse for advanced Git surgery: interactive rebase, cherry-pick, bisect, reflog recovery, and history cleanup before merging. Not for parallel worktree workflows (use using-git-worktrees).
- Adversarial Code ReviewHunt for bugs in code the user shares by assuming defects exist and attacking the code through several distinct lenses, then report severity-ranked findings with evidence. Use for "review this", "what could go wrong", "bug hunt", or pre-merge scrutiny of a change. Read-only, it reports problems and does not rewrite the code. Not for style cleanup (use simplify-code) or for writing new code.
- AI Agent FrameworksUse when building multi-agent systems or agent orchestration -- LangChain/LangGraph, agent team design, task coordination, pipelines. Not for authoring a Zeplik skill (use skill-creator).
- Algolia SearchAdd Algolia search: indexing strategies, React InstantSearch, relevance tuning, search-as-you-type
- Android CI/CDAutomate Android CI/CD to Google Play: keystore, GitHub Secrets, multi-stage release workflow for RN, Flutter, native
More on Zeplik
Try Threat Modeling on Zeplik
Every model, one chat. Bring the Threat Modeling skill into your next conversation and let the assistant do the work.